Autonomic-computing approach to secure knowledge management: A game-theoretic analysis

IEEE Transactions on Systems, Man, and Cybernetics Part A:Systems and Humans

Volumn 36, Issue 3, 2006, Pages 487-497

  Arora, Hina ^a   Mishra, Birendra K ^b   Raghu, T S ^a  

^a ARIZONA STATE UNIVERSITY   (United States)

^b UNIVERSITY OF CALIFORNIA   (United States)

Author keywords

Autonomic computing; Game theory; Intrusion detection; Secure knowledge management

Indexed keywords

COGNITIVE SYSTEMS; GAME THEORY; INFORMATION TECHNOLOGY; MATHEMATICAL MODELS; SECURITY OF DATA;

AUTONOMIC COMPUTING; INTRUSION DETECTION; SECURE KNOWLEDGE MANAGEMENT;

KNOWLEDGE ENGINEERING;

EID: 33646896924     PISSN: 10834427     EISSN: None     Source Type: Journal    
DOI: 10.1109/TSMCA.2006.871724     Document Type: Article

References (42)

1. R. DelZoppo, E. Browns, M. Downey, E. D. Liddy, S. Symonenko, and J. S. Park et al., "A multi-disciplinary approach to countering insider threats," in Proc. Secure Knowledge Management Workshop, Buffalo, NY, Sep. 2004, pp. 221-226.
2. S. Upadhyaya, H. R. Rao, and G. Padmanabhan, "Secure knowledge management," in Encyclopedia of Knowledge Management, D. Swartz, Ed. Hershey, PA: Iden Group, 2005, pp. 795-801.
3. S. G. Winter. (2001, Nov.). "Framing the issues: Knowledge asset strategies," in Mack Center Technological Innovation - Impact Conf. - Managing Knowledge Assets. [Online]. Available: http://emertech.wharton.upenn.edu/ConfRpts_Folder/ WhartonKnowledgeAssets_Report.pdf
4. M. Alavi and D. E. Leidner, "Review: Knowledge management and knowledge management systems: Conceptual foundations and research issues," MIS Q., vol. 25, no. 1, pp. 107-136, Mar. 2001.
5. L. Fahey and L. Prusak, "The eleven deadliest sins of knowledge management," Calif. Manage. Rev., vol. 40, no. 3, pp. 265-276, 1998.
6. J. S. Brown and P. Duguid, "Balancing act: How to capture knowledge without killing it," Harvard Bus. Rev., vol. 78, no. 3, pp. 73-80, May/Jun. 2000.
7. J. Kephart and D. Chess, "The vision of autonomic computing," Computer, vol. 36, no. 1, pp. 41-50, Jan. 2003.
8. P. MacInnis, "Autonomic computing blueprint unveiled," Comput. Canada, vol. 29, no. 8, p. 4, 2003.
9. J. Teresko, "Autonomic computing: The next e-business step," Ind. Week, vol. 252, no. 1, p. 19, 2003.
10. H. Tianfield and R. Unland, "Towards autonomic computing systems," Eng. Appl. Artif. Intell., vol. 17, no. 7, pp. 689-699, 2004.
11. D. F. Bantz, C. Bisdikian, D. Challener, J. P. Karidis, S. Mastrianni, A. Mohindra et al. "Autonomic personal computing," IBM Syst. J., vol. 42, no. 1, pp. 165-176, 2003.
12. S. R. White, J. E. Hanson, I. Whalley, D. M. Chess, and J. O. Kephart, "An architectural approach to autonomic computing," in Proc. IEEE Int. Conf. Autonomic Computing, 2004, pp. 2-9.
13. J. O. Kephart and W. E. Walsh, "An artificial intelligence perspective on autonomic computing policies," in Proc. 5th IEEE Int. Workshop Policies Distributed Systems and Networks, 2004, pp. 3-12.
14. L. Stojanovic, J. Schneider, A. Maedche, S. Libischer, R. Studer, T. Lumpp et al., "The role of ontologies in autonomic computing systems," IBM Syst. J., vol. 43, no. 3, pp. 598-617, 2004.
15. D. M. Chess, C. C. Palmer, and S. R. White, "Security in an autonomic computing environment," IBM Syst. J., vol. 42, no. 1, pp. 107-118, 2003.
16. J. Branch, A. Bivens, C. Y. Chan, T. K. Lee, and B. Szymanski, "Denial of service intrusion detection using time dependent deterministic finite automata," in Proc. Research Conf., Troy, NY, Oct. 2002, pp. 45-51.
17. J. P. Anderson, "Computer security threat and monitoring surveillance," James P. Anderson Co., FortWashington, PA, Tech. Rep. 79F26400, 1980.
18. S. Axelsson, "The base-rate fallacy and the difficulty of intrusion detection," ACM Trans. Inf. Syst. Secur., vol. 3, no. 3, pp. 186-205, Aug. 2000.
