By Topic

Efficient defense strategies to minimize attackers' success probabilities in honeynet

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Lin, F.Y.-S. ; Dept. of Inf. Manage., Nat. Taiwan Univ., Taipei, Taiwan ; Yu-Shun Wang ; Po-Hao Tsang

In this paper, we consider the problem of minimizing attackers' success probability in a protected network subject to attacker profile/behavior constraints and defender resource/strategy constraints. Compared with previous research, the following two enhancements are made. First, we no longer assume that perfect knowledge regarding the network topology and defense resource allocation is fully available for attackers (a worst case scenario for the defender). Second, all combinations of attacker classes can be considered, where each attacker class may be associated with any number of attributes, including ratio, intelligence/experience level, available attack resource and sophisticated attack strategies. The problem is modeled as a generic mathematical programming problem, and a novel two-phase solution approach, which well combines mathematical programming and simulation techniques, is proposed. More specifically, in the “Evaluation Phase”, efficient and effective simulations are conducted to evaluate the effectiveness of the current defense policy; whereas, in the “Defense Policy Enhancement Phase”, specially-proposed and easy-to-collect information from the “Objective Function Evaluation Phase” is adopted to calculate gradients of the decision variables. From computational experiments on honeynet, applicability and effectiveness of the proposed framework and algorithm are clearly demonstrated.

Published in:

Information Assurance and Security (IAS), 2010 Sixth International Conference on

Date of Conference:

23-25 Aug. 2010