Página 1 dos resultados de 35 itens digitais encontrados em 0.010 segundos

Avaliação de ambientes servidores para agentes móveis.; Evaluation of mobile agents server environments.

Pereira Filho, Stenio Firmino
Fonte: Biblioteca Digitais de Teses e Dissertações da USP Publicador: Biblioteca Digitais de Teses e Dissertações da USP
Tipo: Dissertação de Mestrado Formato: application/pdf
Publicado em 01/06/2001 Português
Relevância na Pesquisa
35.7%
Agentes móveis são programas que podem ser disparados de um computador (cliente) e transmitidos através de uma rede de comunicação para uma outra maquina (servidor) com o objetivo de executar tarefas a eles designadas. Esta dissertação apresenta uma avaliação de plataformas de desenvolvimento e servidores para agentes móveis. A tecnologia de agentes móveis tem sido alvo de grandes pesquisas, inclusive nos setores de Segurança da Informação e Comércio Eletrônico. Foram executados testes e com as informações foi feita uma análise comparativa, levando-se em consideração questões como características de desempenho dos agentes, desempenho e segurança. Para efetuar os testes foram necessários o entendimento do funcionamento do servidor e o desenvolvimento de seus agentes. Os testes de desempenho serviram para definir quais agentes são mais ágeis e quais são os gastos de processamento dos servidores. Já o teste de segurança teve a finalidade de classificar os servidores quanto à segurança. Os resultados obtidos serviram para indicar qual a melhor plataforma a ser utilizada no desenvolvimento do Sistema de Detecção de Intrusão (SDI) do ICMC. As plataformas que obtiveram destaques nos testes foram o ASDK 1.1 e Grasshopper. A plataforma escolhida para o SDI foi o ASDK 1.1.; Mobile agents are programs able to migrate from a client computer to a server computer through communication networks. There are several mobile agent technologis application...

Desenvolvimento de uma metodologia baseada em redes neurais artificiais para a identificação de anomalias em redes de comunicação Profinet; Development of a methodology based on artificial neural networks to identify abnormalities in Profinet communication networks

Turcato, Afonso Celso
Fonte: Biblioteca Digitais de Teses e Dissertações da USP Publicador: Biblioteca Digitais de Teses e Dissertações da USP
Tipo: Dissertação de Mestrado Formato: application/pdf
Publicado em 25/06/2015 Português
Relevância na Pesquisa
85.86%
Este trabalho propôs o desenvolvimento e a avaliação de uma metodologia com o propósito de identificar anomalias em redes de comunicação Profinet, muito utilizadas na automação de plantas industriais. A metodologia desenvolvida está fundamentada na análise das características de comunicação do protocolo Profinet e na identificação e classificação de padrões, sendo esta, uma das principais aplicações do uso de Redes Neurais Artificiais (RNA). As anomalias são identificadas por meio da análise do tráfego de rede Profinet em sua fase de operação. Tais anomalias podem ser desde defeitos comuns apresentados pelos equipamentos da rede e/ou tentativas de ataques a esta, que por sua vez, podem gerar instabilidade e mau funcionamento da unidade industrial que fazem parte. Para o desenvolvimento deste trabalho foram apresentados: o detalhamento do protocolo Profinet, os mecanismos de segurança mais utilizados atualmente, os tipos de sistemas de detecção de anomalias existentes e os principais tipos de ataques em redes de comunicação conhecidos na literatura. Alguns ensaios para a validação da metodologia foram realizados, utilizando-se uma infraestrutura de rede instalada em laboratório. Ensaios com diferentes tipos de equipamentos interligados em rede foram realizados e os resultados apresentados. Como resultado final...

