GUIDEX

A game-theoretic incentive-based mechanism for intrusion detection networks

Quanyan Zhu, Carol Fung, Raouf Boutaba, Tamer Basar

Research output: Contribution to journalArticle

Abstract

Traditional intrusion detection systems (IDSs) work in isolation and can be easily compromised by unknown threats. An intrusion detection network (IDN) is a collaborative IDS network intended to overcome this weakness by allowing IDS peers to share detection knowledge and experience, and hence improve the overall accuracy of intrusion assessment. In this work, we design an IDN system, called GUIDEX, using game-theoretic modeling and trust management for peers to collaborate truthfully and actively. We first describe the system architecture and its individual components, and then establish a game-theoretic framework for the resource management component of GUIDEX. We establish the existence and uniqueness of a Nash equilibrium under which peers can communicate in a reciprocal incentive compatible manner. Based on the duality of the problem, we develop an iterative algorithm that converges geometrically to the equilibrium. Our numerical experiments and discrete event simulation demonstrate the convergence to the Nash equilibrium and the security features of GUIDEX against free riders, dishonest insiders and DoS attacks.

Original languageEnglish (US)
Article number6354280
Pages (from-to)2220-2230
Number of pages11
JournalIEEE Journal on Selected Areas in Communications
Volume30
Issue number11
DOIs
StatePublished - 2012

Fingerprint

Intrusion detection
Discrete event simulation
Experiments

Keywords

  • collaborative networks
  • game theory
  • incentive compatibility
  • Intrusion detection systems
  • network optimization
  • network security and economics

ASJC Scopus subject areas

  • Electrical and Electronic Engineering
  • Computer Networks and Communications

Cite this

GUIDEX : A game-theoretic incentive-based mechanism for intrusion detection networks. / Zhu, Quanyan; Fung, Carol; Boutaba, Raouf; Basar, Tamer.

In: IEEE Journal on Selected Areas in Communications, Vol. 30, No. 11, 6354280, 2012, p. 2220-2230.

Research output: Contribution to journalArticle

Zhu, Quanyan ; Fung, Carol ; Boutaba, Raouf ; Basar, Tamer. / GUIDEX : A game-theoretic incentive-based mechanism for intrusion detection networks. In: IEEE Journal on Selected Areas in Communications. 2012 ; Vol. 30, No. 11. pp. 2220-2230.
@article{9912e289bc104daeb98ca640325dd186,
title = "GUIDEX: A game-theoretic incentive-based mechanism for intrusion detection networks",
abstract = "Traditional intrusion detection systems (IDSs) work in isolation and can be easily compromised by unknown threats. An intrusion detection network (IDN) is a collaborative IDS network intended to overcome this weakness by allowing IDS peers to share detection knowledge and experience, and hence improve the overall accuracy of intrusion assessment. In this work, we design an IDN system, called GUIDEX, using game-theoretic modeling and trust management for peers to collaborate truthfully and actively. We first describe the system architecture and its individual components, and then establish a game-theoretic framework for the resource management component of GUIDEX. We establish the existence and uniqueness of a Nash equilibrium under which peers can communicate in a reciprocal incentive compatible manner. Based on the duality of the problem, we develop an iterative algorithm that converges geometrically to the equilibrium. Our numerical experiments and discrete event simulation demonstrate the convergence to the Nash equilibrium and the security features of GUIDEX against free riders, dishonest insiders and DoS attacks.",
keywords = "collaborative networks, game theory, incentive compatibility, Intrusion detection systems, network optimization, network security and economics",
author = "Quanyan Zhu and Carol Fung and Raouf Boutaba and Tamer Basar",
year = "2012",
doi = "10.1109/JSAC.2012.121214",
language = "English (US)",
volume = "30",
pages = "2220--2230",
journal = "IEEE Journal on Selected Areas in Communications",
issn = "0733-8716",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
number = "11",

}

TY - JOUR

T1 - GUIDEX

T2 - A game-theoretic incentive-based mechanism for intrusion detection networks

AU - Zhu, Quanyan

AU - Fung, Carol

AU - Boutaba, Raouf

AU - Basar, Tamer

PY - 2012

Y1 - 2012

N2 - Traditional intrusion detection systems (IDSs) work in isolation and can be easily compromised by unknown threats. An intrusion detection network (IDN) is a collaborative IDS network intended to overcome this weakness by allowing IDS peers to share detection knowledge and experience, and hence improve the overall accuracy of intrusion assessment. In this work, we design an IDN system, called GUIDEX, using game-theoretic modeling and trust management for peers to collaborate truthfully and actively. We first describe the system architecture and its individual components, and then establish a game-theoretic framework for the resource management component of GUIDEX. We establish the existence and uniqueness of a Nash equilibrium under which peers can communicate in a reciprocal incentive compatible manner. Based on the duality of the problem, we develop an iterative algorithm that converges geometrically to the equilibrium. Our numerical experiments and discrete event simulation demonstrate the convergence to the Nash equilibrium and the security features of GUIDEX against free riders, dishonest insiders and DoS attacks.

AB - Traditional intrusion detection systems (IDSs) work in isolation and can be easily compromised by unknown threats. An intrusion detection network (IDN) is a collaborative IDS network intended to overcome this weakness by allowing IDS peers to share detection knowledge and experience, and hence improve the overall accuracy of intrusion assessment. In this work, we design an IDN system, called GUIDEX, using game-theoretic modeling and trust management for peers to collaborate truthfully and actively. We first describe the system architecture and its individual components, and then establish a game-theoretic framework for the resource management component of GUIDEX. We establish the existence and uniqueness of a Nash equilibrium under which peers can communicate in a reciprocal incentive compatible manner. Based on the duality of the problem, we develop an iterative algorithm that converges geometrically to the equilibrium. Our numerical experiments and discrete event simulation demonstrate the convergence to the Nash equilibrium and the security features of GUIDEX against free riders, dishonest insiders and DoS attacks.

KW - collaborative networks

KW - game theory

KW - incentive compatibility

KW - Intrusion detection systems

KW - network optimization

KW - network security and economics

UR - http://www.scopus.com/inward/record.url?scp=84870268417&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84870268417&partnerID=8YFLogxK

U2 - 10.1109/JSAC.2012.121214

DO - 10.1109/JSAC.2012.121214

M3 - Article

VL - 30

SP - 2220

EP - 2230

JO - IEEE Journal on Selected Areas in Communications

JF - IEEE Journal on Selected Areas in Communications

SN - 0733-8716

IS - 11

M1 - 6354280

ER -