Share Email Print

Proceedings Paper

A Markov game theoretic data fusion approach for cyber situational awareness
Author(s): Dan Shen; Genshe Chen; Jose B. Cruz Jr.; Leonard Haynes; Martin Kruger; Erik Blasch
Format Member Price Non-Member Price
PDF $17.00 $21.00

Paper Abstract

This paper proposes an innovative data-fusion/ data-mining game theoretic situation awareness and impact assessment approach for cyber network defense. Alerts generated by Intrusion Detection Sensors (IDSs) or Intrusion Prevention Sensors (IPSs) are fed into the data refinement (Level 0) and object assessment (L1) data fusion components. High-level situation/threat assessment (L2/L3) data fusion based on Markov game model and Hierarchical Entity Aggregation (HEA) are proposed to refine the primitive prediction generated by adaptive feature/pattern recognition and capture new unknown features. A Markov (Stochastic) game method is used to estimate the belief of each possible cyber attack pattern. Game theory captures the nature of cyber conflicts: determination of the attacking-force strategies is tightly coupled to determination of the defense-force strategies and vice versa. Also, Markov game theory deals with uncertainty and incompleteness of available information. A software tool is developed to demonstrate the performance of the high level information fusion for cyber network defense situation and a simulation example shows the enhanced understating of cyber-network defense.

Paper Details

Date Published: 9 April 2007
PDF: 12 pages
Proc. SPIE 6571, Multisensor, Multisource Information Fusion: Architectures, Algorithms, and Applications 2007, 65710F (9 April 2007); doi: 10.1117/12.720090
Show Author Affiliations
Dan Shen, Intelligent Automation, Inc. (United States)
Genshe Chen, Intelligent Automation, Inc. (United States)
Jose B. Cruz Jr., Ohio State Univ. (United States)
Leonard Haynes, Intelligent Automation, Inc. (United States)
Martin Kruger, Office of Naval Research (United States)
Erik Blasch, Air Force Research Lab. (United States)

Published in SPIE Proceedings Vol. 6571:
Multisensor, Multisource Information Fusion: Architectures, Algorithms, and Applications 2007
Belur V. Dasarathy, Editor(s)

© SPIE. Terms of Use
Back to Top