A Game Theoretic Approach for Deploying Intrusion Detection Agent
The proposed framework applies two game theoretic models for economic deployment of intrusion detection system (IDS). The first scheme models and analyzes the interaction behaviors of between an attacker and intrusion detection agent within a non-cooperative game, and then the security risk value is derived from the mixed strategy Nash equilibrium. The second scheme uses the security risk value to compute the Shapley value of intrusion detection agent under the various threat levels. Therefore, the fair agent allocation creates a minimum set of IDS deployment costs. Numerical examples show that the network administrator can quantitatively evaluate the security risk of each intrusion detection agent and easily select the most effective IDS agent deployment to meet the various threat levels.
KeywordsAgent deployment Nash equilibrium Shapley value threat levels
Unable to display preview. Download preview PDF.
- 1.Alpcan, T., Basar, T.: A Game Theoretic Approach to Decision and Analysis in Network Intrusion Detection. In: IEEE Conference on Decision and Control, pp. 2595–2600 (2003)Google Scholar
- 2.Dixit, A., Skeath, S.: Games of Strategy. W. W. Norton & Company (2001)Google Scholar
- 3.Keromytis, A.D., Vishal, M., Rubenstein, D.: SOS: An Architecture for Mitigating DDoS Attacks. IEEE Communications 22, 176–188 (2004)Google Scholar
- 4.McKelvey, R.D., McLennan, A.M., Turocy, T.L.: Gambit: Software Tools for Game Theory (2007), http://econweb.tamu.edu/gambit
- 5.Mishra, D., Rangarajan, B.: Cost Sharing in a Job Scheduling Problem Using the Shapley Value. In: Proceedings of the 6th ACM conference on Electronic commerce, pp. 232–239 (2005)Google Scholar
- 8.Schechter, S.E.: Computer Security Strength and Risk: a Quantitative Approach. PhD Thesis, Harvard Univ. (2004)Google Scholar