. "2011-05-10+02:00"^^ . . "3"^^ . "Reh\u00E1k, Martin" . "Grill, Martin" . "3"^^ . . . . "Stiborek, Jan" . . "Brno" . "[674C9C028178]" . . . "Brno" . . . . "21230" . . . . "Strategic self-organization methods for intrusion detection systems" . . "RIV/68407700:21230/11:00181836!RIV12-MSM-21230___" . "13"^^ . "Strategic self-organization methods for intrusion detection systems" . "Strategic self-organization methods for intrusion detection systems"@en . "We present a self-adaptation mechanism for Network Intrusion Detection System which uses a game-theoretical mechanism to increase system robustness against targeted attacks on IDS adaptation. We model the adaptation process as a strategy selection in sequence of single stage, two player games. The key innovation of our approach is a secure runtime game definition and numerical solution and real-time use of game solutions for dynamic system reconfiguration. Our approach is suited for realistic environments where we typically lack any ground truth information regarding traffic legitimacy/maliciousness and where the significant portion of system inputs may be shaped by the attacker in order to render the system ineffective. Therefore, we rely on the concept of challenge insertion: we inject a small sample of simulated attacks into the unknown traffic and use the system response to these attacks to define the game structure and utility functions." . "Strategic self-organization methods for intrusion detection systems"@en . "RIV/68407700:21230/11:00181836" . . "232486" . . "978-80-7231-777-6" . . . "Proceedings of the Congerence Security and Protection of Information 2011" . "We present a self-adaptation mechanism for Network Intrusion Detection System which uses a game-theoretical mechanism to increase system robustness against targeted attacks on IDS adaptation. We model the adaptation process as a strategy selection in sequence of single stage, two player games. The key innovation of our approach is a secure runtime game definition and numerical solution and real-time use of game solutions for dynamic system reconfiguration. Our approach is suited for realistic environments where we typically lack any ground truth information regarding traffic legitimacy/maliciousness and where the significant portion of system inputs may be shaped by the attacker in order to render the system ineffective. Therefore, we rely on the concept of challenge insertion: we inject a small sample of simulated attacks into the unknown traffic and use the system response to these attacks to define the game structure and utility functions."@en . . . "P(ME10051), P(MEB111008), S" . "adaptation; game theory; security; intrusion detection"@en . . "Univerzita obrany" .