Game-theoretic resource allocation for malicious packet detection in computer networks
作者: Branislav Bošanský , Ondřej Vaněk , Zhengyu Yin , Milind Tambe , Manish Jain
关键词:
摘要: We study the problem of optimal resource allocation for packet selection and inspection to detect potential threats in large computer networks with multiple computers differing importance. An attacker tries harm these targets by sending malicious packets from entry points network; defender thus needs optimally allocate her resources maximize probability detection under network latency constraints.We formulate as a graph-based security game heterogeneous capabilities propose mathematical program finding solutions. also Grande, novel polynomial time algorithm that uses an approximated utility function circumvent limited scalability caused attacker's strategy space non-linearity aforementioned program. Grande computes solutions bounded error scales up problems realistic sizes.
acm.org
sci-hub.st 参考文章(21)
Vincent Conitzer, Michal Pěchouček, Dmytro Korzhyk, Ondřej Vaněk, Milind Tambe, Manish Jain, A double oracle algorithm for zero-sum security games on graphs adaptive agents and multi-agents systems. pp. 327- 334 ,(2011) , 10.5555/2030470.2030518
G.L. Nemhauser, L.A. Wolsey, Maximizing Submodular Set Functions: Formulations and Analysis of Algorithms North-Holland Mathematics Studies. ,vol. 59, pp. 279- 301 ,(1981) , 10.1016/S0304-0208(08)73471-6
Vincent Conitzer, Dmytro Korzhyk, Ronald Parr, Security games with multiple attacker resources international joint conference on artificial intelligence. pp. 273- 279 ,(2011) , 10.5591/978-1-57735-516-8/IJCAI11-056
Vincent Conitzer, Erik Halvorson, Ronald Parr, Multi-step multi-sensor hider-seeker games international joint conference on artificial intelligence. pp. 159- 166 ,(2009)
Shaddin Dughmi, Submodular Functions: Extensions, Distributions, and Algorithms A Survey arXiv: Data Structures and Algorithms. ,(2009)
Vern Paxson, Bro: a system for detecting network intruders in real-time Computer Networks. ,vol. 31, pp. 2435- 2463 ,(1999) , 10.1016/S1389-1286(99)00112-7
Carlos Guestrin, Andreas Krause, Near-optimal observation selection using submodular functions national conference on artificial intelligence. pp. 1650- 1654 ,(2007)
Tansu Alpcan, Tamer Basar, Network Security Network Security: A Decision and Game-Theoretic Approach 1st. ,vol. 9780521119320, pp. 332- 332 ,(2010) , 10.1017/CBO9780511760778
Vincent Conitzer, Tuomas Sandholm, Computing the optimal strategy to commit to Proceedings of the 7th ACM conference on Electronic commerce - EC '06. pp. 82- 90 ,(2006) , 10.1145/1134707.1134717
Jan Vondrak, Optimal approximation for the submodular welfare problem in the value oracle model Proceedings of the fourtieth annual ACM symposium on Theory of computing - STOC 08. pp. 67- 74 ,(2008) , 10.1145/1374376.1374389