A game theoretic approach to decision and analysis in network intrusion detection

Author

Alpcan, Tansu ; Basar, Tamer

Author_Institution

Coordinated Sci. Lab., Illinois Univ., Urbana, IL, USA

Volume

3

fYear

2003

fDate

9-12 Dec. 2003

Firstpage

2595

Abstract

We investigate the basic trade-offs, analysis and decision processes involved in information security and intrusion detection, as well as possible application of game theoretic concepts to develop a formal decision and control framework. A generic model of a distributed intrusion detection system (IDS) with a network of sensors is considered, and two schemes based on game theoretic techniques are proposed. The security warning system is simple and easy-to-implement, and it gives system administrators an intuitive overview of the security situation in the network. The security attack game, on the other hand, models and analyzes attacker and IDS behavior within a two-person, nonzero-sum, noncooperative game with dynamic information. Nash equilibrium solutions in closed form are obtained for specific subgames, and two illustrative examples are provided.

Keywords

control engineering computing; distributed control; distributed sensors; game theory; security of data; Nash equilibrium solutions; Shapely values; decision processes; game theoretic approach; information security; network intrusion detection; security warning system; sensors; Communication system control; Communication system security; Computer networks; Control systems; Game theory; Information analysis; Information security; Intelligent networks; Intrusion detection; Protection;

fLanguage

English

Publisher

ieee

Conference_Titel

Decision and Control, 2003. Proceedings. 42nd IEEE Conference on

ISSN

0191-2216

Print_ISBN

0-7803-7924-1

Type

conf

DOI

10.1109/CDC.2003.1273013

Filename

1273013