Proactive Intrusion Detection

Liebald, Benjamin; Roth, Dan; Shah, Neelay; Srikumar, Vivek

Proactive Intrusion Detection

Benjamin Liebald, Dan Roth, Neelay Shah, Vivek Srikumar

AAAI 2008 pp. 772-777

/aaai/2008/liebald2008aaai-proactive/

Abstract

Machine learning systems are deployed in many adversarial conditions like intrusion detection, where a classifier has to decide whether a sequence of actions come from a legitimate user or not. However, the attacker, being an adversarial agent, could reverse engineer the classifier and successfully masquerade as a legitimate user. In this paper, we propose the notion of a Proactive Intrusion Detection System (IDS) that can counter such attacks by incorporating feedback into the process. A proactive IDS influences the user's actions and observes them in different situations to decide whether the user is an intruder. We present a formal analysis of proactive intrusion detection and extend the adversarial relationship between the IDS and the attacker to present a game theoretic analysis. Finally, we present experimental results on real and synthetic data that confirm the predictions of the analysis.

PDF AAAI Semantic Scholar

Cite

Text

Liebald et al. "Proactive Intrusion Detection." AAAI Conference on Artificial Intelligence, 2008.

Markdown

[Liebald et al. "Proactive Intrusion Detection." AAAI Conference on Artificial Intelligence, 2008.](https://mlanthology.org/aaai/2008/liebald2008aaai-proactive/)

BibTeX

@inproceedings{liebald2008aaai-proactive,
  title     = {{Proactive Intrusion Detection}},
  author    = {Liebald, Benjamin and Roth, Dan and Shah, Neelay and Srikumar, Vivek},
  booktitle = {AAAI Conference on Artificial Intelligence},
  year      = {2008},
  pages     = {772-777},
  url       = {https://mlanthology.org/aaai/2008/liebald2008aaai-proactive/}
}