Maintaining Defender's Reputation in Anomaly Detection Against Insider Attacks

被引：26

作者：

Zhang, Nan ^{[1
]}

Yu, Wei ^{[2
]}

Fu, Xinwen ^{[3
]}

Das, Sajal K. ^{[4
]}

机构：

[1] George Washington Univ, Dept Comp Sci, Washington, DC 20052 USA

[2] Towson Univ, Dept Comp & Informat Sci, Towson, MD 21252 USA

[3] Univ Massachusetts, Dept Comp Sci, Lowell, MA 01854 USA

[4] Univ Texas Arlington, Dept Comp Sci & Engn, Arlington, TX 76019 USA

来源：

IEEE TRANSACTIONS ON SYSTEMS MAN AND CYBERNETICS PART B-CYBERNETICS | 2010年 / 40卷 / 03期

基金：

美国国家科学基金会;

关键词：

Anomaly detection; game theory; insider attack; SECURITY;

D O I：

10.1109/TSMCB.2009.2033564

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

We address issues related to establishing a defender's reputation in anomaly detection against two types of attackers: 1) smart insiders, who learn from historic attacks and adapt their strategies to avoid detection/punishment, and 2) naive attackers, who blindly launch their attacks without knowledge of the history. In this paper, we propose two novel algorithms for reputation establishment-one for systems solely consisting of smart insiders and the other for systems in which both smart insiders and naive attackers are present. The theoretical analysis and performance evaluation show that our reputation-establishment algorithms can significantly improve the performance of anomaly detection against insider attacks in terms of the tradeoff between detection and false positives.

引用

页码：597 / 611

页数：15

共 50 条

[1] Towards Effective Defense Against Insider Attacks: The Establishment of Defender's Reputation
Zhang, Nan
Yu, Wei
Fu, Xinwen
Das, Sajal K.
PROCEEDINGS OF THE 2008 14TH IEEE INTERNATIONAL CONFERENCE ON PARALLEL AND DISTRIBUTED SYSTEMS, 2008, : 501 - +
[2] Alarm Based Anomaly Detection of Insider Attacks in SCADA System
Nasr, Payam Mahmoudi
Varjani, Ali Yazdian
2014 SMART GRID CONFERENCE (SGC), 2014,
[3] Detection of Insider Attacks Against Interior Routing Protocols
Klimovski, Dragi
Fox, Coen
Branch, Philip
2019 10TH INTERNATIONAL CONFERENCE ON INFORMATION AND COMMUNICATION TECHNOLOGY CONVERGENCE (ICTC): ICT CONVERGENCE LEADING THE AUTONOMOUS FUTURE, 2019, : 549 - 554
[4] Anomaly Detection Techniques for Database Protection Against Insider Threats
Sallam, Asmaa
Xiao, Qian
Bertino, Elisa
Fadolalkarim, Daren
PROCEEDINGS OF 2016 IEEE 17TH INTERNATIONAL CONFERENCE ON INFORMATION REUSE AND INTEGRATION (IEEE IRI), 2016, : 20 - 29
[5] Inter-slice Defender: An Anomaly Detection Solution for Distributed Slice Mobility Attacks
Molina, Ricardo Misael Ayala
Wehbe, Nathalie
Alameddine, Hyame Assem
Pourzandi, Makan
Assi, Chadi
2024 23RD IFIP NETWORKING CONFERENCE, IFIP NETWORKING 2024, 2024, : 432 - 440
[6] Defending against speculative attacks: The policy maker's reputation
Huang, Chong
JOURNAL OF ECONOMIC THEORY, 2017, 171 : 1 - 34
[7] Anomaly Detection for Insider Attacks From Untrusted Intelligent Electronic Devices in Substation Automation Systems
Wang, Xuelei
Fidge, Colin
Nourbakhsh, Ghavameddin
Foo, Ernest
Jadidi, Zahra
Li, Calvin
IEEE ACCESS, 2022, 10 : 6629 - 6649
[8] On Resilience Studies of System Detection and Recovery Techniques against Stealthy Insider Attacks
Wei, Sixiao
Zhang, Hanlin
Chen, Genshe
Shen, Dan
Yu, Wei
Pham, Khanh D.
Blasch, Erik P.
Cruz, Jose B.
SENSORS AND SYSTEMS FOR SPACE APPLICATIONS IX, 2016, 9838
[9] A New Approach for Detection of Insider Attacks
Sen, Sevil
2013 21ST SIGNAL PROCESSING AND COMMUNICATIONS APPLICATIONS CONFERENCE (SIU), 2013,
[10] Adversarial Machine Learning Attacks Against Video Anomaly Detection Systems
Mumcu, Furkan
Doshi, Keval
Yilmaz, Yasin
2022 IEEE/CVF CONFERENCE ON COMPUTER VISION AND PATTERN RECOGNITION WORKSHOPS, CVPRW 2022, 2022, : 205 - 212

← 1 2 3 4 5 →