Knapsack problems: algorithms and computer implementations
Knapsack problems: algorithms and computer implementations
Automated Generation and Analysis of Attack Graphs
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
Evaluation of Intrusion Detectors: A Decision Theory Approach
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Snort - Lightweight Intrusion Detection for Networks
LISA '99 Proceedings of the 13th USENIX conference on System administration
ADEPTS: Adaptive Intrusion Response Using Attack Graphs in an E-Commerce Environment
DSN '05 Proceedings of the 2005 International Conference on Dependable Systems and Networks
Minimum-cost network hardening using attack graphs
Computer Communications
Topological analysis of network attack vulnerability
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Bro: a system for detecting network intruders in real-time
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Gnort: High Performance Network Intrusion Detection Using Graphics Processors
RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection
Predicting the Resource Consumption of Network Intrusion Detection Systems
RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection
High-Speed Matching of Vulnerability Signatures
RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection
Optimal IDS Sensor Placement and Alert Prioritization Using Attack Graphs
Journal of Network and Systems Management
RAID'06 Proceedings of the 9th international conference on Recent Advances in Intrusion Detection
WIND: workload-aware INtrusion detection
RAID'06 Proceedings of the 9th international conference on Recent Advances in Intrusion Detection
A dynamic game-theoretic approach to resilient control system design for cascading failures
Proceedings of the 1st international conference on High Confidence Networked Systems
Game theory meets network security and privacy
ACM Computing Surveys (CSUR)
| Hi-index | 0.00 |
Intrusion Detection Systems (IDSs) are becoming essential to protecting modern information infrastructures. The effectiveness of an IDS is directly related to the computational resources at its disposal. However, it is difficult to guarantee especially with an increasing demand of network capacity and rapid proliferation of attacks. On the other hand, modern intrusions often come as sequences of attacks to reach some predefined goals. It is therefore critical to identify the best default IDS configuration to attain the highest possible overall protection within a given resource budget. This paper proposes a game theory based solution to the problem of optimal signature-based IDS configuration under resource constraints. We apply the concepts of indices of power, namely, Shapley value and Banzhaf-Coleman index, from cooperative game theory to quantify the influence or contribution of libraries in an IDS with respect to given attack graphs. Such valuations take into consideration the knowledge on common attack graphs and experienced system attacks and are used to configure an IDS optimally at its default state by solving a knapsack optimization problem.