By Topic

NIS06-3: A Game Theoretic Approach to Detect Network Intrusions: The Cooperative Intruders Scenario

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

5 Author(s)
Mehrandish, M. ; Comput. Security Lab., Concordia Univ., Montreal, QC ; Otrok, H. ; Debbabi, M. ; Assi, C.
more authors

In this paper, we consider the problem of detecting intrusions initiated by cooperative malicious nodes in infrastructure-based networks. We achieve this objective by sampling a subset of the transmitted packets, between each intruder and the victim, over selected links or router interfaces. Here, the total sampling rate on all links must not exceed the sampling budget constraint. We build a game theoretic framework to model distributed network intrusions through multiple malicious nodes and a common victim node. To the best of our knowledge, there has not been any study for the case where the attack is distributed over cooperative intruders using game theory. Non-cooperative game theory is used to formally express the problem, where the two players are: (1) the intruders and (2) the intrusion detection system. Our game theoretic framework will guide the intruders to know their attack strategy and the IDS to have an optimal sampling strategy in order to detect these intrusion packets.

Published in:

Global Telecommunications Conference, 2006. GLOBECOM '06. IEEE

Date of Conference:

Nov. 27 2006-Dec. 1 2006