Abstract
Effectiveness of discovery of strategy knowledge is studied for problems where the space of hypothesis of solutions is specified by game trees and target solutions are discovered by methods capable of systematic acquisition of expert knowledge about them. A version of Botvinnik’s Intermediate Goals At First algorithm is developed for strategy formation based on common knowledge planning and dynamic testing of the plans in the corresponding game tree. Applied to the intrusion protection problem the algorithm for a range of types of knowledge in form of goals and rules demonstrates strong tendency to increasing the efficiency of strategy formation with an increase in the amount of knowledge available to the system.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Astsatryan, H.V., Shoukourian, Y., Sahakyan, V.G.: The ArmCluster1 Project: Creation of High-Performance Computation Cluster and Databases in Armenia Proceedings of Conference. Computer Science and Information Technologies, 376–379 (2001)
Botvinnik, M.M.: About solving approximate problems, S. Radio, Moscow (1979) (Russian)
Botvinnik, M.M.: Computers in Chess: Solving Inexact Search Problems. In: Springer Series in Symbolic Computation, with Appendixes. Springer, New York (1984)
Botvinnik, M.M., Stilman, B., Yudin, A.D., Reznitskiy, A.I., Tsfasman, M.A.: Thinking of Man and Computer. In: Proc. of the Second International Meeting on Artificial Intelligence, Repino, Leningrad, Russia, October 1980, pp. 1–9 (1980)
Chi, S.-D., Park, J.-S., Jung, K.-C., Lee, J.-S.: Network security modeling and cyber attack simulation methodology. In: Varadharajan, V., Mu, Y. (eds.) ACISP 2001. LNCS, vol. 2119, p. 320. Springer, Heidelberg (2001)
Gorodetski, V.I., Kotenko, I.: Attacks against computer network: Formal grammar-based framework and simulation tool. In: Wespi, A., Vigna, G., Deri, L. (eds.) RAID 2002. LNCS, vol. 2516, pp. 219–238. Springer, Heidelberg (2002)
Gorodetski, V., Kotenko, I., Karsaev, O.: Framework for ontology-based representation of distributed knowledge in multiagent network security system. In: Proc. of the 4-th World Multi-conf. on Systems, Cybernetics and Informatics (SCI-2000), Orlando, USA, July 2000, vol. III, Virtual Engineering and Emergent Computing, pp. 52–58 (2000)
Kotenko, I., Alexeev, A., Man’kov, E.: Formal Framework for Modeling and Simulation of DDoS Attacks Based on Teamwork of Hackers-Agents. In: Proc. of 2003 IEEE/WIC Intern. Conf. on Intelligent Agent Technology, Halifax, Canada, October 13-16, pp. 507–510. IEEE Computer Society, Los Alamitos (2003)
Lindqvist, U., Porras, P.A.: Detecting Computer and Network Misuse with the Production-Based Expert System Toolset. In: IEEE Symp. Security and Privacy. IEEE CS Press, Los Alamitos (1999)
Lukacki, A.: Attack Detection, BXB-Petersburg, St. Petersburg (2001) (in Russian)
Miloslavskaya, N.G., Tolstoj, A.I.: Intranetwork: Intrusion Detection, Unity, Moscow (2001) (in Russian)
Ilgun, K., Kemmerer, R.A., Porras, P.A.: State Transition Analysis: A Rule-Based Intrusion Detection System. IEEE Trans. Software Eng. 21(3) (March 1995)
Paxson, V.: Bro: A System for Detecting Network Intruders in Real-Time. In: Proc. Seventh Usenix Security Symp., Usenix Assoc., Berkeley
Pogossian, E., Baghdasaryan, T.: Cutting Time of Strategy Search By Sequential Quatification of Management Plans. In: Proceedings of the CSIT2003, 4th International Conference in Computer Science and Information Technologies, Yerevan, pp. 8 (2003)
Pogossian, E.: Adaptation of Combinatorial Algorithms. Yerevan 293 (1983) (in Russian)
Pogossian, E., Javadyan, A.A.: Game Model And Effective Counteraction Strategies Against Network Intrusion. In: 4th International Conference in Computer Science and Information Technologies, CSIT 2003, Yerevan, p. 5 (2003)
Pogossian, E., Javadyan, A.A.: Game Model For Effective Counteraction Against Computer Attacks In Intrusion Detection Systems. In: NATO ASI 2003, Data Fusion for Situation Monitoring, Incident Detection, Alert and Response Management, Tsahkadzor, Armenia, August 19-30, p. 30 (2003)
Pogossian, E., Javadyan, A., Ivanyan, E.: Toward a Toolkit for Modeling Attacks and Evaluation Methods of Intrusion Protection. In: Annual Conference of the State Engineering University of Armenia, p. 5 (2004) (in Russian)
Pogossian, E.: Focusing Management Strategy Provision Simulation. In: Proceedings of the CSIT 2001, 3d International Conference in Computer Science and Information Technologies, Yerevan, p. 5 (2001)
Phillips, C., Swiler, L.: A Graph-Based System for Network-Vulnerability Analysis. In: New Security Paradigms Workshop In: Proceedings of the 1998 workshop on New security paradigm (1998)
Russell, S., Norvig, P.: Artificial Intelligence: A Modern Approach. Prentice-Hall, Englewood Cliffs (2002)
Sheyner, O., Jha, S., Haines, J., Lippmann, R., Wing, J.: Automated Generation and Analysis of Attack Graphs. In: Proceed. of the IEEE Symposium on Security and Privacy, Oakland (2002)
Sheyner, O., Wing, J.: Tools for Generating and Analyzing Attack Graphs. In: Proceed. of Formal Methods for Components and Objects. LNCS. Springer, Heidelberg (2005) (to appear)
Stilman, B.: Linguistic Geometry: From Search to Construction, p. 416. Kluwer Academic Publishers, Dordrecht (2000)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Pogossian, E., Javadyan, A., Ivanyan, E. (2005). Effective Discovery of Intrusion Protection Strategies. In: Gorodetsky, V., Liu, J., Skormin, V.A. (eds) Autonomous Intelligent Systems: Agents and Data Mining. AIS-ADM 2005. Lecture Notes in Computer Science(), vol 3505. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11492870_21
Download citation
DOI: https://doi.org/10.1007/11492870_21
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-26164-3
Online ISBN: 978-3-540-31932-0
eBook Packages: Computer ScienceComputer Science (R0)