Intrusion tolerant routing with data consensus in wireless sensor networks

Almeida, João Carlos Andrade de
Fonte: Faculdade de Ciências e Tecnologia Publicador: Faculdade de Ciências e Tecnologia
Tipo: Dissertação de Mestrado
Publicado em //2013 Português
Relevância na Pesquisa
35.95%
Dissertação para obtenção do Grau de Mestre em Engenharia Informática; Wireless sensor networks (WSNs) are rapidly emerging and growing as an important new area in computing and wireless networking research. Applications of WSNs are numerous, growing, and ranging from small-scale indoor deployment scenarios in homes and buildings to large scale outdoor deployment settings in natural, industrial, military and embedded environments. In a WSN, the sensor nodes collect data to monitor physical conditions or to measure and pre-process physical phenomena, and forward that data to special computing nodes called Syncnodes or Base Stations (BSs). These nodes are eventually interconnected, as gateways, to other processing systems running applications. In large-scale settings, WSNs operate with a large number of sensors – from hundreds to thousands of sensor nodes – organised as ad-hoc multi-hop or mesh networks, working without human supervision. Sensor nodes are very limited in computation, storage, communication and energy resources. These limitations impose particular challenges in designing large scale reliable and secure WSN services and applications. However, as sensors are very limited in their resources they tend to be very cheap. Resilient solutions based on a large number of nodes with replicated capabilities...

Intrusion-Aware Alert Validation Algorithm for Cooperative Distributed Intrusion Detection Schemes of Wireless Sensor Networks

Shaikh, Riaz Ahmed; Jameel, Hassan; d’Auriol, Brian J.; Lee, Heejo; Lee, Sungyoung; Song, Young-Jae
Fonte: Molecular Diversity Preservation International (MDPI) Publicador: Molecular Diversity Preservation International (MDPI)
Tipo: Artigo de Revista Científica
Publicado em 28/07/2009 Português
Relevância na Pesquisa
25.95%
Existing anomaly and intrusion detection schemes of wireless sensor networks have mainly focused on the detection of intrusions. Once the intrusion is detected, an alerts or claims will be generated. However, any unidentified malicious nodes in the network could send faulty anomaly and intrusion claims about the legitimate nodes to the other nodes. Verifying the validity of such claims is a critical and challenging issue that is not considered in the existing cooperative-based distributed anomaly and intrusion detection schemes of wireless sensor networks. In this paper, we propose a validation algorithm that addresses this problem. This algorithm utilizes the concept of intrusion-aware reliability that helps to provide adequate reliability at a modest communication cost. In this paper, we also provide a security resiliency analysis of the proposed intrusion-aware alert validation algorithm.

Subsurface Event Detection and Classification Using Wireless Signal Networks

Yoon, Suk-Un; Ghazanfari, Ehsan; Cheng, Liang; Pamukcu, Sibel; Suleiman, Muhannad T.
Fonte: Molecular Diversity Preservation International (MDPI) Publicador: Molecular Diversity Preservation International (MDPI)
Tipo: Artigo de Revista Científica
Publicado em 05/11/2012 Português
Relevância na Pesquisa
25.81%
Subsurface environment sensing and monitoring applications such as detection of water intrusion or a landslide, which could significantly change the physical properties of the host soil, can be accomplished using a novel concept, Wireless Signal Networks (WSiNs). The wireless signal networks take advantage of the variations of radio signal strength on the distributed underground sensor nodes of WSiNs to monitor and characterize the sensed area. To characterize subsurface environments for event detection and classification, this paper provides a detailed list and experimental data of soil properties on how radio propagation is affected by soil properties in subsurface communication environments. Experiments demonstrated that calibrated wireless signal strength variations can be used as indicators to sense changes in the subsurface environment. The concept of WSiNs for the subsurface event detection is evaluated with applications such as detection of water intrusion, relative density change, and relative motion using actual underground sensor nodes. To classify geo-events using the measured signal strength as a main indicator of geo-events, we propose a window-based minimum distance classifier based on Bayesian decision theory. The window-based classifier for wireless signal networks has two steps: event detection and event classification. With the event detection...

Efficient data transport in wireless sensor networks.

Zhang, Haibo
Fonte: Universidade de Adelaide Publicador: Universidade de Adelaide
Tipo: Tese de Doutorado
Publicado em //2009 Português
Relevância na Pesquisa
35.75%
Providing efficient data transport is one of the uppermost objectives in the design of wireless sensor networks (WSNs) since the primary role for each sensor is to report the sensed data to the data sink(s). This thesis focuses on designing efficient data transport schemes for WSNs in the dimensions of energy consumption and time respectively. The developed schemes can be directly applied in a number of applications such as intrusion detection, target tracking, environment monitoring, etc., and can be further extended to underwater acoustic sensor networks and unmanned aerial vehicles (UAVs) networks. With the development of WSN technologies, new challenging research problems such as real-time streaming data gathering and intelligent data communication are emerging. This thesis provides useful foundation for designing next-generation data transport schemes for WSNs. Energy is the most important resource in WSNs because sensor nodes are commonly powered by small batteries, and energy is directly related to the lifetime of nodes and the network. In this thesis, energy-efficient data transport schemes are designed for two major types of WSNs: event-driven sensor networks and time-driven sensor networks. A novel on-line routing scheme called EBGR (Energy-efficient Beaconless Geographic Routing) is designed for event-driven sensor networks characterized by dynamic network topology. The main advantage of EBGR is that it can provide energy-efficient sensor-to-sink routing without any prior neighborhood knowledge. Moreover...

