Near Optimal Defense Strategies to Minimize Attackers’ Success Probabilities for Networks of Honeypots
Date Issued
2009
Date
2009
Author(s)
Wang, Yu-Shun
Abstract
Since the attack level and tactics of network systems grow with each passing day. Network systems are usually simultaneously attacked by different types of attackers. Therefore, the most important issue for defenders is to evaluate the system survivability under this scenario. Besides, from the view point of attackers, they usually only have partial information of the targeted system. In other words, they only have “imperfect knowledge”. As a result, a mechanism which is capable to distract attackers and waste their budget is emerged. This defense technique, called honeypot, can not only assist defender to learn attack strategy and record system vulnerabilities attackers used but also allows defender to understand system vulnerabilities. Therefore, whole system compromised probability is reduced. In other words, survivability is raised.n this thesis, we model the attack defense scenario as a mathematical programming problem that describes attackers’ success probability. The optimal defense resource allocation is discovered by evaluation process. This approach applies a serious of evaluations and policy enhancements gradually improve the quality of solution. For each round, we derive the most appropriate direction to amend and continually enhance the allocation scheme to achieve optimal solution. Besides, this approach can be applied to solve problems with imperfect knowledge property. Through appropriate scenario description and randomness involved, the problem can be closer to realistic, thus enhance the positive benefits effectively for the defenders.
Subjects
Network Attack and Defense
Network Survivability
Optimization, Resource Allocation
Mathematical Programming
Honeypots
Imperfect Knowledge
File(s)![Thumbnail Image]()
Loading...
Name
ntu-98-R96725025-1.pdf
Size
23.32 KB
Format
Adobe PDF
Checksum
(MD5):93377605f56c8c43b9f2138708f0beb3