A Markov decision model for intruder location in IP networks

Author

Darling, T. ; Shayman, M.A.

Author_Institution

Dept. of Electr. & Comput. Eng., Maryland Univ., College Park, MD, USA

Volume

2

fYear

2000

fDate

2000

Firstpage

1858

Abstract

We consider the problem of locating an intruder in an IP domain using dynamic IPSec security associations as proposed in the DECIDUOUS project. We formulate this problem as a Markov decision process that evolves on the set of subtrees of a shortest path routing tree. For small domains, an optimal stationary policy can be determined by dynamic programming. For large domains, the use of neurodynamic programming as well as heuristic policies are examined. Our results indicate that under certain assumptions, a one-feature heuristic policy provides good performance

Keywords

Internet; Markov processes; computer network management; decision theory; dynamic programming; probability; security of data; transport protocols; trees (mathematics); DECIDUOUS project; IP networks; Markov decision model; dynamic IPSec security associations; heuristic policies; intruder location; large domains; neurodynamic programming; one-feature heuristic policy; optimal stationary policy; shortest path routing tree; small domains; subtrees; Computer hacking; Computer security; Dynamic programming; Educational institutions; IP networks; Intelligent networks; Neurodynamics; Postal services; Routing; Telecommunications;

fLanguage

English

Publisher

ieee

Conference_Titel

Decision and Control, 2000. Proceedings of the 39th IEEE Conference on

Conference_Location

Sydney, NSW

ISSN

0191-2216

Print_ISBN

0-7803-6638-7

Type

conf

DOI

10.1109/CDC.2000.912133

Filename

912133