Traffic profiling of wireless sensor networks

Kirykos, Georgios
Fonte: Monterey, California. Naval Postgraduate School Publicador: Monterey, California. Naval Postgraduate School
Tipo: Tese de Doutorado
Português
Relevância na Pesquisa
35.72%
Network security is vital in wireless networks that are widely used today. We desire wireless networks that maintain a high degree of confidentiality, integrity, and availability. Wireless sensor networks pose unique challenges and limitations to the traditional schemes, which are used in the other wireless networks for security protection, and are due mainly to the increased vulnerability of physical attacks, energy and communication limitations. This thesis introduces the foundations of a network and anomaly-based Intrusion Detection System (IDS) tool, including both hardware and software components, that can be used for traffic profiling and monitoring of a wireless sensor network. The work demostrates how the IDS should capture and store traffic and use this information to create traffic profiles and baselines for normal traffic behavior. Then it describes how these baselines can be used to generate alerts based on traffic variations that imply possible attacks. Profiles on typical implementations of wireless sensor networks were observed and analyzed. Finally, initial indications from basic analysis of wireless sensor network traffic demonstrated a high degree of self-similarity.

Evaluation of Classification Algorithms for Intrusion Detection in MANETs

Pastrana, Sergio; Mitrokotsa, Aikaterini; Orfila, Agustín; Peris-López, Pedro
Fonte: Elsevier Publicador: Elsevier
Tipo: info:eu-repo/semantics/acceptedVersion; info:eu-repo/semantics/article Formato: application/pdf
Publicado em /12/2012 Português
Relevância na Pesquisa
45.92%
Mobile Ad-hoc Networks (MANETs) are wireless networks without fixed infrastructure based on the cooperation of independent mobile nodes. The proliferation of these networks and their use in critical scenarios (like battlefield communications or vehicular networks) require new security mechanisms and policies to guarantee the integrity, confidentiality and availability of the data transmitted. Intrusion Detection Systems used in wired networks are inappropriate in this kind of networks since different vulnerabilities may appear due to resource constraints of the participating nodes and the nature of the communication. This article presents a comparison of the effectiveness of six different classifiers to detect malicious activities in MANETs. Results show that Genetic Programming and Support Vector Machines may help considerably in detecting malicious activities in MANETs.; This work has been partially supported by the Marie Curie IEF, project "PPIDR: Privacy-Preserving Intrusion Detection and Response in Wireless Communications", grant number 252323, and also by the Comunidad de Madrid and Carlos III University of Madrid, Project EVADIR CCG10-UC3M /TIC-5570.

Attacks against intrusion detection networks: evasion, reverse engineering and optimal countermeasures

Pastrana Portillo, Sergio
Fonte: Universidade Carlos III de Madrid Publicador: Universidade Carlos III de Madrid
Tipo: Tese de Doutorado
Português
Relevância na Pesquisa
45.92%
Intrusion Detection Networks (IDNs) constitute a primary element in current cyberdefense systems. IDNs are composed of different nodes distributed among a network infrastructure, performing functions such as local detection --mostly by Intrusion Detection Systems (IDS) --, information sharing with other nodes in the IDN, and aggregation and correlation of data from different sources. Overall, they are able to detect distributed attacks taking place at large scale or in different parts of the network simultaneously. IDNs have become themselves target of advanced cyberattacks aimed at bypassing the security barrier they offer and thus gaining control of the protected system. In order to guarantee the security and privacy of the systems being protected and the IDN itself, it is required to design resilient architectures for IDNs capable of maintaining a minimum level of functionality even when certain IDN nodes are bypassed, compromised, or rendered unusable. Research in this field has traditionally focused on designing robust detection algorithms for IDS. However, almost no attention has been paid to analyzing the security of the overall IDN and designing robust architectures for them. This Thesis provides various contributions in the research of resilient IDNs grouped into two main blocks. The first two contributions analyze the security of current proposals for IDS nodes against specific attacks...

