Title :
Towards Effective Defense Against Insider Attacks: The Establishment of Defender´s Reputation
Author :
Zhang, Nan ; Yu, Wei ; Fu, Xinwen ; Das, Sajal K.
Abstract :
We address issues related to the establishment of defender´s reputation in anomaly detection against insider attacks. We consider two types of attackers: smart insiders, which learn from historic attacks and adapt their strategies to avoid detection/punishment, and naive attackers, which blindly launch their attacks. We introduce two novel reputation-establishment algorithms for systems with solely smart insiders and systems with both smart insiders and naive attackers, respectively. Theoretical analysis and simulation results show that our reputation-establishment algorithms can significantly improve the performance of anomaly detection against insider attacks in terms of the tradeoff between detection and false positives.
Keywords :
security of data; anomaly detection; defender reputation establishment algorithm; learning; naive attacker; smart insider attack; Algorithm design and analysis; Analytical models; Change detection algorithms; Computer security; Costs; Game theory; Intrusion detection; Mobile ad hoc networks; Performance analysis; Surges;
Conference_Titel :
Parallel and Distributed Systems, 2008. ICPADS '08. 14th IEEE International Conference on
Conference_Location :
Melbourne, VIC
Print_ISBN :
978-0-7695-3434-3
DOI :
10.1109/ICPADS.2008.85
