TY - GEN
T1 - A game-theoretic approach to rule sharing mechanism in networked intrusion detection systems
T2 - 2011 50th IEEE Conference on Decision and Control and European Control Conference, CDC-ECC 2011
AU - Zhu, Quanyan
AU - Fung, Carol
AU - Boutaba, Raouf
AU - Basar, Tamer
PY - 2011
Y1 - 2011
N2 - Collaboration among IDSs allows users to benefit from the collective knowledge and information from their collaborators and achieve more accurate intrusion detection. However, most existing collaborative intrusion detection networks rely on the exchange of intrusion data which raises the privacy concern of participants. To overcome this problem, we propose a knowledge-based intrusion detection network, which provides a platform for IDS users to effectively share their customized detection knowledge in an IDS community. An automatic knowledge propagation mechanism is proposed based on a decentralized two-level optimization problem formulation, leading to a Nash equilibrium solution which is shown to be scalable, incentive compatible, fair, efficient and robust.
AB - Collaboration among IDSs allows users to benefit from the collective knowledge and information from their collaborators and achieve more accurate intrusion detection. However, most existing collaborative intrusion detection networks rely on the exchange of intrusion data which raises the privacy concern of participants. To overcome this problem, we propose a knowledge-based intrusion detection network, which provides a platform for IDS users to effectively share their customized detection knowledge in an IDS community. An automatic knowledge propagation mechanism is proposed based on a decentralized two-level optimization problem formulation, leading to a Nash equilibrium solution which is shown to be scalable, incentive compatible, fair, efficient and robust.
UR - http://www.scopus.com/inward/record.url?scp=84860689718&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84860689718&partnerID=8YFLogxK
U2 - 10.1109/CDC.2011.6161171
DO - 10.1109/CDC.2011.6161171
M3 - Conference contribution
AN - SCOPUS:84860689718
SN - 9781612848006
T3 - Proceedings of the IEEE Conference on Decision and Control
SP - 243
EP - 248
BT - 2011 50th IEEE Conference on Decision and Control and European Control Conference, CDC-ECC 2011
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 12 December 2011 through 15 December 2011
ER -