End-to-end security solutions for Internet-integrated Wireless Sensor Networks

Granjal, António Jorge da Costa
Fonte: Universidade de Coimbra Publicador: Universidade de Coimbra
Tipo: Tese de Doutorado
Português
Relevância na Pesquisa
35.94%
A investigação em soluções tecnológicas para as Redes de Sensores Sem Fios (RSSF) despertou grande interesse e inúmeros esforços ao nível da investigação em anos recentes. O objetivo inicial de tais redes foi o de providenciar uma base tecnológica que permitisse dispor de aplicações sensoriais distribuídas, desenhadas com propósitos bem específicos nas mais diversas áreas de investigação e aplicação. Uma característica distintiva das RSSF é a utilização de dispositivos com capacidade para comunicar por radiofrequência e de “sentir” e “atuar” no meio físico que os rodeia. Tal capacidade permite, na prática, o desenvolvimento e a utilização de soluções verdadeiramente inovadoras implementadas com recurso a aplicações distribuídas capazes de interagir com o mundo físico. As aplicações originais das RSSF visavam essencialmente a construção de soluções eficientes para problemas bem delimitados e, como consequência, tais redes não eram projetadas com o objetivo de suportar diferentes tipos de aplicações ou mecanismos de comunicação adaptáveis a diferentes propósitos de utilização. Podemos igualmente verificar que os mecanismos de comunicação e segurança utilizados em tais aplicações eram desenhados de acordo com o seu propósito específico de utilização. Por conseguinte...

RAPID: A Traffic-Agnostic Intrusion Detection for Resource-Constrained Wireless Mesh Networks

Hassanzadeh, Amin; Stoleru, Radu; Polychronakis, Michalis; Xie, Geoffrey
Fonte: Escola de Pós-Graduação Naval Publicador: Escola de Pós-Graduação Naval
Tipo: Artigo de Revista Científica
Português
Relevância na Pesquisa
25.82%
Due to the recent increased interest in wireless mesh networks (WMN), their security challenges have become of paramount importance. An important security mechanism for WMN, intrusion detection, has received considerable attention from the research community. Recent results show that traditional monitoring mechanisms are not applicable to real-worldWMNdue to their constrained resources (memory and processing power), which result in high false negative rates since only few IDS functions can be activated on monitoring nodes. Cooperative solutions, on the other hand, have high communication overhead and detection delay when traffic is high. A practical traffic-aware IDS solution was recently proposed for resource-constrained WMN, however, traffic-awareness might not be feasible for some WMN applications. This paper proposes a traffic-agnostic IDS solution that uses a link-coverage approach to monitor both local and backbone WMN traffic. Using real-world experiments and extensive simulations we show our proposed IDS solutions outperform traffic-aware IDS solutions while requiring lower computation and communication overhead.

Extending tactical fleet communications through VoIP

Scott, David T.
Fonte: Monterey, California: Naval Postgraduate School Publicador: Monterey, California: Naval Postgraduate School
Tipo: Tese de Doutorado
Português
Relevância na Pesquisa
25.96%
Approved for public release; distribution is unlimited; TheNavy's Fleet is in need of tactical voice communication systems that are highly reliable, protected from cyber threats, and able to operate in a denied or degraded environment. Many of theNavy's current systems rely on outdated and inefficient technology, which reduces the overall effectiveness of our tactical communication channels and also limits the accessibility of these systems to communications challenged areas within ships. This research examines the capabilities, limitations, and overall performance of an integrated Voice over Internet Protocol (VoIP) system using four popular link layer protocols (i.e., Ethernet, 802.11n, 2.4 GHz 802.11ac, and 5 GHz 802.11ac) in an attempt to determine the feasibility of incorporating VoIP technology within Consolidated Afloat Networks and Enterprise Services and digital modular radio communication systems. The specific features compared in this study are VoIP network bandwidth consumption, overall network capacity between the four link layer protocols, VoIP codecs, VoIP call limits, intrusion detection system effects, and the effects of additional non-VoIP network traffic. The results of the study show that afloat tactical communications can be effectively enhanced by integrating VoIP intrusion detection systems monitored VoIP network applications with afloat communications systems...

