IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Proceedings of the tenth ACM SIGKDD international conference on Knowledge discovery and data mining
Can machine learning be secure?
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Algorithmic Game Theory
Multi-Level Intrusion Detection System (ML-IDS)
ICAC '08 Proceedings of the 2008 International Conference on Autonomic Computing
Open problems in the security of learning
Proceedings of the 1st ACM workshop on Workshop on AISec
Adaptive Multiagent System for Network Traffic Monitoring
IEEE Intelligent Systems
A game theoretical framework on intrusion detection in heterogeneous networks
IEEE Transactions on Information Forensics and Security
Runtime Monitoring and Dynamic Reconfiguration for Intrusion Detection Systems
RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection
Self Adaptive High Interaction Honeypots Driven by Game Theory
SSS '09 Proceedings of the 11th International Symposium on Stabilization, Safety, and Security of Distributed Systems
A Survey of Game Theory as Applied to Network Security
HICSS '10 Proceedings of the 2010 43rd Hawaii International Conference on System Sciences
Why feedback implementations fail: the importance of systematic testing
Proceedings of the Fifth International Workshop on Feedback Control Implementation and Design in Computing Systems and Networks
SP 800-94. Guide to Intrusion Detection and Prevention Systems (IDPS)
SP 800-94. Guide to Intrusion Detection and Prevention Systems (IDPS)
Hi-index | 0.00 |
We present an empirical study of distributed adaptation in an Intrusion Detection System. The adaptation model is based on a game-theoretical approach and we use regret minimization techniques to find globally robust behavior. We compare the effectiveness of global optimization, when all system components adopt the globally optimized strategy in a synchronized manner, with a fully distributed approach when two layers in the system adapt their strategies as a result of local adaptation process, with no synchronization or signaling. We show that the use of regret minimization techniques results in stable and long-term optimized behavior in both cases. Our experiments were performed on CAMNEP, an intrusion detection system based on analysis of Net Flow data, and were performed on the university network over one month.