Towards effective defense against insider attacks: The establishment of defender's reputation

Nan Zhang, Wei Yu, Xinwen Fu, Sajal K. Das

Research output: Contribution to journalConference article

2 Scopus citations

Abstract

We address issues related to the establishment of defender's reputation in anomaly detection against insider attacks. We consider two types of attackers: smart insiders, which learn from historic attacks and adapt their strategies to avoid detection/punishment, and naïve attackers, which blindly launch their attacks. We introduce two novel reputation-establishment algorithms for systems with solely smart insiders and systems with both smart insiders and naïve attackers, respectively. Theoretical analysis and simulation results show that our reputation-establishment algorithms can significantly improve the performance of anomaly detection against insider attacks in terms of the tradeoff between detection and false positives.

Original languageEnglish (US)
Article number4724358
Pages (from-to)501-508
Number of pages8
JournalProceedings of the International Conference on Parallel and Distributed Systems - ICPADS
DOIs
StatePublished - Dec 1 2008
Event2008 14th IEEE International Conference on Parallel and Distributed Systems, ICPADS'08 - Melbourne, VIC, Australia
Duration: Dec 8 2008Dec 10 2008

All Science Journal Classification (ASJC) codes

  • Hardware and Architecture

Fingerprint Dive into the research topics of 'Towards effective defense against insider attacks: The establishment of defender's reputation'. Together they form a unique fingerprint.

  • Cite this