Inspiration from genetics to promote recognition and protection within ad hoc sensor networks

Korsnes, Reinert; Ovsthus, Knut
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 28/12/2009 Português
Relevância na Pesquisa
35.68%
This work illustrates potentials for recognition within {\em ad hoc} sensor networks if their nodes possess individual inter-related biologically inspired genetic codes. The work takes ideas from natural immune systems protecting organisms from infection. Nodes in the present proposal have individual gene sets fitting into a self organised phylogenetic tree. Members of this population are genetically ''relatives''. Outsiders cannot easily copy or introduce a new node in the network without going through a process of conception between two nodes in the population. Related nodes can locally decide to check each other for their genetic relation without directly revealing their gene sets. A copy/clone of a gene sequence or a random gene set will appear as alien. Nodes go through a cycle of introduction (conception or ''birth'') with parents in the network and later exit from it (''death''). Hence the phylogenetic tree is dynamic or possesses a genetic drift. Typical lifetimes of gene sets and number of offspring from different parents affect this genetic drift and the level of correlation between gene sets. The frequency of mutations similarly affects the gene pool. Correlation between genes of the nodes implies a common secret for cryptographic material for communication and consistency check facilitating intrusion detection and tracing of events. A node can by itself (non-specifically) recognise an adversary if it does not respond properly according to its genes. Nodes can also collaborate to recognise adversaries by communicating response from intruders to check for consistency with the whole gene pool (phylogenetic tree).; Comment: 14 pages...

Towards an Effective Intrusion Response Engine Combined with Intrusion Detection in Ad Hoc Networks

Mitrokotsa, Aikaterini; Komninos, Nikos; Douligeris, Christos
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 13/07/2008 Português
Relevância na Pesquisa
25.95%
In this paper, we present an effective intrusion response engine combined with intrusion detection in ad hoc networks. The intrusion response engine is composed of a secure communication module, a local and a global response module. Its function is based on an innovative tree-based key agreement protocol while the intrusion detection engine is based on a class of neural networks called eSOM. The proposed intrusion response model and the tree-based protocol, it is based on, are analyzed concerning key secrecy while the intrusion detection engine is evaluated for MANET under different traffic conditions and mobility patterns. The results show a high detection rate for packet dropping attacks.; Comment: 8 pages, 9 figures, presented at MedHocNet07

An Intrusion Detection Architecture for Clustered Wireless Ad Hoc Networks

Sen, Jaydip
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 31/12/2010 Português
Relevância na Pesquisa
26.03%
Intrusion detection in wireless ad hoc networks is a challenging task because these networks change their topologies dynamically, lack concentration points where aggregated traffic can be analyzed, utilize infrastructure protocols that are susceptible to manipulation, and rely on noisy, intermittent wireless communications. Security remains a major challenge for these networks due their features of open medium, dynamically changing topologies, reliance on co-operative algorithms, absence of centralized monitoring points, and lack of clear lines of defense. In this paper, we present a cooperative, distributed intrusion detection architecture based on clustering of the nodes that addresses the security vulnerabilities of the network and facilitates accurate detection of attacks. The architecture is organized as a dynamic hierarchy in which the intrusion data is acquired by the nodes and is incrementally aggregated, reduced in volume and analyzed as it flows upwards to the cluster-head. The cluster-heads of adjacent clusters communicate with each other in case of cooperative intrusion detection. For intrusion related message communication, mobile agents are used for their efficiency in lightweight computation and suitability in cooperative intrusion detection. Simulation results show effectiveness and efficiency of the proposed architecture.; Comment: 6 pages...

A novel approach for security issues in VoIP networks in Virtualization with IVR

Shah, Kinjal; Ghrera, Satya Prakash; Thaker, Alok
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 08/06/2012 Português
Relevância na Pesquisa
35.7%
VoIP (Voice over Internet Protocol) is a growing technology during last decade. It provides the audio, video streaming facility on successful implementation in the network. However, it provides the text transport facility over the network. Due to implementation of it the cost effective solution, it can be developed for the intercommunication among the employees of a prestigious organization. The proposed idea has been implemented on the audio streaming area of the VoIP technology. In the audio streaming, the security vulnerabilities are possible on the VoIP server during communication between two parties. In the proposed model, first the VoIP system has been implemented with IVR (Interactive Voice Response) as a case study and with the implementation of the security parameters provided to the asterisk server which works as a VoIP service provider. The asterisk server has been configured with different security parameters like VPN server, Firewall iptable rules, Intrusion Detection and Intrusion Prevention System. Every parameter will be monitored by the system administrator of the VoIP server along with the MySQL database. The system admin will get every update related to the attacks on the server through Mail server attached to the asterisk server. The main beauty of the proposed system is VoIP server alone is configured as a VoIP server...

