Title :
A Markov decision model for intruder location in IP networks
Author :
Darling, T. ; Shayman, M.A.
Author_Institution :
Dept. of Electr. & Comput. Eng., Maryland Univ., College Park, MD, USA
Abstract :
We consider the problem of locating an intruder in an IP domain using dynamic IPSec security associations as proposed in the DECIDUOUS project. We formulate this problem as a Markov decision process that evolves on the set of subtrees of a shortest path routing tree. For small domains, an optimal stationary policy can be determined by dynamic programming. For large domains, the use of neurodynamic programming as well as heuristic policies are examined. Our results indicate that under certain assumptions, a one-feature heuristic policy provides good performance
Keywords :
Internet; Markov processes; computer network management; decision theory; dynamic programming; probability; security of data; transport protocols; trees (mathematics); DECIDUOUS project; IP networks; Markov decision model; dynamic IPSec security associations; heuristic policies; intruder location; large domains; neurodynamic programming; one-feature heuristic policy; optimal stationary policy; shortest path routing tree; small domains; subtrees; Computer hacking; Computer security; Dynamic programming; Educational institutions; IP networks; Intelligent networks; Neurodynamics; Postal services; Routing; Telecommunications;
Conference_Titel :
Decision and Control, 2000. Proceedings of the 39th IEEE Conference on
Conference_Location :
Sydney, NSW
Print_ISBN :
0-7803-6638-7
DOI :
10.1109/CDC.2000.912133
