Effective Network Defense Strategies against Malicious Attacks with Various Defense Mechanisms under Quality of Service Constraints

How to apply timely and effective defense strategies against attackers while maximizing system survivability is a critical issue for a defender. This paper mathematically models attack and defense scenarios, using various defensive mechanisms during both the planning and defending stages and under quality of service constraints. This model incorporates high degrees of randomness, as attackers are assumed to have incomplete information. Given such non-deterministic problems, this paper identifies the appropriate time for applying defense in depth or resource concentration strategy.

[1]  Fred Cohen Feature: Managing network security: Attack and defence strategies , 1999 .

[2]  Arun K. Sood,et al.  Incorruptible system self-cleansing for intrusion tolerance , 2006, 2006 IEEE International Performance Computing and Communications Conference.

[3]  Persi Diaconis,et al.  A Sequential Importance Sampling Algorithm for Generating Random Graphs with Prescribed Degrees , 2011, Internet Math..

[4]  Ross J. Anderson,et al.  Dynamic Topologies for Robust Scale-Free Networks , 2008, BIOWIRE.

[5]  Arun K. Sood,et al.  Closing cluster attack windows through server redundancy and rotations , 2006 .

[6]  J. Hirshleifer Conflict and rent-seeking success functions: Ratio vs. difference models of relative success , 1989 .

[7]  Vernon L. Smith,et al.  THE PARADOX OF POWER , 1991 .

[8]  Brian D. Noble,et al.  When Virtual Is Better Than Real , 2001 .

[9]  Brian D. Noble,et al.  When virtual is better than real [operating system relocation to virtual machines] , 2001, Proceedings Eighth Workshop on Hot Topics in Operating Systems.

[10]  H. Raghav Rao,et al.  Security protection design for deception and real system regimes: A model and analysis , 2010, Eur. J. Oper. Res..

[11]  Gregory Levitin,et al.  Protection vs. false targets in series systems , 2009, Reliab. Eng. Syst. Saf..

[12]  S. Skaperdas Contest success functions , 1996 .

[13]  Henry E. Schaffer,et al.  X as a Service, Cloud Computing, and the Need for Good Judgment , 2009, IT Prof..

[14]  Nancy R. Mead,et al.  Survivable Network Systems: An Emerging Discipline , 1997 .

[15]  Gregory Levitin,et al.  False targets efficiency in defense strategy , 2009, Eur. J. Oper. Res..