19. I. Balepin, S. Maltsev, J. Rowe, and K. Levitt, "Using specification-based intrusion detection for automated response," in Proc. 6th Int. Symp. RAID, Pittsburgh, PA, Sep. 8-10, 2003, pp. 136-154.
20. W. Lee, W. Fan, M. Miller, S. Stolfo, and E. Zadok, "Toward cost-sensitive modeling for intrusion detection and response," J. Comput. Secur., vol. 10, no. 1, pp. 5-22, 2002.
21. R. Bace, Intrusion Detection. Indianapolis, IN: Macmillan, 2000.
22. L. R. Halme and R. K. Bauer. (2004). A Taxonomy of Anti-Intrusion Techniques. [Online]. Available: http://www.sans.org/resources/idfaq/ aint.php
23. A. Somayaji and S. Forrest, "Automated response using system call delays," in Proc. 9th USENIX Security Symp., Aug. 14-17, 2000, pp. 185-198.
24. L. A. Gordon and M. P. Loeb, "The economics of information security investment," ACM Trans. Inf. Syst. Secur., vol. 5, no. 4, pp. 438-457, Nov. 2002.
25. H. Cavusoglu, B. K. Mishra, and S. Raghunathan, "A model for evaluating IT security systems," Commun. ACM, vol. 47, no. 7, pp. 87-92, Jul. 2004.
26. H. Cavusoglu, B. K. Mishra, and S. Raghunathan, "The value of intrusion detection systems in information technology security architectures," Inf. Syst. Res., vol. 16, no. 1, pp. 28-46, Mar. 2005.
27. P. Liu and W. Zang, "Incentive-based modeling and inference of attacker intent, objectives, and strategies," in Proc. 10th ACM Conf. Computer Communications Security, 2003, pp. 179-189.
28. M. Kodialam and T. V. Lakshman. (2003). "Detecting network intrusions via sampling: A game theoretic approach," in Proc. IEEE INFOCOM. [Online]. Available: www.ieee-infocom.org/2003/papers/46_02.PDF
29. A. Akella, S. Seshan, R. Karp, and S. Shenker, "Selfish behavior and stability of the Internet: A game-theoretic analysis of TCP," in Proc. ACM SIGCOMM, Pittsburgh, PA, Aug. 2002, pp. 117-130.
30. S. Shenker, "Making greed work in networks: A game-theoretic analysis of switch service disciplines," IEEE/ACM Trans. Netw., vol. 3, no. 6, pp. 819-831, Dec. 1995.
31. H. V. Trees, Detection, Estimation and Modulation Theory - Part I. Hoboken, NJ: Wiley, 2001.
32. R. Durst, T. Champion, B. Witten, E. Miller, and L. Spagnuolo, "Testing and evaluating computer intrusion detection systems," Commun. ACM, vol. 42, no. 7, pp. 53-61, Jul. 1999.
33. R. P. Lippmann, D. J. Fried, I. Graf, J. W. Haines, K. R. Kendall, D. McClung et al., "Evaluating intrusion detection systems: The 1998 DARPA off-line intrusion detection evaluation," in Proc. DISCEX, 2000, vol. 2, pp. 12-26.
34. S. Zhong, T. M. Khoshgoftaar, and N. Seliya, "Evaluating clustering techniques for network intrusion detection," in Proc. 10th ISSAT Int. Conf. Reliability Quality Design, Las Vegas, NV, Aug. 2004, pp. 149-155.
35. K. Wang and S. Stolfo, "Anomalous payload-based network intrusion detection," in Proc. RAID, Sep. 2004, pp. 203-222.
36. N. Einwechter. (2002, Mar.). Preventing and Detecting Insider Attacks Using IDS. [Online]. Available: http://www.securityfocus.com/infocus/1558
37. S. Weissenberger, "Deterrence and the design of treaty verification systems," IEEE Trans. Syst., Man, Cybern., vol. 22, no. 5, pp. 903-915, Sep./Oct. 1992.
38. J. C. Fellingham and P. Newman, "Strategic considerations in auditing," Account. Rev., vol. 60, no. 4, pp. 634-650, Oct. 1985.
39. B. Mishra, T. S. Raghu, and A. Prasad, "Corporate software piracy prevention and detection: An analysis of strategies," J. Organ. Comput. Electron. Commer., vol. 15, no. 3, pp. 223-252, 2005.
40. J. McHugh, A. C. Christie, and J. Allen, "Defending yourself: The role of intrusion detection systems," IEEE Softw., vol. 17, no. 5, pp. 42-51, Sep./Oct. 2000.
41. B. Shao, "Optimal redundancy allocation for information technology disaster recovery in the network economy," IEEE Trans. Dependable Secure Comput., vol. 2, no. 3, pp. 262-267, Jul./Sep. 2005.
42. S. Upadhyaya, R. Chinchani, and K. Kwiat, "An analytical framework for reasoning about intrusions," in Proc. IEEE Symp. Reliable Distributed Systems, New Orleans, LA, Oct. 2001, pp. 99-108.