A game-theoretic approach to rule sharing mechanism in networked intrusion detection systems: Robustness, incentives and security

Quanyan Zhu, Carol Fung, Raouf Boutaba, Tamer Basar

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Collaboration among IDSs allows users to benefit from the collective knowledge and information from their collaborators and achieve more accurate intrusion detection. However, most existing collaborative intrusion detection networks rely on the exchange of intrusion data which raises the privacy concern of participants. To overcome this problem, we propose a knowledge-based intrusion detection network, which provides a platform for IDS users to effectively share their customized detection knowledge in an IDS community. An automatic knowledge propagation mechanism is proposed based on a decentralized two-level optimization problem formulation, leading to a Nash equilibrium solution which is shown to be scalable, incentive compatible, fair, efficient and robust.

Original languageEnglish (US)
Title of host publication2011 50th IEEE Conference on Decision and Control and European Control Conference, CDC-ECC 2011
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages243-248
Number of pages6
ISBN (Print)9781612848006
DOIs
StatePublished - 2011
Event2011 50th IEEE Conference on Decision and Control and European Control Conference, CDC-ECC 2011 - Orlando, FL, United States
Duration: Dec 12 2011Dec 15 2011

Publication series

NameProceedings of the IEEE Conference on Decision and Control
ISSN (Print)0743-1546
ISSN (Electronic)2576-2370

Other

Other2011 50th IEEE Conference on Decision and Control and European Control Conference, CDC-ECC 2011
Country/TerritoryUnited States
CityOrlando, FL
Period12/12/1112/15/11

ASJC Scopus subject areas

  • Control and Systems Engineering
  • Modeling and Simulation
  • Control and Optimization

Fingerprint

Dive into the research topics of 'A game-theoretic approach to rule sharing mechanism in networked intrusion detection systems: Robustness, incentives and security'. Together they form a unique fingerprint.

Cite this