• 文献检索
  • 文档翻译
  • 深度研究
  • 学术资讯
  • Suppr Zotero 插件Zotero 插件
  • 邀请有礼
  • 套餐&价格
  • 历史记录
应用&插件
Suppr Zotero 插件Zotero 插件浏览器插件Mac 客户端Windows 客户端微信小程序
定价
高级版会员购买积分包购买API积分包
服务
文献检索文档翻译深度研究API 文档MCP 服务
关于我们
关于 Suppr公司介绍联系我们用户协议隐私条款
关注我们

Suppr 超能文献

核心技术专利:CN118964589B侵权必究
粤ICP备2023148730 号-1Suppr @ 2026

文献检索

告别复杂PubMed语法,用中文像聊天一样搜索,搜遍4000万医学文献。AI智能推荐,让科研检索更轻松。

立即免费搜索

文件翻译

保留排版,准确专业,支持PDF/Word/PPT等文件格式,支持 12+语言互译。

免费翻译文档

深度研究

AI帮你快速写综述,25分钟生成高质量综述,智能提取关键信息,辅助科研写作。

立即免费体验

在针对内部人员攻击的异常检测中维护防御者的声誉。

Maintaining defender's reputation in anomaly detection against insider attacks.

作者信息

Zhang Nan, Yu Wei, Fu Xinwen, Das Sajal K

机构信息

Department of Computer Science, George Washington University, Washington, DC 20052, USA.

出版信息

IEEE Trans Syst Man Cybern B Cybern. 2010 Jun;40(3):597-611. doi: 10.1109/TSMCB.2009.2033564. Epub 2009 Nov 24.

DOI:10.1109/TSMCB.2009.2033564
PMID:19933017
Abstract

We address issues related to establishing a defender's reputation in anomaly detection against two types of attackers: 1) smart insiders, who learn from historic attacks and adapt their strategies to avoid detection/punishment, and 2) naïve attackers, who blindly launch their attacks without knowledge of the history. In this paper, we propose two novel algorithms for reputation establishment--one for systems solely consisting of smart insiders and the other for systems in which both smart insiders and naïve attackers are present. The theoretical analysis and performance evaluation show that our reputation-establishment algorithms can significantly improve the performance of anomaly detection against insider attacks in terms of the tradeoff between detection and false positives.

摘要

我们探讨了在异常检测中针对两类攻击者建立防御者声誉的相关问题

1)聪明的内部人员,他们从历史攻击中学习并调整策略以避免被检测/惩罚;2)天真的攻击者,他们在不了解历史的情况下盲目发动攻击。在本文中,我们提出了两种用于建立声誉的新颖算法——一种用于仅由聪明的内部人员组成的系统,另一种用于同时存在聪明的内部人员和天真的攻击者的系统。理论分析和性能评估表明,我们的声誉建立算法在检测与误报之间的权衡方面,可以显著提高针对内部攻击的异常检测性能。

相似文献

1
Maintaining defender's reputation in anomaly detection against insider attacks.在针对内部人员攻击的异常检测中维护防御者的声誉。
IEEE Trans Syst Man Cybern B Cybern. 2010 Jun;40(3):597-611. doi: 10.1109/TSMCB.2009.2033564. Epub 2009 Nov 24.
2
Modeling arbitrary layers of continuous-level defenses in facing with strategic attackers.面对战略攻击者,对任意层次的连续防御进行建模。
Risk Anal. 2011 Apr;31(4):533-47. doi: 10.1111/j.1539-6924.2010.01531.x. Epub 2010 Nov 24.
3
An integrated pattern recognition approach for intrusion detection.一种用于入侵检测的集成模式识别方法。
Biomed Sci Instrum. 2002;38:447-52.
4
Cyber situation awareness: modeling detection of cyber attacks with instance-based learning theory.网络情境感知:基于实例学习理论的网络攻击检测建模。
Hum Factors. 2013 Jun;55(3):605-18. doi: 10.1177/0018720812464045.
5
Attack and flee: game-theory-based analysis on interactions among nodes in MANETs.攻击与逃避:基于博弈论的移动自组网节点间交互分析
IEEE Trans Syst Man Cybern B Cybern. 2010 Jun;40(3):612-22. doi: 10.1109/TSMCB.2009.2035929. Epub 2009 Dec 22.
6
AdaBoost-based algorithm for network intrusion detection.基于AdaBoost的网络入侵检测算法。
IEEE Trans Syst Man Cybern B Cybern. 2008 Apr;38(2):577-83. doi: 10.1109/TSMCB.2007.914695.
7
A novel method for strategy acquisition and its application to a double-auction market game.
IEEE Trans Syst Man Cybern B Cybern. 2010 Jun;40(3):668-74. doi: 10.1109/TSMCB.2009.2034731. Epub 2009 Nov 10.
8
Special issue on game theory.博弈论特刊。
IEEE Trans Syst Man Cybern B Cybern. 2010 Jun;40(3):554-8. doi: 10.1109/TSMCB.2010.2042108.
9
Modeling Adversaries in Counterterrorism Decisions Using Prospect Theory.运用前景理论对反恐决策中的对手进行建模。
Risk Anal. 2016 Apr;36(4):681-93. doi: 10.1111/risa.12254. Epub 2014 Jul 14.
10
Intrusion detection using rough set classification.基于粗糙集分类的入侵检测
J Zhejiang Univ Sci. 2004 Sep;5(9):1076-86. doi: 10.1631/jzus.2004.1076.

引用本文的文献

1
Tracking the Insider Attacker: A Blockchain Traceability System for Insider Threats.追踪内部威胁者:一种用于内部威胁的区块链可追溯性系统。
Sensors (Basel). 2020 Sep 16;20(18):5297. doi: 10.3390/s20185297.
2
Towards an Iterated Game Model with Multiple Adversaries in Smart-World Systems.迈向智能世界系统中具有多个对手的迭代博弈模型。
Sensors (Basel). 2018 Feb 24;18(2):674. doi: 10.3390/s18020674.