Intrusion detection response model based on cost-analysis
-
摘要: 运用博弈论及信息安全技术有关理论,提出了一个基于成本分析的入侵响应投资模型,得出在此安全技术配置下博弈双方的最优策略,讨论了入侵响应的纳什均衡解,并通过成本分析从理论和实践两方面验证了此模型的合理性.针对现有入侵响应系统中不计成本就进行响应的问题,引入入侵损失和响应成本,通过比较二者关系,分析了系统管理员进行响应的条件成本,从而给出系统管理员灵活调整入侵响应的自适应策略,提高信息系统的安全性及抵抗攻击的能力,且避免不必要的资源浪费,实现信息保护和资源可用之间的平衡.Abstract: Applying the methodologies of game theory and network security, considering the decision interdependence of the players, a game model of intrusion response based on cost analysis was presented. The study showed the optimal strategies for the players in the deployment of security technique-Intrusion Detection System(IDS), discussed the Nash equilibrium solutions, and verified the model rationality by cost-analysis from the theoretic and empirical aspects. Focusing on the problem of intrusion response without considering cost now, the model was introduced damage cost and response cost. With comparison with the two kinds of cost, the conditional cost of responding was analyzed, thus an adaptive intrusion response strategy to system administrator was made. This method can illustrate the response policy of system administrator in the actual decision further, improve security and avoid wasting unnecessary resource, then achieve the balance between information protection and resource.
-
Key words:
- game theory /
- security of data /
- intrusion detection /
- intrusion response /
- cost analysis
-
[1] Rebecca T Mercuri. Security watch: analyzing security costs[J]. Communications of the ACM,2003,46(6):15-18 [2] Bistarelli S, Fioravanti F, Peretti P. Defense trees for economic evaluation of security investments Proceedings of the First International Conference on Availability, Reliability and Security (ARES-06) IEEE.Los Alamitos: The IEEE Computer Society, 2006:416-423 [3] Cremonini M, Martini P. Evaluating information security investments from attackers perspective: the Return-On-Attack (ROA) Proceedings of the Fourth Workshop on the Economics of Information Security. Cambridge: ,2005 [4] Gordon L,Loeb M. The economics of information security investment[J]. ACM Transactions on Information and System Security,2002,5(4):438-457 [5] Gordon L,Loeb M.Budgeting process for information security expenditures[J]. Communications of the ACM,2006,49(1):121-125 [6] Cavusoglu H, Mishra B, Raghunathan S. A model for evaluating IT security investments[J].Communications of the ACM,2004,47(7):87-92 [7] Cavusoglu H, Mishra B, Raghunathan S.The value of IDS in IT security architecture[J].Information Systems Research,2005,19(1):28-46 [8] Wenke Lee, Wei Fan, Matthew Miller,et al. Toward cost-sensitive modeling for intrusion detection and response[J].Journal of Computer Security,2002,10:5-22 [9] McHugh J, Christie A.C, Allen J. Defending yourself: The role of intrusion detection systems[J]. IEEE Software,2000,17(5):42-51 [10] NIST Publication 800-12.1996. An Introduction to Computer Security[S] [11] NorthcuttS.Intrusion detection:an analyst-handbook[M].Indianapolis: New Riders Publishing ,1999 期刊类型引用(5)
1. 景凤,郭婧娟. 基于BIM的高铁工程量清单EBS\WBS研究. 铁道标准设计. 2020(02): 68-74 . 
百度学术2. 周泽鑫,孙志强,徐冰,洪扬. 空间光学遥感器真空热试验工装模块化设计. 北京航空航天大学学报. 2019(08): 1544-1551 . 
本站查看3. 张秋雁,张俊玮,丛中笑,宋锡强,曾招辉,王忠义. 符合智能制造硬件要求的积木式单相智能电能表设计研究. 自动化与仪器仪表. 2018(06): 37-40 . 百度学术4. 田启华,梅月媛,杜义贤,周祥曼. 基于聚类分析的大容量耦合设计任务规划的研究. 中国机械工程. 2018(05): 544-551 . 百度学术5. 刘航,何铭鑫,聂仕麟. 基于模块化技术的复杂产品融合设计方案研究——以斯特林发动机为例. 管理工程师. 2017(06): 28-31 . 百度学术其他类型引用(11)
-
百度学术
点击查看大图
计量
- 文章访问数: 3677
- HTML全文浏览量: 234
- PDF下载量: 1109
- 被引次数: 16
下载:
