دانشجوی رياضی دانشگاه تهران

A game-based intrusion detection mechanism to confront internal attackers

Insiders might threaten organizations’ systems any time. By interacting with a system, an

insider plays games with the security mechanisms employed to protect it. We apply game

theory to model these interactions in an extensive form game that is being played

repeatedly with an Intrusion Detection System (IDS). The outcomes of the game are

quantified by first specifying players’ preferences, and then, by using the von Neumanne-Morgenst

utility function, to assign numbers that reflect these preferences

Examining players’ best responses, the solution of the game follows by locating all the

Nash Equilibria (NE). We extend the NE notion to the logit Quantal Response Equilibrium

QRE), to capture players’ bounded rationality and model insider’s behavior. The QRE)

results are more realistic, and show that the solution of the game might be significantly

different than the corresponding NE solution. Thus, we determine how an insider will

interact in the future, and how an IDS will react to protect the system. To easily exploit QRE

results in ID, we propose the use of a detection mechanism. To present a possible implementation

scheme of the detection mechanism, we give the application model and

a detailed game-based detection algorithm

Keywords: Intrusion detection , Internal attacker ,Non-cooperative game theory ,

Repeated game ,Quantal response equilibrium , Detection mechanism

دراین سمینار سعی می کنیم تا یکی از جدیدترین شیو های شناسایی نفوذ به شبکه  را با استفاده از

تعادل نش ، پارتو   و  QER برای شما دوستان بیان کنیم.

در اینجا از تمامی علاقه مندان برای شرکت در این سیمنار دعوت به عمل می آوریم.

تیم ارائه : سیامک نادری - محمد حسین شجاع الدین - عماد بهرامی -علی درویش - علی افضل زاده

سخنران  : سیامک نادری -  محمد حسین شجاع الدین

ساعت 13 الی 14:30

کلاس 201 

دانشکده ریاضی ،آمار وعلوم کامپیوتر  دانشگاه تهران