A Markov game theoretic data fusion approach for cyber situational awareness

Dan Shen, Genshe Chen, Jose B. Cruz, Jr., Leonard Haynes, Martin Kruger, Erik Blasch, Belur V. Dasarathy
<span title="2007-04-09">2007</span> <i title="SPIE"> Multisensor, Multisource Information Fusion: Architectures, Algorithms, and Applications 2007 </i> &nbsp;
This paper proposes an innovative data-fusion/ data-mining game theoretic situation awareness and impact assessment approach for cyber network defense. Alerts generated by Intrusion Detection Sensors (IDSs) or Intrusion Prevention Sensors (IPSs) are fed into the data refinement (Level 0) and object assessment (L1) data fusion components. High-level situation/threat assessment (L2/L3) data fusion based on Markov game model and Hierarchical Entity Aggregation (HEA) are proposed to refine the
more &raquo; ... tive prediction generated by adaptive feature/pattern recognition and capture new unknown features. A Markov (Stochastic) game method is used to estimate the belief of each possible cyber attack pattern. Game theory captures the nature of cyber conflicts: determination of the attacking-force strategies is tightly coupled to determination of the defense-force strategies and vice versa. Also, Markov game theory deals with uncertainty and incompleteness of available information. A software tool is developed to demonstrate the performance of the high level information fusion for cyber network defense situation and a simulation example shows the enhanced understating of cyber-network defense.
<span class="external-identifiers"> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1117/12.720090">doi:10.1117/12.720090</a> <a target="_blank" rel="external noopener" href="https://fatcat.wiki/release/hr3peq5hozgg7gg3nphllt3vn4">fatcat:hr3peq5hozgg7gg3nphllt3vn4</a> </span>
<a target="_blank" rel="noopener" href="https://web.archive.org/web/20090625175221/http://www.ece.osu.edu/~cruz/Papers/C135-1123146A-62B3-D9B8-9C38E63A54054203-1.pdf" title="fulltext PDF download" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext"> <button class="ui simple right pointing dropdown compact black labeled icon button serp-button"> <i class="icon ia-icon"></i> Web Archive [PDF] <div class="menu fulltext-thumbnail"> <img src="https://blobs.fatcat.wiki/thumbnail/pdf/f1/4e/f14e73aeaa74bc3c70b2c8fb883485357ec9830e.180px.jpg" alt="fulltext thumbnail" loading="lazy"> </div> </button> </a> <a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1117/12.720090"> <button class="ui left aligned compact blue labeled icon button serp-button"> <i class="external alternate icon"></i> Publisher / doi.org </button> </a>