Bro: a system for detecting network intruders in real-time
Computer Networks: The International Journal of Computer and Telecommunications Networking
IEEE Computational Science & Engineering
Computing the optimal strategy to commit to
EC '06 Proceedings of the 7th ACM conference on Electronic commerce
Optimal approximation for the submodular welfare problem in the value oracle model
STOC '08 Proceedings of the fortieth annual ACM symposium on Theory of computing
Game theoretic models for detecting network intrusions
Computer Communications
Playing games for security: an efficient exact algorithm for solving Bayesian Stackelberg games
Proceedings of the 7th international joint conference on Autonomous agents and multiagent systems - Volume 2
Near-optimal observation selection using submodular functions
AAAI'07 Proceedings of the 22nd national conference on Artificial intelligence - Volume 2
A game theoretical framework on intrusion detection in heterogeneous networks
IEEE Transactions on Information Forensics and Security
Multi-step multi-sensor hider-seeker games
IJCAI'09 Proceedings of the 21st international jont conference on Artifical intelligence
Network Security: A Decision and Game-Theoretic Approach
Network Security: A Decision and Game-Theoretic Approach
GUARDS: game theoretic security allocation on a national scale
The 10th International Conference on Autonomous Agents and Multiagent Systems - Volume 1
A double oracle algorithm for zero-sum security games on graphs
The 10th International Conference on Autonomous Agents and Multiagent Systems - Volume 1
Security games with multiple attacker resources
IJCAI'11 Proceedings of the Twenty-Second international joint conference on Artificial Intelligence - Volume Volume One
Randomized sensing in adversarial environments
IJCAI'11 Proceedings of the Twenty-Second international joint conference on Artificial Intelligence - Volume Volume Three
Game theory for security: an important challenge for multiagent systems
EUMAS'11 Proceedings of the 9th European conference on Multi-Agent Systems
Security scheduling for real-world networks
Proceedings of the 2013 international conference on Autonomous agents and multi-agent systems
Hi-index | 0.00 |
We study the problem of optimal resource allocation for packet selection and inspection to detect potential threats in large computer networks with multiple computers of differing importance. An attacker tries to harm these targets by sending malicious packets from multiple entry points of the network; the defender thus needs to optimally allocate her resources to maximize the probability of malicious packet detection under network latency constraints. We formulate the problem as a graph-based security game with multiple resources of heterogeneous capabilities and propose a mathematical program for finding optimal solutions. We also propose Grande, a novel polynomial time algorithm that uses an approximated utility function to circumvent the limited scalability caused by the attacker's large strategy space and the non-linearity of the aforementioned mathematical program. Grande computes solutions with bounded error and scales up to problems of realistic sizes.