Skip to main content
SpringerLink
Log in

A Game Theoretic Framework for Multi-agent Deployment in Intrusion Detection Systems

  • Chapter
  • First Online:
Security Informatics

Part of the book series: Annals of Information Systems ((AOIS,volume 9))

Abstract

Due to cost considerations there must exist in intrusion detection system, a trade-off between the user’s ease of access and capability of detecting attacks. The proposed framework applies two game theoretic models for economic deployment of intrusion detection agent. The first scheme models and analyzes the interaction behaviors between an attacker and intrusion detection agent within a non-cooperative game, and then the security risk value is derived from the mixed strategy Nash equilibrium. The second scheme uses the security risk value to compute the Shapley value of intrusion detection agent while considering the various threat levels. Therefore, the efficient agent allocation creates a minimum set of deployment costs. The experimental results show that with the proposed two-stage game theoretic model, the network administrator can quantitatively evaluate the security risk of each IDS agent and easily select the most critical and effective IDS agent deployment to meet the various threat levels to the network.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Alpcan, T., Basar, T. (2003). A game theoretic approach to decision and analysis in network intrusion detection, IEEE Conference on Decision and Control, 2595–2600.

    Google Scholar 

  2. Basar, T., Olsder, G. J. (1999). Dynamic Noncooperative Game Theory, Academic Press, Philadelphia, 87.

    MATH  Google Scholar 

  3. Burke, D. A. (1999). Towards a game theoretic model of information warfare. Masters Thesis, Air Force Institute of Technology, Air University.

    Google Scholar 

  4. Cai, J., Pooch, U. (2004). Allocate fair payoff for cooperation in wireless ad hoc networks using Shapley value, Proceedings of the 18th International Parallel and Distributed Processing Symposium, 219–227.

    Google Scholar 

  5. Cavusoglu, H., Mishra, B., Raghunathan, S. (2005). The value of intrusion detection systems in information technology security architecture, Information Systems Research, 16, 28–46.

    Article  Google Scholar 

  6. Dixit, A. Skeath, S. (2001). Games of Strategy, W. W. Norton & Company.

    Google Scholar 

  7. Goemans, M. X., Skutella, M. (2004). Cooperative facility location games, Journal of Algorithms, 50, 194–214.

    Article  MATH  Google Scholar 

  8. Keromytis, A. D., Vishal, M., Rubenstein, D. (2004). SOS: An architecture for mitigating DDoS attacks, IEEE Communications, 22, 176–188.

    Google Scholar 

  9. Kodialam, M. T., Lakshman, V. (2003). Detecting network intrusions via sampling: a game theoretic approach, INFOCOM, 2003, 1880–1889.

    Google Scholar 

  10. Liu, P., Zang, W. (2005). Incentive-based modeling and inference of attacker intent, objectives, and strategies, ACM Transactions on Information and System Security, 8, 78–118.

    Article  Google Scholar 

  11. Liu, P., Li, L. (2002). A Game Theoretic Approach to Attack Prediction, Technical Report, Penn State University.

    Google Scholar 

  12. Lye, K. W., Wing, J. (2005). Game strategies in network security, International Journal of Information Security, 4, 71–86.

    Article  Google Scholar 

  13. Martin, O. J., Ariel, R. (1994). A Course in Game Theory, MIT Press, Cambridge.

    MATH  Google Scholar 

  14. McKelvey, R. D., Andrew, M. M., and Turocy, T. L. (2007). Gambit: Software Tools for Game Theory, http://econweb.tamu.edu/gambit.

  15. Mel, P., Hu, V., Lippmann, R. J., Zissman, H. M. (2002). An Overview of Issues in Testing Intrusion Detection Systems, NIST, Gaithersburg, MD.

    Google Scholar 

  16. Mishra, D., Rangarajan, B. (2005). Cost sharing in a job scheduling problem using the Shapley value, Proceedings of the 6th ACM Conference on Electronic Commerce, 232–239.

    Google Scholar 

  17. Owen, G. (2001). Game Theory, 3rd ed. Academic Press, New York.

    Google Scholar 

  18. Parsons, S., Wooldridge, M. (2002). Game theory and decision theory in multi-agent systems, Autonomous Agents and Multi-Agent Systems, 5, 243–254.

    Article  MathSciNet  Google Scholar 

  19. Schechter, S. E. (2004). Computer Security Strength and Risk: A Quantitative Approach, PhD Thesis, Harvard University.

    Google Scholar 

  20. Schechter, S. E. (2005). Toward econometric models of the security risk from remote attacks, IEEE Security & Privacy, 3(1), 40–44.

    Article  Google Scholar 

  21. Shaw, D. S., Post, J. M., Ruby, K. G. (1999). Inside the minds of the insider, Security Management, 43, 34–44.

    Google Scholar 

  22. Symantec Corporation, http://www.symantec.com/index.jsp.

  23. Zolezzi, J. M., Rudnick, H. (2002). Transmission cost allocation by cooperative games and coalition formation, IEEE Transactions on Power Systems, 41, 1008–1015.

    Article  Google Scholar 

  24. Zou, C. C., Gong, W. Towsley, D. (2002). Code red worm propagation modeling and analysis, In: Proceedings of the 9th ACM Symposium, 138–147.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Information Management, National Central University, Taiwan, ROC

    Yi-Ming Chen & Cheng-Kuang Wu

  2. Department of Economics, National Central University, Taiwan, ROC

    Dachrahn Wu

Authors
  1. Yi-Ming Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Dachrahn Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Cheng-Kuang Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Yi-Ming Chen or Dachrahn Wu .

Editor information

Editors and Affiliations

  1. College of Information Science &, Drexel University, Chestnut St. 3141, Philadelphia, 19104-2875, U.S.A.

    Christopher C. Yang

  2. School of Business, University of Hong Kong, Pokfulam Road, Hong Kong, Hong Kong/PR China

    Michael Chau

  3. Dept. Information Management, Central Police University, Gueishan, Taoyuan, 33334, Taiwan R.O.C.

    Jau-Hwang Wang

  4. Eller College of Management , University of Arizona , E. Helen St. 1130, Tucson, 85721, U.S.A.

    Hsinchun Chen

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer Science+Business Media, LLC

About this chapter

Cite this chapter

Chen, YM., Wu, D., Wu, CK. (2010). A Game Theoretic Framework for Multi-agent Deployment in Intrusion Detection Systems. In: Yang, C., Chau, M., Wang, JH., Chen, H. (eds) Security Informatics. Annals of Information Systems, vol 9. Springer, Boston, MA. https://doi.org/10.1007/978-1-4419-1325-8_7

Download citation

  • DOI: https://doi.org/10.1007/978-1-4419-1325-8_7

  • Published:

  • Publisher Name: Springer, Boston, MA

  • Print ISBN: 978-1-4419-1324-1

  • Online ISBN: 978-1-4419-1325-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation