Network security configurations: A nonzero-sum stochastic game approach

Quanyan Zhu, Hamidou Tembine, Tamer Başar

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

In this paper, we study a network security configuration problem. More specifically, we consider distributed intrusion detection systems in a network subject to possible simultaneous attacks launched by a number of attackers. We formulate an N + M-person nonzero-sum stochastic game to capture the interactions among detection systems in the network as well as their interactions against exogenous intruders. We show the existence of stationary Nash equilibrium of the game and a value iteration method to attain an ε-Nash equilibrium. Mimicking the concept of Shannon's capacity in information theory, we propose the notion of security capacity as the largest achievable payoff to an agent at an equilibrium to yield performance limits on the network security. Furthermore, we discuss a mathematical programming approach to characterize the equilibrium as well as the feasibility of a given security target.

Original languageEnglish (US)
Title of host publicationProceedings of the 2010 American Control Conference, ACC 2010
Pages1059-1064
Number of pages6
StatePublished - 2010
Event2010 American Control Conference, ACC 2010 - Baltimore, MD, United States
Duration: Jun 30 2010Jul 2 2010

Publication series

NameProceedings of the 2010 American Control Conference, ACC 2010

Other

Other2010 American Control Conference, ACC 2010
Country/TerritoryUnited States
CityBaltimore, MD
Period6/30/107/2/10

ASJC Scopus subject areas

  • Control and Systems Engineering

Fingerprint

Dive into the research topics of 'Network security configurations: A nonzero-sum stochastic game approach'. Together they form a unique fingerprint.

Cite this