Advanced Persistent Threats Detection Game with Expert System for Cloud

Hu Qing; Lü Shichao; Shi Zhiqiang; Sun Limin; Xiao Liang

doi:10.7544/issn1000-1239.2017.20170433

Journal of Computer Research and Development > 2017 > 54(10): 2344-2355. > DOI: 10.7544/issn1000-1239.2017.20170433 CSTR: 32373.14.issn1000-1239.2017.20170433

Hu Qing, Lü Shichao, Shi Zhiqiang, Sun Limin, Xiao Liang. Advanced Persistent Threats Detection Game with Expert System for Cloud[J]. Journal of Computer Research and Development, 2017, 54(10): 2344-2355. DOI: 10.7544/issn1000-1239.2017.20170433

Citation:

PDF (4179 KB)

Advanced Persistent Threats Detection Game with Expert System for Cloud

¹(School of Cyber Security, University of Chinese Academy of Sciences, Beijing 100049)
²(Beijing Key Laboratory of IOT Information Security Technology (Institute of Information Engineering, Chinese Academy of Sciences), Beijing 100093)
³(Department of Communication Engineering, Xiamen University, Xiamen, Fujian 361005)

More Information

Published Date: September 30, 2017

Graphical Abstract

Abstract

Abstract

Cloud computing systems are under threaten of advanced persistent threats (APT). It is hard for an autonomous detector to discover APT attacks accurately. The expert system (ES)can help to reduce detection errors via double-checking suspicious behaviors. However, it takes an extended period of time for the ES to recheck, which may lead to a defense delay. Besides, the ES makes mistakes too. In this paper, we discuss the necessity of the ES to participate in APT detection and defense for a cloud computing system by game theory, based on the consideration of miss detection rates and false alarm rates of both the APT detector and the ES. The ES-based APT detection method is designed, and the ES-APT game between an APT attacker and a defender is formulated. We derive its Nash equilibrium and analyze how the ES enhances the security of the cloud computing system. Also, the dynamic game is studied, in case that the APT attack model is unknowable. We present a reinforcement learning scheme for the cloud computing system with ES to get the optimal strategy. Simulation results show that, with the knowledge of the ES, both the defenders utility and the cloud computing systems security are improved compared with benchmark schemes.
- advanced persistent threats (APT),
- cloud security,
- expert system (ES),
- game theory,
- reinforcement learning

FullText(HTML)

References (0)

[1]	Zhang Zhenyu, Jiang Yuan. Label Noise Robust Learning Algorithm in Environments Evolving Features[J]. Journal of Computer Research and Development, 2023, 60(8): 1740-1753. DOI: 10.7544/issn1000-1239.202330238
[2]	Liu Biao, Zhang Fangjiao, Wang Wenxin, Xie Kang, Zhang Jianyi. A Byzantine-Robust Federated Learning Algorithm Based on Matrix Mapping[J]. Journal of Computer Research and Development, 2021, 58(11): 2416-2429. DOI: 10.7544/issn1000-1239.2021.20210633
[3]	LiJin, YueKun, ZhangDehai, LiuWeiyi. Robust Influence Blocking Maximization in Social Networks[J]. Journal of Computer Research and Development, 2016, 53(3): 601-610. DOI: 10.7544/issn1000-1239.2016.20148341
[4]	Zhang Jing, Feng Lin. An Algorithm of Robust Online Extreme Learning Machine for Dynamic Imbalanced Datasets[J]. Journal of Computer Research and Development, 2015, 52(7): 1487-1498. DOI: 10.7544/issn1000-1239.2015.20140182
[5]	Qin Chuan, Chang Chin Chen, Guo Cheng. Perceptual Robust Image Hashing Scheme Based on Secret Sharing[J]. Journal of Computer Research and Development, 2012, 49(8): 1690-1698.
[6]	Fan Zhiqiang and Zhao Qinping. A Data-Clustering Based Robust SIFT Feature Matching Method[J]. Journal of Computer Research and Development, 2012, 49(5): 1123-1129.
[7]	Zhao Qiyang and Yin Baolin. On the Luminance Overflow in Spread Spectrum Robust Image Watermarking Schemes[J]. Journal of Computer Research and Development, 2009, 46(10): 1729-1736.
[8]	Wang Xiangyang, Hou Limin, Yang Hongying. A Robust Watermarking Scheme Based on Image Feature and PseudoZernike Moments[J]. Journal of Computer Research and Development, 2008, 45(5): 772-778.
[9]	Hu Yusuo and Chen Zonghai. A Novel Robust Estimation Algorithm Based on Linear EIV Model[J]. Journal of Computer Research and Development, 2006, 43(3): 483-488.
[10]	Liu Yi, Wang Yumin. A Robust Itinerary Protection Based on Mobile Agents[J]. Journal of Computer Research and Development, 2005, 42(12): 2106-2110.