Title :
A Game Theoretic Approach to Optimize the Performance of Host-Based IDS
Author :
Liu, Shuai ; Zhang, Da Yong ; Chu, Xiao ; Otrok, Hadi ; Bhattacharya, Prabir
Author_Institution :
Concordia Inst. for Inf. Syst. Eng. (CIISE), Concordia Univ., Montreal, QC
Abstract :
A traditional host-based intrusion detection system (HIDS) has to continuously monitor thousands of objects on the host, regardless of whether or not there are any attacks and in what scenarios these attacks have been occurred. This leads to a huge consumption of system resources. In this paper, we put forward an approach that dynamically adjusts the objects a HIDS monitors according to the expected attack scenario. To achieve this goal, we formulate a repeated non-cooperative game between an attacker and a HIDS. The solution leads the HIDS to find the optimal number of objects that should be monitored and the corresponding monitored time. We study the case of multiple-step attack to gain more insight of the solution for this game model. Therefore, our model considers the tradeoff between the detection accuracy and the resource consumption. Analysis and simulation results prove that our approach can effectively decrease the resource consumption of the HIDS taking into consideration the detection accuracy.
Keywords :
game theory; security of data; HIDS; game theoretic approach; host-based intrusion detection system; multiple-step attack; resource consumption; Analytical models; Computer networks; Computerized monitoring; Game theory; Information systems; Intrusion detection; Mobile communication; Mobile computing; Probes; Systems engineering and theory; Game theory; Host-based Intrusion Detection Systems; resources consumption;
Conference_Titel :
Networking and Communications, 2008. WIMOB '08. IEEE International Conference on Wireless and Mobile Computing,
Conference_Location :
Avignon
Print_ISBN :
978-0-7695-3393-3
Electronic_ISBN :
978-0-7695-3393-3
DOI :
10.1109/WiMob.2008.20
