A Game Theoretic Approach to Decision and Analysis in Network Intrusion Detection

Tansu Alpcan, Tamer Başar

Research output: Contribution to journalConference articlepeer-review


We investigate the basic trade-offs, analysis and decision processes involved in information security and intrusion detection, as well as possible application of game theoretic concepts to develop a formal decision and control framework. A generic model of a distributed intrusion detection system (IDS) with a network of sensors is considered, and two schemes based on game theoretic techniques are proposed. The security warning system is simple and easy-to-implement, and it gives system administrators an intuitive overview of the security situation in the network. The security attack game, on the other hand, models and analyzes attacker and IDS behavior within a two-person, nonzero-sum, noncooperative game with dynamic information. Nash equilibrium solutions in closed form are obtained for specific subgames, and two illustrative examples are provided.

Original languageEnglish (US)
Pages (from-to)2595-2600
Number of pages6
JournalProceedings of the IEEE Conference on Decision and Control
StatePublished - 2003
Event42nd IEEE Conference on Decision and Control - Maui, HI, United States
Duration: Dec 9 2003Dec 12 2003

ASJC Scopus subject areas

  • Control and Systems Engineering
  • Modeling and Simulation
  • Control and Optimization


Dive into the research topics of 'A Game Theoretic Approach to Decision and Analysis in Network Intrusion Detection'. Together they form a unique fingerprint.

Cite this