Security Decision Making Based on Domain Partitional Markov Decision Process

Author

Hu He ; Yao Shuping ; Peng Wu

Author_Institution

Lab. for Comput. Network Defense Technol., Beijing Inst. of Technol., Beijing, China

fYear

2009

fDate

19-20 Dec. 2009

Firstpage

1

Lastpage

4

Abstract

The research proposed an approach that based on domain partitional Markov decision process to make decisions about the protection and defense against cyber attacks. We partitioned the network into several security domains. Markov decision models were made in each domain, with each state established by situational awareness. Strategy sets were set according to the system states. Cost-benefit factors were considered comprehensively to calculate the rewards of countermeasures. On one hand, domain partition overcame the deficiency of control granularity; on the other hand the payoffs of the counter-measures were calculated comprehensively. The experimental results show that the model can effectively improve the accuracy and effectiveness of network defense.

Keywords

Markov processes; computer network security; decision making; decision theory; Markov decision models; cost-benefit factors; cyber attacks; domain partitional Markov decision process; network defense; security decision making; situational awareness; Bayesian methods; Computer networks; Computer security; Decision making; Fuses; Game theory; Helium; Information security; Nash equilibrium; Protection;

fLanguage

English

Publisher

ieee

Conference_Titel

Information Engineering and Computer Science, 2009. ICIECS 2009. International Conference on

Conference_Location

Wuhan

Print_ISBN

978-1-4244-4994-1

Type

conf

DOI

10.1109/ICIECS.2009.5365272

Filename

5365272