Combinatorial optimization: algorithms and complexity
Combinatorial optimization: algorithms and complexity
Network flows: theory, algorithms, and applications
Network flows: theory, algorithms, and applications
Practical Unix and Internet security (2nd ed.)
Practical Unix and Internet security (2nd ed.)
Journal of the ACM (JACM)
Wireless sensor networks: a survey
Computer Networks: The International Journal of Computer and Telecommunications Networking
Intrusion Detection in Sensor Networks: A Non-Cooperative Game Approach
NCA '04 Proceedings of the Network Computing and Applications, Third IEEE International Symposium
Incentive-based modeling and inference of attacker intent, objectives, and strategies
ACM Transactions on Information and System Security (TISSEC)
AAAI'04 Proceedings of the 19th national conference on Artifical intelligence
Agent-based distributed intrusion alert system
IWDC'04 Proceedings of the 6th international conference on Distributed Computing
Cloaking games in location based services
Proceedings of the 2008 ACM workshop on Secure web services
A Secure Mechanism Design-Based and Game Theoretical Model for MANETs
Mobile Networks and Applications
Game-theoretic resource allocation for malicious packet detection in computer networks
Proceedings of the 11th International Conference on Autonomous Agents and Multiagent Systems - Volume 2
QoS2: a framework for integrating quality of security with quality of service
Security and Communication Networks
Hi-index | 0.24 |
In this paper, we study using game theory the problem of detecting intrusions in wired infrastructure networks. Detection is accomplished by sampling a subset of the transmitted packets over selected network links or router interfaces. Given a total sampling budget, our framework aims at developing a network packet sampling strategy to effectively reduce the success chances of an intruder. We consider two different scenarios: (1) A well informed intruder divides his attack over multiple packets in order to increase his chances of successfully intruding a target domain. (2) Different cooperating intruders distribute the attack among themselves each send their attack fragments to the target node. Each of the packets containing a fragment of the attack is transmitted through a different path using multi-path routing, where each path is selected with a different probability. Knowing that, if these packets are independently analyzed then the intrusion will not be detected, i.e., a series of packets form an intrusion. To the best of our knowledge, there has not been any work done for the case where the attack is split over multiple packets or distributed over cooperative intruders using game theory. Non-cooperative game theory is used to formally express the problem, where the two players are: (1) the smart intruder or the cooperative intruders (depends on which scenario we are solving) and (2) the Intrusion Detection System (IDS). Our game theoretic framework will guide the intruder or the intruders to know their attack strategy and the IDS to have an optimal sampling strategy in order to detect the malicious packets.