Title :
NIS06-3: A Game Theoretic Approach to Detect Network Intrusions: The Cooperative Intruders Scenario
Author :
Mehrandish, M. ; Otrok, H. ; Debbabi, M. ; Assi, C. ; Bhattacharya, P.
Author_Institution :
Comput. Security Lab., Concordia Univ., Montreal, QC
fDate :
Nov. 27 2006-Dec. 1 2006
Abstract :
In this paper, we consider the problem of detecting intrusions initiated by cooperative malicious nodes in infrastructure-based networks. We achieve this objective by sampling a subset of the transmitted packets, between each intruder and the victim, over selected links or router interfaces. Here, the total sampling rate on all links must not exceed the sampling budget constraint. We build a game theoretic framework to model distributed network intrusions through multiple malicious nodes and a common victim node. To the best of our knowledge, there has not been any study for the case where the attack is distributed over cooperative intruders using game theory. Non-cooperative game theory is used to formally express the problem, where the two players are: (1) the intruders and (2) the intrusion detection system. Our game theoretic framework will guide the intruders to know their attack strategy and the IDS to have an optimal sampling strategy in order to detect these intrusion packets.
Keywords :
cooperative systems; game theory; security of data; telecommunication security; cooperative intruders scenario; cooperative malicious nodes; distributed network intrusions; game theory; infrastructure-based networks; intrusion detection system; Computer security; Constraint theory; Game theory; Information systems; Intrusion detection; Laboratories; Mathematical model; Proposals; Sampling methods; Systems engineering and theory;
Conference_Titel :
Global Telecommunications Conference, 2006. GLOBECOM '06. IEEE
Conference_Location :
San Francisco, CA
Print_ISBN :
1-4244-0356-1
Electronic_ISBN :
1930-529X
DOI :
10.1109/GLOCOM.2006.293
