Maintaining Defender's Reputation in Anomaly Detection Against Insider Attacks

被引：26

作者：

Zhang, Nan ^{[1
]}

Yu, Wei ^{[2
]}

Fu, Xinwen ^{[3
]}

Das, Sajal K. ^{[4
]}

机构：

[1] George Washington Univ, Dept Comp Sci, Washington, DC 20052 USA

[2] Towson Univ, Dept Comp & Informat Sci, Towson, MD 21252 USA

[3] Univ Massachusetts, Dept Comp Sci, Lowell, MA 01854 USA

[4] Univ Texas Arlington, Dept Comp Sci & Engn, Arlington, TX 76019 USA

来源：

IEEE TRANSACTIONS ON SYSTEMS MAN AND CYBERNETICS PART B-CYBERNETICS | 2010年 / 40卷 / 03期

基金：

美国国家科学基金会;

关键词：

Anomaly detection; game theory; insider attack; SECURITY;

D O I：

10.1109/TSMCB.2009.2033564

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

We address issues related to establishing a defender's reputation in anomaly detection against two types of attackers: 1) smart insiders, who learn from historic attacks and adapt their strategies to avoid detection/punishment, and 2) naive attackers, who blindly launch their attacks without knowledge of the history. In this paper, we propose two novel algorithms for reputation establishment-one for systems solely consisting of smart insiders and the other for systems in which both smart insiders and naive attackers are present. The theoretical analysis and performance evaluation show that our reputation-establishment algorithms can significantly improve the performance of anomaly detection against insider attacks in terms of the tradeoff between detection and false positives.

引用

页码：597 / 611

页数：15

共 50 条

[41] A review on statistical approaches for anomaly detection in DDoS attacks
Nooribakhsh, Mahsa
Mollamotalebi, Mahdi
INFORMATION SECURITY JOURNAL, 2020, 29 (03): : 118 - 133
[42] BENCHMARKING OF ANOMALY DETECTION ALGORITHMS ON AUTOMATED PASSWORD ATTACKS
Strnad, Pavel
Svarc, Lukas
DIGITALIZED ECONOMY, SOCIETY AND INFORMATION MANAGEMENT (IDIMT-2020), 2020, 49 : 237 - 243
[43] Database Intrusion Detection: Protecting Against the Insider Threat
Barton, Kevin A.
Jeffries-Horner, Carol J.
AMCIS 2012 PROCEEDINGS, 2012,
[44] Malicious insider threat detection using variation of sampling methods for anomaly detection in cloud environment
Asha, S.
Shanmugapriya, D.
Padmavathi, G.
COMPUTERS & ELECTRICAL ENGINEERING, 2023, 105
[45] Improving Knowledge Based Detection of Soft Attacks Against Autonomous Vehicles with Reputation, Trust and Data Quality Service Models
Chuprov, Sergei
Viksnin, Ilia
Kim, Iuliia
Melnikov, Timofey
Reznik, Leon
Khokhlov, Igor
2021 IEEE INTERNATIONAL CONFERENCE ON SMART DATA SERVICES (SMDS 2021), 2021, : 115 - 120
[46] Anomaly-Based Insider Threat Detection via Hierarchical Information Fusion
Wang, Enzhi
Li, Qicheng
Zhao, Shiwan
Han, Xue
ARTIFICIAL NEURAL NETWORKS AND MACHINE LEARNING, ICANN 2023, PT III, 2023, 14256 : 13 - 25
[47] Scalable and Energy Efficient Cluster Based Anomaly Detection Against Denial of Service Attacks in Wireless Sensor Networks
M. Premkumar
S. R. Ashokkumar
V. Jeevanantham
G. Mohanbabu
S. AnuPallavi
Wireless Personal Communications, 2023, 129 : 2669 - 2691
[48] Applying Graph-Based Anomaly Detection Approaches to the Discovery of Insider Threats
Eberle, William
Holder, Lawrence
ISI: 2009 IEEE INTERNATIONAL CONFERENCE ON INTELLIGENCE AND SECURITY INFORMATICS, 2009, : 206 - +
[49] Insider Attacks Against Multi-factor Authentication Protocols for Wireless Sensor Networks
Li W.-T.
Wang D.
Wang P.
Ruan Jian Xue Bao/Journal of Software, 2019, 30 (08): : 2375 - 2391
[50] Scalable and Energy Efficient Cluster Based Anomaly Detection Against Denial of Service Attacks in Wireless Sensor Networks
Premkumar, M.
Ashokkumar, S. R.
Jeevanantham, V.
Mohanbabu, G.
AnuPallavi, S.
WIRELESS PERSONAL COMMUNICATIONS, 2023, 129 (04) : 2669 - 2691

← 1 2 3 4 5 →