A Game Theoretical Model for Optimal Distribution of Network Security Resources

  • Ziad IsmailEmail author
  • Christophe Kiennert
  • Jean Leneutre
  • Lin Chen
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10575)


Enforcing security in a network always comes with a tradeoff regarding budget constraints, entailing unavoidable choices for the deployment of security equipment over the network. Therefore, finding the optimal distribution of security resources to protect the network is necessary. In this paper, we focus on Intrusion Detection Systems (IDSs), which are among the main components used to secure networks. However, configuring and deploying IDSs efficiently to optimize attack detection and mitigation remain a challenging task. In particular, in networks providing critical services, optimal IDS deployment depends on the type of interdependencies that exists between vulnerable network equipment. In this paper, we present a game theoretical analysis for optimizing intrusion detection in such networks. First, we present a set of theoretical preliminary results for resource constrained network security games. Then, we formulate the problem of intrusion detection as a resource constrained network security game where interdependencies between equipment vulnerabilities are taken into account. Finally, we validate our model numerically via a real world case study.


Intrusion detection Optimization Non-cooperative game theory 


  1. 1.
    Manshaei, M.H., Zhu, Q., Alpcan, T., Basar, T., Hubaux, J.P.: Game theory meets network security and privacy. ACM Comput. Surv. 45(3), 25–39 (2013)CrossRefzbMATHGoogle Scholar
  2. 2.
    Chen, L., Leneutre, J.: A game theoretical framework on intrusion detection in heterogeneous networks. IEEE Trans. Inf. Forensics Secur. 4(2), 165–178 (2009)CrossRefGoogle Scholar
  3. 3.
    Alpcan, T., Basar, T.: A game theoretic approach to decision and analysis in network intrusion detection. In: Proceedings of the 42nd IEEE Conference on Decision and Control (CDC), vol. 3 (2003)Google Scholar
  4. 4.
    Alpcan, T., Basar, T.: An intrusion detection game with limited observations. In: Proceedings of the 12th International Symposium on Dynamic Games and Applications (2006)Google Scholar
  5. 5.
    Nguyen, K., Alpcan, T., Basar, T.: Stochastic games for security in networks with interdependent nodes. In: Proceedings of the International Conference on Game Theory for Networks (GameNets) (2009)Google Scholar
  6. 6.
    Miura-Ko, R., Yolken, B., Bambos, N., Mitchell, J.: Security investment games of interdependent organizations. In: Proceedings of the 46th Annual Allerton Conference on Communication, Control, and Computing (2008)Google Scholar
  7. 7.
    Sallhammar, K., Helvik, B., Knapskog, S.: Incorporating attacker behavior in stochastic models of security. In: Proceedings of the 2005 International Conference on Security and Management (2005)Google Scholar
  8. 8.
    Kodialam, M., Lakshman, T.: Detecting network intrusions via sampling: a game theoretic approach. In: IEEE INFOCOM (2003)Google Scholar
  9. 9.
    Otrok, H., Mohammed, N., Wang, L., Debbabi, M., Bhattacharya, P.: A game-theoretic intrusion detection model for mobile ad hoc networks. Comput. Commun. 31(4), 708–721 (2008)CrossRefGoogle Scholar
  10. 10.
    Otrok, H., Mehrandish, M., Assi, C., Debbabi, M., Bhattacharya, P.: Game theoretic models for detecting network intrusions. Comput. Commun. 31(10), 1934–1944 (2008)CrossRefGoogle Scholar
  11. 11.
    Zheng, D., Yu, F., Boukerche, A.: Security and quality of service (qos) co-design using game theory in cooperative wireless ad hoc networks. In: Proceedings of the Second ACM International Symposium on Design and Analysis of Intelligent Vehicular Networks and Applications (2012)Google Scholar
  12. 12.
    Djebaili, B., Kiennert, C., Leneutre, J., Chen, L.: Data integrity and availability verification game in untrusted cloud storage. In: Proceedings of the 5th International Conference on Decision and Game Theory for Security (2014)Google Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Ziad Ismail
    • 1
    Email author
  • Christophe Kiennert
    • 2
  • Jean Leneutre
    • 1
  • Lin Chen
    • 3
  1. 1.Télécom ParisTech, Université Paris-SaclayParisFrance
  2. 2.Télécom SudParisEvryFrance
  3. 3.University of Paris-Sud 11OrsayFrance

Personalised recommendations