Incentive-based modeling and inference of attacker intent, objectives, and strategies

ACM Transactions on Information and System Security

Volumn 8, Issue 1, 2005, Pages 78-118

  Liu, Peng ^a   Zang, Wanyu ^a   Yu, Meng ^b  

^a PENNSYLVANIA STATE UNIVERSITY   (United States)

^b MONMOUTH UNIVERSITY   (United States)

Author keywords

Attack strategy inference; Attacker intent and strategy modeling; Game theory

Indexed keywords

ATTACK STRATEGY INFERENCE; ATTACKER INTENT AND STRATEGY MODELING; CYBER DEFENSE; REAL-WORLD ATTACK;

CRYPTOGRAPHY; MATHEMATICAL MODELS; PROBABILITY; RANDOM PROCESSES; RISK ASSESSMENT; SECURITY OF DATA;

GAME THEORY;

EID: 16644384919     PISSN: 10949224     EISSN: None     Source Type: Journal    
DOI: 10.1145/1053283.1053288     Document Type: Article

References (33)

1. BROWNE, H., ARBAUGH, W. A., McHUGH, J., AND FITHEN, W. L. 2001. A trend analysis of exploitations. In Proceedings of the 2001 IEEE Symposium on Security and Privacy. 214-229.
2. BROWNE, R. 2000. C4i defensive infrastructure for survivability against multi-mode attacks. In Proceedings of 21st Century Military Communication- Architectures and Technologies for Information Superiority.
3. BURKE, D. 1999. Towards a Game Theory Model of Information Warfare. Tech. rep., Air force Institute of Technology. Master's Thesis.
4. CLARKE, E. H. 1971. Multipart pricing of public goods. Public Choice 11, 17-33.
5. CONITZER, V. AND SANDHOLM, T. 2002. Complexity Results About Nash Equilibria. Tech. rep., Carnegie Mellon University. CMU-CS-02-135.
6. CUPPENS, F. AND MIEGE, A. 2002. Alert correlation in a cooperative intrusion detection framework. In Proceedings of the 2002 IEEE Symposium on Security and Privacy.
7. DEBAR, H. AND WESPI, A. 2001. Aggregation and correlation of intrusion detection alerts. In Proceedings of the 2001 International Symposium on Recent Advances in Intrusion Detection. 85-103.
8. FEIGENBAUM, J., PAPADIMITRIOU, C., SAMI, R., AND SHENKER, S. 2002. A BGP-based mechanism for lowest-cost routing. In Proceedings of the 2002 ACM Symposium on Principles of Distributed Computing.
9. GORDON, L. A. AND LOEB, M. P. 2001. Using information security as a response to competitor analysis systems. Commun. ACM 9, 44.
10. GROVES, T. 1973. Incentives in teams. Econometrica 41, 617-663.
11. HESPANHA, J. P. AND BOHACEK, S. 2001. Preliminary results in routing games. In Proceedings of the 2001 American Control Conference.
12. IOANNIDIS, J. AND BELLOVIN, S. M. 2002. Implementing pushback: Router-based defense against ddos attacks. In Proceedings of the 2002 Annual Network and Distributed System Security Symposium.
13. KOLLER, D. AND MILCH, B. 2001, Multi-agent influence diagrams for representing and solving games. In Proceedings of the 2001 International Joint Conference on Artificial Intelligence.
14. LANDWEHR, C. E., BULL, A. R., MCDERMOTT, J. P., AND CHOI, W. S. 1994. A taxonomy of computer program security flaws. ACM Comput. Surv. 26, 3.
15. Liu, P., JAJODIA, S., AND MCCOLLUM, C. D. 2000. Intrusion confinement by isolation in information systems. J. Comput. Security 8, 4, 243-279.
16. LUNT, T. F. 1993. A survey of intrusion detection techniques. Computers & Security 4, 12 (June), 405-418.
17. LYE, K. AND WING, J. M. 2002. Game strategies in network security. In Proceedings of the 2002 IEEE Computer Security Foundations Workshop.
18. MALKHI, D. AND REITER, M. K 2000, Secure execution of java applets using a remote playground. IEEE Trans. Software Eng. 26, 12.
19. MAS-COLELL, A., WHINSTON, M. D., AND GREEN, J. R. 1995. Microeconomic Theory. Oxford University Press, Oxford, UK.
20. McHUGH, J. 2001. Intrusion and intrusion detection. Int. J. Inf. Security 1, 14-35.
21. MEDINA, A., LAKHINA, A., MATTA, I., AND BYERS, J. 2001. An approach to universal topology generation. In Proceedings of the International Workshop on Modeling, Analysis and Simulation of Computer and Telecommunications Systems.
22. MESTERTON-GIBBONS, M. 1992. An Introduction to Game-Theoretic Modeling. Addison-Wesley Publishing, Reading, MA.
23. MUKHERJEE, B., HEBERLEIN, L. T., AND LEVITT, K. N. 1994. Network intrusion detection. IEEE Network, 26-41.
24. NASH, J. 1950. Equilibrium points in n-person games. In Proceedings of the National Academy of Sciences. 48-49.
25. NING, P., CUI, Y., AND REEVES, D. S. 2002. Constructing attack scenarios through correlation of intrusion alerts. In Proceedings of the 2002 ACM Conference on Computer and Communications Security.
26. NISAN, N. AND RONAN, A. 2001. Algorithmic mechanism design. Games and Economic Behavior 35. NS2. The network simulator, http://www.isi.edu/nsnam/ns/.
27. SYVERSON, P. F. 1997. A different look at secure distributed computation. In Proceedings of the 1997 IEEE Computer Security Foundations Workshop.
28. THUSIJSMAN, F. 1992. Optimality and Equilibria in Stochastic Games. Centrum voor Wiskunde en Informatica, Amsterdam.
29. VICKREY, W. 1961. Counterspeculation, auctions, and competitive sealed tenders. J. Finance 16, 8-37.
30. WANG, X. AND REITER, M. 2003. Defending against denial-of-service attacks with puzzle auctions. In Proceedings of the 2003 IEEE Symposium on Security and Privacy.
31. WELLMAN, M. P. AND WALSH, W. E. 2001. Auction protocols for decentralized scheduling. Games and Economic Behavior 35.
32. XU, J. AND LEE, W. 2003. Sustaining availability of web services under distributed denial of service attacks. IEEE Trans. Comput. 52, 4 (Feb.), 195-208.
33. ZOU, C., GONG, W., AND TOWSLEY, D. 2002. Code red worm propagation modeling and analysis. In Proceedings of the 2002 ACM Conference on Computer and Communications Security.