Abstract
In this paper we focused on proving that the linear programming model to detect new user to root (U2R) attacks cited in Beghdad R (Comput Commun 32:1104–1110, 2009 [1]), can be also modeled using games theory (GT). To do that, we will transform the whole linear model Beghdad R (Comput Commun 32:1104–1110, 2009 [1]) to a game theory model, and we will use the KDD99 (http://www.kdd.ics.uci.edu/databases/kddcup99/kddcup99.html, [2]) dataset to prove that we will obtain the same detection rates (DRs). In Beghdad R (Comput Commun 32:1104–1110, 2009 [1]), the author formulated the problem of intrusion detection as a linear programming system (LPS) to test if an unknown behavior is close enough to a known behavior (attack or normal) such as we can conclude that it belongs to its class. Simulations results show that we obtained exactly the same results as those cited in Beghdad R (Comput Commun 32:1104–1110, 2009 [1]), and that our approach outperforms a set of recent approaches focusing on U2R attacks detection.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Beghdad, R.: Efficient deterministic method for detecting new U2R attacks. Comput. Commun. 32(6), 1104–1110 (2009)
KDD Data Set: Available from http://www.kdd.ics.uci.edu/databases/kddcup99/kddcup99.html (1999)
Lee, J.H., Lee, J.H., Sohn, S.G., Ryu, J.H., Chung, T.M.: Effective value of decision tree with KDD 99 intrusion detection datasets for intrusion detection system. In: 10th IEEE International Conference in Advanced Communication Technology, 2008. ICACT 2008, vol. 2, pp. 1170–1175 (2008)
Kukiełka P, Kotulski Z: Analysis of neural networks usage for detection of a new attack in IDS. In: Annales UMCS, Informatica, vol. 10(1), pp. 51–59. Versita, Warsaw (2010)
Goel, R., Sardana, A., Joshi, R.C.: Parallel misuse and anomaly detection model. Int. J. Netw. Secur. 14(4), 211–222 (2012)
Horng, S.J., Su, M.Y., Chen, Y.H., Kao, T.W., Chen, R.J., Lai, J.L., Perkasa, C.D.: A novel intrusion detection system based on hierarchical clustering and support vector machines. Expert Syst. Appl. 38(1), 306–313 (2011)
Feng, W., Zhang, Q., Hu, G., et al.: Mining network data for intrusion detection through combining SVMs with ant colony networks. Future Gener. Comput. Syst. 37, 127–140 (2013)
Agravat, D., Vaishnav, U., Swadas, P.B.: Modified ant miner for intrusion detection. In: 2010 Second International Conference on Machine Learning and Computing (ICMLC), pp. 228–232. IEEE, (2010)
Kemiche, M., Beghdad, R.: CAC-UA: a communicating ant for clustering to detect unknown attacks. IEEE (SAI) 2014, pp. 515-522. London, UK, (2014)
Jamdagni, A., Tan, Z., He, X., Nanda, P., Liu, R.P. RePIDS: A multi tier real-time payload-based intrusion detection system. Comput. Netw. (2013)
Shen, D., Chen, G., Cruz, Jr, J.B., Blasch, E., Kruger, M.: RI game theoretic solutions to cyber attack and network defense problems. In: The Proceedings of the Twelfth International Command and Control Research and Technology Symposium (12th ICCRTS), Newport (2007)
Shen, D., Chen, G., Cruz, Jr, J.B., et al.: Game theoretic approach to threat intent prediction. In: Proceedings of the Command and Control Research and Technology Symposium CCRTS 2006. San Diego, (2006)
Fallah, M.S.: A puzzle-based defense strategy against flooding attacks using game theory. IEEE Trans. Dependable Secure Comput. Arch. 7(1), 5–19 (2010)
Narasimhan, H., Varadarajan, V., Rangan, C.P.: Game theoretic resistance to denial of service attacks using hidden difficulty puzzles. Information Security, Practice and Experience, Lecture Notes in Computer Science, vol. 6047, pp. 359–376. Springer, Berlin (2010)
Smith, J.: Denial of service: prevention, modelling and detection. Ph.D. thesis, Queens land University of Technology, Brisbane, QLD 4001 Australia (2007)
Beghdad, R.: Critical study of supervised learning techniques in predicting attacks. Inf. Sec. J. Global Perspect. 19(1), 22–35 (2010)
Revathi, S., Malathi, A.: Detecting user-to-root (U2R) attacks based on various machine learning techniques. Int. J. Adv. Res. Comput. Commun. Eng. 3(4), 6322–6324 (2014)
Rajeswari, L.P., Kannan, A., Baskaran, R.: An escalated approach to ant colony clustering algorithm for intrusion detection system. Distributed Computing and Networking. Lecture Notes in Computer Science, vol. 4904, pp. 393–400. Springer, Berlin (2008)
Cormen, T.H., Leiserson, C.E., Rivest, R.L., Stein, C.: Introduction to Algorithms (2 ed.) MIT Press and McGraw-Hill, ISBN 0-262-03293-7. Section 29.3: The simplex algorithm, pp. 790–804 (2001)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Kemiche, M., Beghdad, R. (2015). Towards Using Games Theory to Detect New U2R Attacks. In: Arai, K., Kapoor, S., Bhatia, R. (eds) Intelligent Systems in Science and Information 2014. SAI 2014. Studies in Computational Intelligence, vol 591. Springer, Cham. https://doi.org/10.1007/978-3-319-14654-6_22
Download citation
DOI: https://doi.org/10.1007/978-3-319-14654-6_22
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-14653-9
Online ISBN: 978-3-319-14654-6
eBook Packages: EngineeringEngineering (R0)