Sciweavers

Share
INFOCOM
2003
IEEE

Detecting Network Intrusions via Sampling: A Game Theoretic Approach

8 years 10 months ago
Detecting Network Intrusions via Sampling: A Game Theoretic Approach
In this paper, we consider the problem of detecting an intruding packet in a communication network. Detection is accomplished by sampling a portion of the packets transiting selected network links (or router interfaces). Since sampling entails incurring network costs for real-time packet sampling and packet examination hardware, we would like to develop a network packet sampling strategy to effectively detect network intrusions while not exceeding a given total sampling budget. We consider this problem in a game theoretic framework, where the intruder picks paths (or the network ingress point if only shortest path routing is possible) to minimize chances of detection and where the network operator chooses a sampling strategy to maximize the chances of detection. We formulate the game theoretic problem, and develop sampling schemes that are optimal in this game theoretic setting.
Murali S. Kodialam, T. V. Lakshman
Added 04 Jul 2010
Updated 04 Jul 2010
Type Conference
Year 2003
Where INFOCOM
Authors Murali S. Kodialam, T. V. Lakshman
Comments (0)
books