Game theoretic framework for reputation-based distributed intrusion detection

Amira Bradai; Hossam Afifi

doi:10.1109/SocialCom.2013.84

Game theoretic framework for reputation-based distributed intrusion detection

Amira Bradai
, Hossam Afifi

Institut Mines-Télécom

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Host-Based Intrusion Detection Systems (HIDS) have been widely used to detect malicious behaviors of nodes in heterogenous networks. Collaborative intrusion detection can be more secure with a framework using reputation aggregation as an incentive. The problem of incentives and efficiency are well known problems that can be addressed in such collaborative environment. In this paper, we propose to use game theory to improve detection and optimize intrusion detection systems used in collaboration. The main contribution of this paper is that the reputation of HIDS is evaluated before modeling the game between the HIDS and attackers. Our proposal has three phases: the first phase builds reputation evaluation between HIDS and estimates the reputation for each one. In the second phase, a proposed algorithm elects a leader using reputation value to make decisions. In the last phase, using game theory the leader decides to activate or not the HIDS for optimization reasons.

Original language	English
Title of host publication	Proceedings - SocialCom/PASSAT/BigData/EconCom/BioMedCom 2013
Pages	558-563
Number of pages	6
DOIs	https://doi.org/10.1109/SocialCom.2013.84
Publication status	Published - 1 Dec 2013
Externally published	Yes
Event	2013 ASE/IEEE Int. Conf. on Social Computing, SocialCom 2013, the 2013 ASE/IEEE Int. Conf. on Big Data, BigData 2013, the 2013 Int. Conf. on Economic Computing, EconCom 2013, the 2013 PASSAT 2013, and the 2013 ASE/IEEE Int. Conf. on BioMedCom 2013 - Washington, DC, United States Duration: 8 Sept 2013 → 14 Sept 2013

Publication series

Name	Proceedings - SocialCom/PASSAT/BigData/EconCom/BioMedCom 2013

Conference

Conference	2013 ASE/IEEE Int. Conf. on Social Computing, SocialCom 2013, the 2013 ASE/IEEE Int. Conf. on Big Data, BigData 2013, the 2013 Int. Conf. on Economic Computing, EconCom 2013, the 2013 PASSAT 2013, and the 2013 ASE/IEEE Int. Conf. on BioMedCom 2013
Country/Territory	United States
City	Washington, DC
Period	8/09/13 → 14/09/13

Keywords

False Alarms
Game theory
Intrusion detection
Resource consumption

Access to Document

10.1109/SocialCom.2013.84

Cite this

@inproceedings{92fbfd5add43431295c52744f638cd3e,

title = "Game theoretic framework for reputation-based distributed intrusion detection",

abstract = "Host-Based Intrusion Detection Systems (HIDS) have been widely used to detect malicious behaviors of nodes in heterogenous networks. Collaborative intrusion detection can be more secure with a framework using reputation aggregation as an incentive. The problem of incentives and efficiency are well known problems that can be addressed in such collaborative environment. In this paper, we propose to use game theory to improve detection and optimize intrusion detection systems used in collaboration. The main contribution of this paper is that the reputation of HIDS is evaluated before modeling the game between the HIDS and attackers. Our proposal has three phases: the first phase builds reputation evaluation between HIDS and estimates the reputation for each one. In the second phase, a proposed algorithm elects a leader using reputation value to make decisions. In the last phase, using game theory the leader decides to activate or not the HIDS for optimization reasons.",

keywords = "False Alarms, Game theory, Intrusion detection, Resource consumption",

author = "Amira Bradai and Hossam Afifi",

year = "2013",

month = dec,

day = "1",

doi = "10.1109/SocialCom.2013.84",

language = "English",

isbn = "9780769551371",

series = "Proceedings - SocialCom/PASSAT/BigData/EconCom/BioMedCom 2013",

pages = "558--563",

booktitle = "Proceedings - SocialCom/PASSAT/BigData/EconCom/BioMedCom 2013",

note = "2013 ASE/IEEE Int. Conf. on Social Computing, SocialCom 2013, the 2013 ASE/IEEE Int. Conf. on Big Data, BigData 2013, the 2013 Int. Conf. on Economic Computing, EconCom 2013, the 2013 PASSAT 2013, and the 2013 ASE/IEEE Int. Conf. on BioMedCom 2013 ; Conference date: 08-09-2013 Through 14-09-2013",

