A game-theoretic approach to rule sharing mechanism in networked intrusion detection systems

Robustness, incentives and security

Quanyan Zhu, Carol Fung, Raouf Boutaba, Tamer Basar

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Collaboration among IDSs allows users to benefit from the collective knowledge and information from their collaborators and achieve more accurate intrusion detection. However, most existing collaborative intrusion detection networks rely on the exchange of intrusion data which raises the privacy concern of participants. To overcome this problem, we propose a knowledge-based intrusion detection network, which provides a platform for IDS users to effectively share their customized detection knowledge in an IDS community. An automatic knowledge propagation mechanism is proposed based on a decentralized two-level optimization problem formulation, leading to a Nash equilibrium solution which is shown to be scalable, incentive compatible, fair, efficient and robust.

Original languageEnglish (US)
Title of host publication2011 50th IEEE Conference on Decision and Control and European Control Conference, CDC-ECC 2011
Pages243-248
Number of pages6
DOIs
StatePublished - 2011
Event2011 50th IEEE Conference on Decision and Control and European Control Conference, CDC-ECC 2011 - Orlando, FL, United States
Duration: Dec 12 2011Dec 15 2011

Other

Other2011 50th IEEE Conference on Decision and Control and European Control Conference, CDC-ECC 2011
CountryUnited States
CityOrlando, FL
Period12/12/1112/15/11

Fingerprint

Intrusion detection
Intrusion Detection
Incentives
Network Intrusion Detection
Sharing
Game
Robustness
Equilibrium Solution
Knowledge-based
Nash Equilibrium
Decentralized
Privacy
Propagation
Optimization Problem
Formulation
Knowledge

ASJC Scopus subject areas

  • Control and Systems Engineering
  • Modeling and Simulation
  • Control and Optimization

Cite this

Zhu, Q., Fung, C., Boutaba, R., & Basar, T. (2011). A game-theoretic approach to rule sharing mechanism in networked intrusion detection systems: Robustness, incentives and security. In 2011 50th IEEE Conference on Decision and Control and European Control Conference, CDC-ECC 2011 (pp. 243-248). [6161171] https://doi.org/10.1109/CDC.2011.6161171

A game-theoretic approach to rule sharing mechanism in networked intrusion detection systems : Robustness, incentives and security. / Zhu, Quanyan; Fung, Carol; Boutaba, Raouf; Basar, Tamer.

2011 50th IEEE Conference on Decision and Control and European Control Conference, CDC-ECC 2011. 2011. p. 243-248 6161171.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Zhu, Q, Fung, C, Boutaba, R & Basar, T 2011, A game-theoretic approach to rule sharing mechanism in networked intrusion detection systems: Robustness, incentives and security. in 2011 50th IEEE Conference on Decision and Control and European Control Conference, CDC-ECC 2011., 6161171, pp. 243-248, 2011 50th IEEE Conference on Decision and Control and European Control Conference, CDC-ECC 2011, Orlando, FL, United States, 12/12/11. https://doi.org/10.1109/CDC.2011.6161171
Zhu Q, Fung C, Boutaba R, Basar T. A game-theoretic approach to rule sharing mechanism in networked intrusion detection systems: Robustness, incentives and security. In 2011 50th IEEE Conference on Decision and Control and European Control Conference, CDC-ECC 2011. 2011. p. 243-248. 6161171 https://doi.org/10.1109/CDC.2011.6161171
Zhu, Quanyan ; Fung, Carol ; Boutaba, Raouf ; Basar, Tamer. / A game-theoretic approach to rule sharing mechanism in networked intrusion detection systems : Robustness, incentives and security. 2011 50th IEEE Conference on Decision and Control and European Control Conference, CDC-ECC 2011. 2011. pp. 243-248
@inproceedings{081f7d4dc34d4009959d74c9fa140dc3,
title = "A game-theoretic approach to rule sharing mechanism in networked intrusion detection systems: Robustness, incentives and security",
abstract = "Collaboration among IDSs allows users to benefit from the collective knowledge and information from their collaborators and achieve more accurate intrusion detection. However, most existing collaborative intrusion detection networks rely on the exchange of intrusion data which raises the privacy concern of participants. To overcome this problem, we propose a knowledge-based intrusion detection network, which provides a platform for IDS users to effectively share their customized detection knowledge in an IDS community. An automatic knowledge propagation mechanism is proposed based on a decentralized two-level optimization problem formulation, leading to a Nash equilibrium solution which is shown to be scalable, incentive compatible, fair, efficient and robust.",
author = "Quanyan Zhu and Carol Fung and Raouf Boutaba and Tamer Basar",
year = "2011",
doi = "10.1109/CDC.2011.6161171",
language = "English (US)",
isbn = "9781612848006",
pages = "243--248",
booktitle = "2011 50th IEEE Conference on Decision and Control and European Control Conference, CDC-ECC 2011",

}

TY - GEN

T1 - A game-theoretic approach to rule sharing mechanism in networked intrusion detection systems

T2 - Robustness, incentives and security

AU - Zhu, Quanyan

AU - Fung, Carol

AU - Boutaba, Raouf

AU - Basar, Tamer

PY - 2011

Y1 - 2011

N2 - Collaboration among IDSs allows users to benefit from the collective knowledge and information from their collaborators and achieve more accurate intrusion detection. However, most existing collaborative intrusion detection networks rely on the exchange of intrusion data which raises the privacy concern of participants. To overcome this problem, we propose a knowledge-based intrusion detection network, which provides a platform for IDS users to effectively share their customized detection knowledge in an IDS community. An automatic knowledge propagation mechanism is proposed based on a decentralized two-level optimization problem formulation, leading to a Nash equilibrium solution which is shown to be scalable, incentive compatible, fair, efficient and robust.

AB - Collaboration among IDSs allows users to benefit from the collective knowledge and information from their collaborators and achieve more accurate intrusion detection. However, most existing collaborative intrusion detection networks rely on the exchange of intrusion data which raises the privacy concern of participants. To overcome this problem, we propose a knowledge-based intrusion detection network, which provides a platform for IDS users to effectively share their customized detection knowledge in an IDS community. An automatic knowledge propagation mechanism is proposed based on a decentralized two-level optimization problem formulation, leading to a Nash equilibrium solution which is shown to be scalable, incentive compatible, fair, efficient and robust.

UR - http://www.scopus.com/inward/record.url?scp=84860689718&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84860689718&partnerID=8YFLogxK

U2 - 10.1109/CDC.2011.6161171

DO - 10.1109/CDC.2011.6161171

M3 - Conference contribution

SN - 9781612848006

SP - 243

EP - 248

BT - 2011 50th IEEE Conference on Decision and Control and European Control Conference, CDC-ECC 2011

ER -