Sciweavers

CDC
2009
IEEE

Dynamic policy-based IDS configuration

13 years 4 months ago
Dynamic policy-based IDS configuration
Intrusion Detection System (IDS) is an important security enforcement tool in modern networked information systems. Obtaining an optimal IDS configuration for effective detection of attacks is far from trivial. There exists a tradeoff between security enforcement levels and the performance of information systems. It is critical to configure an IDS in a dynamic and iterative fashion to balance the security overhead and system performance. In this paper, we use noncooperative game approaches to address this problem. We first build a fundamental game framework to model the zero-sum interactions between the detector and the attacker. Building on this platform, we then formulate a stochastic game model in which the transitions between system states are determined by the actions chosen by both players. An optimal policy-based configuration can be found by minimizing a discounted cost criterion, using an iterative method. In addition, we propose a Q-learning algorithm to find the optimal game...
Quanyan Zhu, Tamer Basar
Added 08 Nov 2010
Updated 08 Nov 2010
Type Conference
Year 2009
Where CDC
Authors Quanyan Zhu, Tamer Basar
Comments (0)