Journal article
A Learning-based approach to reactive security
A Barth, BIP Rubinstein, M Sundararajan, JC Mitchell, D Song, PL Bartlett
IEEE Transactions on Dependable and Secure Computing | Published : 2012
DOI: 10.1109/TDSC.2011.42
Abstract
Despite the conventional wisdom that proactive security is superior to reactive security, we show that reactive security can be competitive with proactive security as long as the reactive defender learns from past attacks instead of myopically overreacting to the last attack. Our game-theoretic model follows common practice in the security literature by making worst case assumptions about the attacker: we grant the attacker complete knowledge of the defender's strategy and do not require the attacker to act rationally. In this model, we bound the competitive ratio between a reactive defense algorithm (which is inspired by online learning theory) and the best fixed proactive defense. Addition..
View full abstractGrants
Awarded by US National Science Foundations (NSF) through the TRUST Science and Technology Center
Awarded by Division Of Computer and Network Systems; Direct For Computer & Info Scie & Enginr
Funding Acknowledgements
The authors would like to thank Elie Bursztein, Eu-Jin Goh, and Matt Finifter for their thoughtful comments and helpful feedback. We gratefully acknowledge the support of the US National Science Foundations (NSF) through the TRUST Science and Technology Center and grants DMS-0707060, CCF-0424422, 0311808, 0448452, and 0627511, and the support of the AFOSR through the MURI Program, and the support of the Siebel Scholars Foundation.