A Moderate to Robust Game Theoretical Model for Intrusion Detection in MANETs

One popular solution for reducing the resource consumption of intrusion detection system (IDS) in MANET is to elect a head-cluster (leader) to provide intrusion detection service to other nodes in the same cluster. However, such a moderate mode is only suitable when the probability of attack is low. Once the probability of attack is high, victim nodes should launch their own IDSs to detect and thwart intrusions. Such a robust mode is, however, costly with respect to energy and leads nodes to die faster. Clearly, to reduce the resource consumption of IDSs and yet keep its effectiveness, a critical issue is: when should we shift from moderate to robust mode? In this paper, we formalize this issue as a nonzero-sum noncooperative game theoretical model that takes into consideration the tradeoff between security and IDS resource consumption. The game solution will guide the leader-IDS to find the right moment for notifying the victim node to launch its IDS once the security risk is high enough. To achieve this goal, the Bayesian game theory is used to analyze the interaction between the leader-IDS and intruder with incomplete information about the intruder. By solving such a game, we are able to find the threshold value for notifying the victim node to launch its IDS once the probability of attack exceeds that value. Simulation results show that our scheme can effectively reduce the IDS resource consumption without sacrificing security.