### Abstract

In this paper, we study a network security configuration problem. More specifically, we consider distributed intrusion detection systems in a network subject to possible simultaneous attacks launched by a number of attackers. We formulate an N + M-person nonzero-sum stochastic game to capture the interactions among detection systems in the network as well as their interactions against exogenous intruders. We show the existence of stationary Nash equilibrium of the game and a value iteration method to attain an ε-Nash equilibrium. Mimicking the concept of Shannon's capacity in information theory, we propose the notion of security capacity as the largest achievable payoff to an agent at an equilibrium to yield performance limits on the network security. Furthermore, we discuss a mathematical programming approach to characterize the equilibrium as well as the feasibility of a given security target.

Original language | English (US) |
---|---|

Title of host publication | Proceedings of the 2010 American Control Conference, ACC 2010 |

Pages | 1059-1064 |

Number of pages | 6 |

State | Published - 2010 |

Event | 2010 American Control Conference, ACC 2010 - Baltimore, MD, United States Duration: Jun 30 2010 → Jul 2 2010 |

### Other

Other | 2010 American Control Conference, ACC 2010 |
---|---|

Country | United States |

City | Baltimore, MD |

Period | 6/30/10 → 7/2/10 |

### Fingerprint

### ASJC Scopus subject areas

- Control and Systems Engineering

### Cite this

*Proceedings of the 2010 American Control Conference, ACC 2010*(pp. 1059-1064). [5530765]

**Network security configurations : A nonzero-sum stochastic game approach.** / Zhu, Quanyan; Hamidou, Tembine; Başar, Tamer.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

*Proceedings of the 2010 American Control Conference, ACC 2010.*, 5530765, pp. 1059-1064, 2010 American Control Conference, ACC 2010, Baltimore, MD, United States, 6/30/10.

}

TY - GEN

T1 - Network security configurations

T2 - A nonzero-sum stochastic game approach

AU - Zhu, Quanyan

AU - Hamidou, Tembine

AU - Başar, Tamer

PY - 2010

Y1 - 2010

N2 - In this paper, we study a network security configuration problem. More specifically, we consider distributed intrusion detection systems in a network subject to possible simultaneous attacks launched by a number of attackers. We formulate an N + M-person nonzero-sum stochastic game to capture the interactions among detection systems in the network as well as their interactions against exogenous intruders. We show the existence of stationary Nash equilibrium of the game and a value iteration method to attain an ε-Nash equilibrium. Mimicking the concept of Shannon's capacity in information theory, we propose the notion of security capacity as the largest achievable payoff to an agent at an equilibrium to yield performance limits on the network security. Furthermore, we discuss a mathematical programming approach to characterize the equilibrium as well as the feasibility of a given security target.

AB - In this paper, we study a network security configuration problem. More specifically, we consider distributed intrusion detection systems in a network subject to possible simultaneous attacks launched by a number of attackers. We formulate an N + M-person nonzero-sum stochastic game to capture the interactions among detection systems in the network as well as their interactions against exogenous intruders. We show the existence of stationary Nash equilibrium of the game and a value iteration method to attain an ε-Nash equilibrium. Mimicking the concept of Shannon's capacity in information theory, we propose the notion of security capacity as the largest achievable payoff to an agent at an equilibrium to yield performance limits on the network security. Furthermore, we discuss a mathematical programming approach to characterize the equilibrium as well as the feasibility of a given security target.

UR - http://www.scopus.com/inward/record.url?scp=77957824022&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=77957824022&partnerID=8YFLogxK

M3 - Conference contribution

SN - 9781424474264

SP - 1059

EP - 1064

BT - Proceedings of the 2010 American Control Conference, ACC 2010

ER -