A Stochastic Game Theoretic Approach to Attack Prediction and Optimal Active Defense Strategy Decision

Author

Jiang, Wei ; Tian, Zhi-hong ; Zhang, Hong-Li ; Song, Xin-fang

Author_Institution

Harbin Inst. of Technol., Harbin

fYear

2008

fDate

6-8 April 2008

Firstpage

648

Lastpage

653

Abstract

This paper presents a stochastic game theoretic approach to analyzing attack prediction and the active defense of computer networks. A Markov chain for privilege (MCP) model to predict attacker´s behavior and strategies is proposed. We regard the interactions between an attacker and the defender as a two-player, non-cooperative, zero-sum, finite stochastic game and formulate an attack-defense stochastic game (ADSG) model for the game. An attack strategies prediction and optimal active defense strategy decision algorithm is developed using the ADSG and cost-sensitive model. Optimal defense strategies with minimizing costs are used to defend the attack and harden the network in advance. Finally, a simple example of an attack against a network is modeled and analyzed.

Keywords

Markov processes; computer networks; security of data; stochastic games; Markov chain; attack prediction; attack-defense stochastic game model; computer networks; optimal active defense strategy decision; privilege model; Computer networks; Computer security; Cost function; Game theory; Information security; Intrusion detection; Predictive models; Protection; Stochastic processes; Taxonomy;

fLanguage

English

Publisher

ieee

Conference_Titel

Networking, Sensing and Control, 2008. ICNSC 2008. IEEE International Conference on

Conference_Location

Sanya

Print_ISBN

978-1-4244-1685-1

Electronic_ISBN

978-1-4244-1686-8

Type

conf

DOI

10.1109/ICNSC.2008.4525297

Filename

4525297