Mehrandish, Mona (2006) Intrusion detection : a game theoretic approach. Masters thesis, Concordia University.
Preview |
Text (application/pdf)
3MBMR20779.pdf - Accepted Version |
Abstract
In this thesis, we consider the problems of detecting intrusions initiated by cooperative malicious nodes and multiple malicious packets initiated by a smart intruder. Detection is accomplished by sampling a subset of the transmitted packets over selected network links or router interfaces. Given a total sampling budget, our framework aims at developing a network packet sampling strategy to effectively reduce the success chances of an intruder. We consider two different scenarios: (1) A well informed intruder divides her attack over multiple packets in order to increase her chances of successfully intruding a target domain. (2) Different cooperating intruders distribute the attack among themselves each sending the attack fragments to the target node. Each of the packets containing a fragment of the attack is transmitted through a different path using multi-path routing, where each path is selected with a different probability. To the best of our knowledge, there has not been any work done for the case where the attack is split over multiple packets or distributed over cooperative intruders using game theory. We formulate the game theoretic problem, and develop optimal sampling schemes.
Divisions: | Concordia University > Gina Cody School of Engineering and Computer Science > Computer Science and Software Engineering |
---|---|
Item Type: | Thesis (Masters) |
Authors: | Mehrandish, Mona |
Pagination: | viii, 79 leaves : ill. ; 29 cm. |
Institution: | Concordia University |
Degree Name: | M. Comp. Sc. |
Program: | Computer Science and Software Engineering |
Date: | 2006 |
Thesis Supervisor(s): | Debbabi, Mourad and Assi, Chadi |
Identification Number: | LE 3 C66C67M 2006 M44 |
ID Code: | 8475 |
Deposited By: | Concordia University Library |
Deposited On: | 18 Aug 2011 18:26 |
Last Modified: | 13 Jul 2020 20:04 |
Related URLs: |
Repository Staff Only: item control page