A Game Theoretic Approach to Decision and Analysis in Network Intrusion Detection

Tansu Alpcan, M Tamer Basar

Research output: Contribution to journalConference article

Abstract

We investigate the basic trade-offs, analysis and decision processes involved in information security and intrusion detection, as well as possible application of game theoretic concepts to develop a formal decision and control framework. A generic model of a distributed intrusion detection system (IDS) with a network of sensors is considered, and two schemes based on game theoretic techniques are proposed. The security warning system is simple and easy-to-implement, and it gives system administrators an intuitive overview of the security situation in the network. The security attack game, on the other hand, models and analyzes attacker and IDS behavior within a two-person, nonzero-sum, noncooperative game with dynamic information. Nash equilibrium solutions in closed form are obtained for specific subgames, and two illustrative examples are provided.

Original languageEnglish (US)
Pages (from-to)2595-2600
Number of pages6
JournalProceedings of the IEEE Conference on Decision and Control
Volume3
StatePublished - Dec 1 2003
Event42nd IEEE Conference on Decision and Control - Maui, HI, United States
Duration: Dec 9 2003Dec 12 2003

Fingerprint

Network Intrusion Detection
Intrusion detection
Intrusion Detection
Game
Alarm systems
Security of data
Non-cooperative Game
Information Security
Equilibrium Solution
Nash Equilibrium
Intuitive
Person
Closed-form
Trade-offs
Sensors
Attack
Sensor
Model

ASJC Scopus subject areas

  • Control and Systems Engineering
  • Modeling and Simulation
  • Control and Optimization

Cite this

A Game Theoretic Approach to Decision and Analysis in Network Intrusion Detection. / Alpcan, Tansu; Basar, M Tamer.

In: Proceedings of the IEEE Conference on Decision and Control, Vol. 3, 01.12.2003, p. 2595-2600.

Research output: Contribution to journalConference article

@article{85bd2a46c6bb4f1ba37fda03ad314049,
title = "A Game Theoretic Approach to Decision and Analysis in Network Intrusion Detection",
abstract = "We investigate the basic trade-offs, analysis and decision processes involved in information security and intrusion detection, as well as possible application of game theoretic concepts to develop a formal decision and control framework. A generic model of a distributed intrusion detection system (IDS) with a network of sensors is considered, and two schemes based on game theoretic techniques are proposed. The security warning system is simple and easy-to-implement, and it gives system administrators an intuitive overview of the security situation in the network. The security attack game, on the other hand, models and analyzes attacker and IDS behavior within a two-person, nonzero-sum, noncooperative game with dynamic information. Nash equilibrium solutions in closed form are obtained for specific subgames, and two illustrative examples are provided.",
author = "Tansu Alpcan and Basar, {M Tamer}",
year = "2003",
month = "12",
day = "1",
language = "English (US)",
volume = "3",
pages = "2595--2600",
journal = "Proceedings of the IEEE Conference on Decision and Control",
issn = "0191-2216",
publisher = "Institute of Electrical and Electronics Engineers Inc.",

}

TY - JOUR

T1 - A Game Theoretic Approach to Decision and Analysis in Network Intrusion Detection

AU - Alpcan, Tansu

AU - Basar, M Tamer

PY - 2003/12/1

Y1 - 2003/12/1

N2 - We investigate the basic trade-offs, analysis and decision processes involved in information security and intrusion detection, as well as possible application of game theoretic concepts to develop a formal decision and control framework. A generic model of a distributed intrusion detection system (IDS) with a network of sensors is considered, and two schemes based on game theoretic techniques are proposed. The security warning system is simple and easy-to-implement, and it gives system administrators an intuitive overview of the security situation in the network. The security attack game, on the other hand, models and analyzes attacker and IDS behavior within a two-person, nonzero-sum, noncooperative game with dynamic information. Nash equilibrium solutions in closed form are obtained for specific subgames, and two illustrative examples are provided.

AB - We investigate the basic trade-offs, analysis and decision processes involved in information security and intrusion detection, as well as possible application of game theoretic concepts to develop a formal decision and control framework. A generic model of a distributed intrusion detection system (IDS) with a network of sensors is considered, and two schemes based on game theoretic techniques are proposed. The security warning system is simple and easy-to-implement, and it gives system administrators an intuitive overview of the security situation in the network. The security attack game, on the other hand, models and analyzes attacker and IDS behavior within a two-person, nonzero-sum, noncooperative game with dynamic information. Nash equilibrium solutions in closed form are obtained for specific subgames, and two illustrative examples are provided.

UR - http://www.scopus.com/inward/record.url?scp=1542288809&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=1542288809&partnerID=8YFLogxK

M3 - Conference article

AN - SCOPUS:1542288809

VL - 3

SP - 2595

EP - 2600

JO - Proceedings of the IEEE Conference on Decision and Control

JF - Proceedings of the IEEE Conference on Decision and Control

SN - 0191-2216

ER -