Stochastic Tools for Network Intrusion Detection

Abstract: With the rapid development of Internet and the sharp increase of network crime, network security has become very important and received a lot of attention. We model security issues as stochastic systems. This allows us to find weaknesses in existing security systems and propose new solutions. Exploring the vulnerabilities of existing security tools can prevent cyber-attacks from taking advantages of the system weaknesses. We propose a hybrid network security scheme including intrusion detection systems (IDSs) … Show more

“…From defender's perspective, Miehling et al in [10] have adopted POMDP to optimally interfere the attacker's progression; Hu et al in [7] have also modeled the defense problem with POMDP and proposed online algorithm for adaptive defense measure. Yu and Brooks [22] have applied POMDP and its approximation solution as a stochastic tool for network intrusion detection. On the other hand, Sarraute et al [17] in an attacker's view have introduced POMDP in attack planning issue of penetration testing.…”

Deceptive Kernel Function on Observations of Discrete POMDP

“…From defender's perspective, Miehling et al in [10] have adopted POMDP to optimally interfere the attacker's progression; Hu et al in [7] have also modeled the defense problem with POMDP and proposed online algorithm for adaptive defense measure. Yu and Brooks [22] have applied POMDP and its approximation solution as a stochastic tool for network intrusion detection. On the other hand, Sarraute et al [17] in an attacker's view have introduced POMDP in attack planning issue of penetration testing.…”

Deceptive Kernel Function on Observations of Discrete POMDP