Autonomic defense: thwarting automated attacks via real-time feedback control

Authors:
Derek Armstrong;Sam Carter;Gregory Frazier;Tiffany Frazier
Affiliations:
ALPHATECH Inc., Suite 500, 3811 N. Fairfax Drive, Arlington, Virginia;ALPHATECH Inc., Suite 500, 3811 N. Fairfax Drive, Arlington, Virginia;ALPHATECH Inc., Suite 500, 3811 N. Fairfax Drive, Arlington, Virginia;ALPHATECH Inc., Suite 500, 3811 N. Fairfax Drive, Arlington, Virginia
Venue:
Complexity - Special issue: Resilient and adaptive defense of computing networks
Year:
2003

Citing 3
Cited 3

The base-rate fallacy and its implications for the difficulty of intrusion detection

CCS '99 Proceedings of the 6th ACM conference on Computer and communications security
A process control approach to cyber attack detection

Communications of the ACM
How to Own the Internet in Your Spare Time

Proceedings of the 11th USENIX Security Symposium

Information Assurance: Dependability and Security in Networked Systems

Information Assurance: Dependability and Security in Networked Systems
Network Security: Know It All: Know It All

Network Security: Know It All: Know It All
Information security strategies: towards an organizational multi-strategy perspective

Journal of Intelligent Manufacturing

Quantified Score

Hi-index	0.00

Visualization

Abstract

A critical threat to organizations, and the Internet itself, is a class of automated network attacks referred to as Internet worms. This article examines the use of mathematical models and optimization algorithms--specifically a partially-observable Markov decision process (PO-MDP) based feedback control system--as the basis for implementing an autonomic defense system (ADS) that can protect organizations against Internet worms. The PO-MDP ADS introduced in this article is capable of detecting and responding to worms in real time. Furthermore, the PO-MDP ADS can ameliorate the rate of incorrect control decisions that would normally occur in the presence of sensor false alarms.