A Learning-Based Approach to Reactive Security

A Learning-Based Approach to Reactive Security

Despite the conventional wisdom that proactive security is superior to reactive security, we show that reactive security can be competitive with proactive security as long as the reactive defender learns from past attacks instead of myopically overreacting to the last attack. Our game-theoretic mode...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IEEE transactions on dependable and secure computing 2012-07, Vol.9 (4), p.482-493
Hauptverfasser: Barth, A., Rubinstein, B. I. P., Sundararajan, M., Mitchell, J. C., Song, D., Bartlett, P. L.
Format: Artikel
Sprache:eng
Schlagworte:
adversarial learning
Algorithms
Artificial intelligence
attack graphs
Computation
Credit cards
Game theory
Games
Incentives
Learning theory
Mathematical models
On-line systems
Online
online learning
Reactive security
Resource management
Risk management
Security
Security management
Servers
Strategy
Studies
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Despite the conventional wisdom that proactive security is superior to reactive security, we show that reactive security can be competitive with proactive security as long as the reactive defender learns from past attacks instead of myopically overreacting to the last attack. Our game-theoretic model follows common practice in the security literature by making worst case assumptions about the attacker: we grant the attacker complete knowledge of the defender's strategy and do not require the attacker to act rationally. In this model, we bound the competitive ratio between a reactive defense algorithm (which is inspired by online learning theory) and the best fixed proactive defense. Additionally, we show that, unlike proactive defenses, this reactive strategy is robust to a lack of information about the attacker's incentives and knowledge.
ISSN:1545-5971
1941-0018
DOI:10.1109/TDSC.2011.42