Intrusion-aware Alert Validation Algorithm for Cooperative Distributed Intrusion Detection Schemes of Wireless Sensor Networks

Shaikh, Riaz Ahmed; Jameel, Hassan; Auriol, Brian J. d; Lee, Heejo; Lee, Sungyoung; Song, Young-Jae
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 29/12/2009 Português
Relevância na Pesquisa
25.95%
Existing anomaly and intrusion detection schemes of wireless sensor networks have mainly focused on the detection of intrusions. Once the intrusion is detected, an alerts or claims will be generated. However, any unidentified malicious nodes in the network could send faulty anomaly and intrusion claims about the legitimate nodes to the other nodes. Verifying the validity of such claims is a critical and challenging issue that is not considered in the existing cooperative-based distributed anomaly and intrusion detection schemes of wireless sensor networks. In this paper, we propose a validation algorithm that addresses this problem. This algorithm utilizes the concept of intrusion-aware reliability that helps to provide adequate reliability at a modest communication cost. In this paper, we also provide a security resiliency analysis of the proposed intrusion-aware alert validation algorithm.; Comment: 19 pages, 7 figures

Intrusion detection mechanisms for VoIP applications

Nassar, Mohamed El Baker; State, Radu; Festor, Olivier
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 18/10/2006 Português
Relevância na Pesquisa
35.7%
VoIP applications are emerging today as an important component in business and communication industry. In this paper, we address the intrusion detection and prevention in VoIP networks and describe how a conceptual solution based on the Bayes inference approach can be used to reinforce the existent security mechanisms. Our approach is based on network monitoring and analyzing of the VoIP-specific traffic. We give a detailed example on attack detection using the SIP signaling protocol.

Distributed Intrusion Detection of Byzantine Attacks in Wireless Networks with Random Linear Network Coding

Chen, Jen-Yeu; Tseng, Yi-ying
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 11/03/2013 Português
Relevância na Pesquisa
35.59%
Network coding is an elegant technique where, instead of simply relaying the packets of information they receive, the nodes of a network are allowed to combine \emph{several} packets together for transmission and this technique can be used to achieve the maximum possible information flow in a network and save the needed number of packet transmissions. Moreover, in an energy-constraint wireless network such as Wireless Sensor Network (a typical type of wireless ad hoc network), applying network coding to reduce the number of wireless transmissions can also prolong the life time of sensor nodes. Although applying network coding in a wireless sensor network is obviously beneficial, due to the operation that one transmitting information is actually combination of multiple other information, it is possible that an error propagation may occur in the network. This special characteristic also exposes network coding system to a wide range of error attacks, especially Byzantine attacks. When some adversary nodes generate error data in the network with network coding, those erroneous information will be mixed at intermeidate nodes and thus corrupt all the information reaching a destination. Recent research efforts have shown that network coding can be combined with classical error control codes and cryptography for secure communication or misbehavior detection. Nevertheless...

Stochastic Games for Security in Networks with Interdependent Nodes

Nguyen, Kien C.; Alpcan, Tansu; Basar, Tamer
Fonte: Universidade Cornell Publicador: Universidade Cornell
Tipo: Artigo de Revista Científica
Publicado em 11/03/2010 Português
Relevância na Pesquisa
35.65%
This paper studies a stochastic game theoretic approach to security and intrusion detection in communication and computer networks. Specifically, an Attacker and a Defender take part in a two-player game over a network of nodes whose security assets and vulnerabilities are correlated. Such a network can be modeled using weighted directed graphs with the edges representing the influence among the nodes. The game can be formulated as a non-cooperative zero-sum or nonzero-sum stochastic game. However, due to correlation among the nodes, if some nodes are compromised, the effective security assets and vulnerabilities of the remaining ones will not stay the same in general, which leads to complex system dynamics. We examine existence, uniqueness, and structure of the solution and also provide numerical examples to illustrate our model.