Keeping Intruders at Large - A Graph-theoretic Approach to Reducing the Probability of Successful Network Intrusions

Paulo Shakarian; Damon Paulo; Massimiliano Albanese; Sushil Jajodia

doi:10.5220/0005013800190030

Keeping Intruders at Large - A Graph-theoretic Approach to Reducing the Probability of Successful Network Intrusions

Paulo Shakarian, Damon Paulo, Massimiliano Albanese, Sushil Jajodia

2014

Abstract

It is well known that not all intrusions can be prevented and additional lines of defense are needed to deal with intruders. However, most current approaches use honeynets relying on the assumption that simply attracting intruders into honeypots would thwart the attack. In this paper, we propose a different and more realistic approach, which aims at delaying intrusions, so as to control the probability that an intruder will reach a certain goal within a specified amount of time. Our method relies on analyzing a graphical representation of the computer network’s logical layout and an associated probabilistic model of the adversary’s behavior. We then artificially modify this representation by adding “distraction clusters” – collections of interconnected virtual machines – at key points of the network in order to increase complexity for the intruders and delay the intrusion. We study this problem formally, showing it to be NP-hard and then provide an approximation algo- rithm that exhibits several useful properties. Finally, we present experimental results obtained on a prototypal implementation of the proposed framework.

Download

Paper Citation

in Harvard Style

Shakarian P., Paulo D., Albanese M. and Jajodia S. (2014). Keeping Intruders at Large - A Graph-theoretic Approach to Reducing the Probability of Successful Network Intrusions . In Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014) ISBN 978-989-758-045-1, pages 19-30. DOI: 10.5220/0005013800190030

in Bibtex Style

@conference{secrypt14,
author={Paulo Shakarian and Damon Paulo and Massimiliano Albanese and Sushil Jajodia},
title={Keeping Intruders at Large - A Graph-theoretic Approach to Reducing the Probability of Successful Network Intrusions},
booktitle={Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014)},
year={2014},
pages={19-30},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005013800190030},
isbn={978-989-758-045-1},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 11th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2014)
TI - Keeping Intruders at Large - A Graph-theoretic Approach to Reducing the Probability of Successful Network Intrusions
SN - 978-989-758-045-1
AU - Shakarian P.
AU - Paulo D.
AU - Albanese M.
AU - Jajodia S.
PY - 2014
SP - 19
EP - 30
DO - 10.5220/0005013800190030