Evasion-Aware Neyman-Pearson Detectors: A Game-Theoretic Approach

Yinan Hu, Quanyan Zhu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Network security relies heavily on the detection of adversarial behaviors. Traditional detection methods, such as anomaly detection and signature detection, are inadequate for detecting increasingly intelligent, deceptive, and stealthy attacks. They are designed to be capable of evading well-known detection strategies strategically. This work aims to develop an evasion-aware detection theory to counteract such adversaries. We focus on extending a fundamental class of Neyman-Pearson (NP) hypothesis testing techniques, which have been widely used for anomaly detection and intrusion detection problems in network security. We propose game-theoretic models to capture evasion-aware NP detectors. By analyzing both the equilibrium behaviors of the attacker and the NP detector, we characterize their performance using Equilibrium Receiver-Operational-Characteristic (EROC) curves. We show that the evasion-aware NP detectors outperform the passive ones in the way that the former can act strategically against the attacker's behavior and adaptively modify their decision rules based on the received messages. We use a case study of anomaly detection to corroborate the analytical results. This work creates a theoretical underpinning for building next-generation evasion-aware detection systems that can better cope with ever-developing cyber attacks.

Original languageEnglish (US)
Title of host publication2022 IEEE 61st Conference on Decision and Control, CDC 2022
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages6111-6117
Number of pages7
ISBN (Electronic)9781665467612
DOIs
StatePublished - 2022
Event61st IEEE Conference on Decision and Control, CDC 2022 - Cancun, Mexico
Duration: Dec 6 2022Dec 9 2022

Publication series

NameProceedings of the IEEE Conference on Decision and Control
Volume2022-December
ISSN (Print)0743-1546
ISSN (Electronic)2576-2370

Conference

Conference61st IEEE Conference on Decision and Control, CDC 2022
Country/TerritoryMexico
CityCancun
Period12/6/2212/9/22

ASJC Scopus subject areas

  • Control and Systems Engineering
  • Modeling and Simulation
  • Control and Optimization

Fingerprint

Dive into the research topics of 'Evasion-Aware Neyman-Pearson Detectors: A Game-Theoretic Approach'. Together they form a unique fingerprint.

Cite this