TY - JOUR
T1 - GUIDEX
T2 - A game-theoretic incentive-based mechanism for intrusion detection networks
AU - Zhu, Quanyan
AU - Fung, Carol
AU - Boutaba, Raouf
AU - Basar, Tamer
N1 - Funding Information:
Manuscript received 15 December 2011; revised 1 June 2012. Research of the first and fourth authors was supported in part by Boeing Company and NSA through the Information Trust Institute of the University of Illinois. The work of the second and third authors was supported in part by the Natural Science and Engineering Council of Canada (NSERC) under its Discovery Program and by the World Class University (WCU) Program under the Korea Science and Engineering Foundation funded by the Ministry of Education, Science and Technology (Project No. R31-2008-000-10100-0).
PY - 2012
Y1 - 2012
N2 - Traditional intrusion detection systems (IDSs) work in isolation and can be easily compromised by unknown threats. An intrusion detection network (IDN) is a collaborative IDS network intended to overcome this weakness by allowing IDS peers to share detection knowledge and experience, and hence improve the overall accuracy of intrusion assessment. In this work, we design an IDN system, called GUIDEX, using game-theoretic modeling and trust management for peers to collaborate truthfully and actively. We first describe the system architecture and its individual components, and then establish a game-theoretic framework for the resource management component of GUIDEX. We establish the existence and uniqueness of a Nash equilibrium under which peers can communicate in a reciprocal incentive compatible manner. Based on the duality of the problem, we develop an iterative algorithm that converges geometrically to the equilibrium. Our numerical experiments and discrete event simulation demonstrate the convergence to the Nash equilibrium and the security features of GUIDEX against free riders, dishonest insiders and DoS attacks.
AB - Traditional intrusion detection systems (IDSs) work in isolation and can be easily compromised by unknown threats. An intrusion detection network (IDN) is a collaborative IDS network intended to overcome this weakness by allowing IDS peers to share detection knowledge and experience, and hence improve the overall accuracy of intrusion assessment. In this work, we design an IDN system, called GUIDEX, using game-theoretic modeling and trust management for peers to collaborate truthfully and actively. We first describe the system architecture and its individual components, and then establish a game-theoretic framework for the resource management component of GUIDEX. We establish the existence and uniqueness of a Nash equilibrium under which peers can communicate in a reciprocal incentive compatible manner. Based on the duality of the problem, we develop an iterative algorithm that converges geometrically to the equilibrium. Our numerical experiments and discrete event simulation demonstrate the convergence to the Nash equilibrium and the security features of GUIDEX against free riders, dishonest insiders and DoS attacks.
KW - Intrusion detection systems
KW - collaborative networks
KW - game theory
KW - incentive compatibility
KW - network optimization
KW - network security and economics
UR - http://www.scopus.com/inward/record.url?scp=84870268417&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84870268417&partnerID=8YFLogxK
U2 - 10.1109/JSAC.2012.121214
DO - 10.1109/JSAC.2012.121214
M3 - Article
AN - SCOPUS:84870268417
SN - 0733-8716
VL - 30
SP - 2220
EP - 2230
JO - IEEE Journal on Selected Areas in Communications
JF - IEEE Journal on Selected Areas in Communications
IS - 11
M1 - 6354280
ER -