Mehrandish, Mona (2006) Intrusion detection : a game theoretic approach. Masters thesis, Concordia University.
- Accepted Version
In this thesis, we consider the problems of detecting intrusions initiated by cooperative malicious nodes and multiple malicious packets initiated by a smart intruder. Detection is accomplished by sampling a subset of the transmitted packets over selected network links or router interfaces. Given a total sampling budget, our framework aims at developing a network packet sampling strategy to effectively reduce the success chances of an intruder. We consider two different scenarios: (1) A well informed intruder divides her attack over multiple packets in order to increase her chances of successfully intruding a target domain. (2) Different cooperating intruders distribute the attack among themselves each sending the attack fragments to the target node. Each of the packets containing a fragment of the attack is transmitted through a different path using multi-path routing, where each path is selected with a different probability. To the best of our knowledge, there has not been any work done for the case where the attack is split over multiple packets or distributed over cooperative intruders using game theory. We formulate the game theoretic problem, and develop optimal sampling schemes.
|Divisions:||Concordia University > Faculty of Engineering and Computer Science > Computer Science and Software Engineering|
|Item Type:||Thesis (Masters)|
|Pagination:||viii, 79 leaves : ill. ; 29 cm.|
|Degree Name:||M. Comp. Sc.|
|Program:||Computer Science and Software Engineering|
|Thesis Supervisor(s):||Debbabi, Mourad and Assi, Chadi|
|Deposited By:||Concordia University Libraries|
|Deposited On:||18 Aug 2011 18:26|
|Last Modified:||18 Aug 2011 19:28|
Repository Staff Only: item control page