}

Bradai, A & Afifi, H 2013, Game theoretic framework for reputation-based distributed intrusion detection. in Proceedings - SocialCom/PASSAT/BigData/EconCom/BioMedCom 2013., 6693381, Proceedings - SocialCom/PASSAT/BigData/EconCom/BioMedCom 2013, pp. 558-563, 2013 ASE/IEEE Int. Conf. on Social Computing, SocialCom 2013, the 2013 ASE/IEEE Int. Conf. on Big Data, BigData 2013, the 2013 Int. Conf. on Economic Computing, EconCom 2013, the 2013 PASSAT 2013, and the 2013 ASE/IEEE Int. Conf. on BioMedCom 2013, Washington, DC, United States, 8/09/13. https://doi.org/10.1109/SocialCom.2013.84

TY - GEN

T1 - Game theoretic framework for reputation-based distributed intrusion detection

AU - Bradai, Amira

AU - Afifi, Hossam

PY - 2013/12/1

Y1 - 2013/12/1

N2 - Host-Based Intrusion Detection Systems (HIDS) have been widely used to detect malicious behaviors of nodes in heterogenous networks. Collaborative intrusion detection can be more secure with a framework using reputation aggregation as an incentive. The problem of incentives and efficiency are well known problems that can be addressed in such collaborative environment. In this paper, we propose to use game theory to improve detection and optimize intrusion detection systems used in collaboration. The main contribution of this paper is that the reputation of HIDS is evaluated before modeling the game between the HIDS and attackers. Our proposal has three phases: the first phase builds reputation evaluation between HIDS and estimates the reputation for each one. In the second phase, a proposed algorithm elects a leader using reputation value to make decisions. In the last phase, using game theory the leader decides to activate or not the HIDS for optimization reasons.

AB - Host-Based Intrusion Detection Systems (HIDS) have been widely used to detect malicious behaviors of nodes in heterogenous networks. Collaborative intrusion detection can be more secure with a framework using reputation aggregation as an incentive. The problem of incentives and efficiency are well known problems that can be addressed in such collaborative environment. In this paper, we propose to use game theory to improve detection and optimize intrusion detection systems used in collaboration. The main contribution of this paper is that the reputation of HIDS is evaluated before modeling the game between the HIDS and attackers. Our proposal has three phases: the first phase builds reputation evaluation between HIDS and estimates the reputation for each one. In the second phase, a proposed algorithm elects a leader using reputation value to make decisions. In the last phase, using game theory the leader decides to activate or not the HIDS for optimization reasons.

KW - False Alarms

KW - Game theory

KW - Intrusion detection

KW - Resource consumption

UR - https://www.scopus.com/pages/publications/84893625851

U2 - 10.1109/SocialCom.2013.84

DO - 10.1109/SocialCom.2013.84

M3 - Conference contribution

AN - SCOPUS:84893625851

SN - 9780769551371

T3 - Proceedings - SocialCom/PASSAT/BigData/EconCom/BioMedCom 2013

SP - 558

EP - 563

BT - Proceedings - SocialCom/PASSAT/BigData/EconCom/BioMedCom 2013

T2 - 2013 ASE/IEEE Int. Conf. on Social Computing, SocialCom 2013, the 2013 ASE/IEEE Int. Conf. on Big Data, BigData 2013, the 2013 Int. Conf. on Economic Computing, EconCom 2013, the 2013 PASSAT 2013, and the 2013 ASE/IEEE Int. Conf. on BioMedCom 2013

Y2 - 8 September 2013 through 14 September 2013

ER -

Game theoretic framework for reputation-based distributed intrusion detection

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this