Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to main content
SpringerLink
Log in

A Game Theoretical Model for Optimal Distribution of Network Security Resources

  • Conference paper
  • First Online:
Decision and Game Theory for Security (GameSec 2017)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10575))

Included in the following conference series:

Abstract

Enforcing security in a network always comes with a tradeoff regarding budget constraints, entailing unavoidable choices for the deployment of security equipment over the network. Therefore, finding the optimal distribution of security resources to protect the network is necessary. In this paper, we focus on Intrusion Detection Systems (IDSs), which are among the main components used to secure networks. However, configuring and deploying IDSs efficiently to optimize attack detection and mitigation remain a challenging task. In particular, in networks providing critical services, optimal IDS deployment depends on the type of interdependencies that exists between vulnerable network equipment. In this paper, we present a game theoretical analysis for optimizing intrusion detection in such networks. First, we present a set of theoretical preliminary results for resource constrained network security games. Then, we formulate the problem of intrusion detection as a resource constrained network security game where interdependencies between equipment vulnerabilities are taken into account. Finally, we validate our model numerically via a real world case study.

This research was initially supported by the MSSTB project, in collaboration with Airbus Defence & Space CyberSecurity and Cogisys, through the Program Investissement d’Avenir funded by the French public financial organization Caisse des Dépôts et des Consignations, and later by the Cyber CNI Chair of Institut Mines-Télécom held by Télécom Bretagne and supported by Airbus Defence and Space, Amossys, BNP Paribas, EDF, Orange, La Poste, Nokia, Société Générale, and the Regional Council of Brittany, and acknowledged by the Center of Excellence in Cybersecurity.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Manshaei, M.H., Zhu, Q., Alpcan, T., Basar, T., Hubaux, J.P.: Game theory meets network security and privacy. ACM Comput. Surv. 45(3), 25–39 (2013)

    Article  MATH  Google Scholar 

  2. Chen, L., Leneutre, J.: A game theoretical framework on intrusion detection in heterogeneous networks. IEEE Trans. Inf. Forensics Secur. 4(2), 165–178 (2009)

    Article  Google Scholar 

  3. Alpcan, T., Basar, T.: A game theoretic approach to decision and analysis in network intrusion detection. In: Proceedings of the 42nd IEEE Conference on Decision and Control (CDC), vol. 3 (2003)

    Google Scholar 

  4. Alpcan, T., Basar, T.: An intrusion detection game with limited observations. In: Proceedings of the 12th International Symposium on Dynamic Games and Applications (2006)

    Google Scholar 

  5. Nguyen, K., Alpcan, T., Basar, T.: Stochastic games for security in networks with interdependent nodes. In: Proceedings of the International Conference on Game Theory for Networks (GameNets) (2009)

    Google Scholar 

  6. Miura-Ko, R., Yolken, B., Bambos, N., Mitchell, J.: Security investment games of interdependent organizations. In: Proceedings of the 46th Annual Allerton Conference on Communication, Control, and Computing (2008)

    Google Scholar 

  7. Sallhammar, K., Helvik, B., Knapskog, S.: Incorporating attacker behavior in stochastic models of security. In: Proceedings of the 2005 International Conference on Security and Management (2005)

    Google Scholar 

  8. Kodialam, M., Lakshman, T.: Detecting network intrusions via sampling: a game theoretic approach. In: IEEE INFOCOM (2003)

    Google Scholar 

  9. Otrok, H., Mohammed, N., Wang, L., Debbabi, M., Bhattacharya, P.: A game-theoretic intrusion detection model for mobile ad hoc networks. Comput. Commun. 31(4), 708–721 (2008)

    Article  Google Scholar 

  10. Otrok, H., Mehrandish, M., Assi, C., Debbabi, M., Bhattacharya, P.: Game theoretic models for detecting network intrusions. Comput. Commun. 31(10), 1934–1944 (2008)

    Article  Google Scholar 

  11. Zheng, D., Yu, F., Boukerche, A.: Security and quality of service (qos) co-design using game theory in cooperative wireless ad hoc networks. In: Proceedings of the Second ACM International Symposium on Design and Analysis of Intelligent Vehicular Networks and Applications (2012)

    Google Scholar 

  12. Djebaili, B., Kiennert, C., Leneutre, J., Chen, L.: Data integrity and availability verification game in untrusted cloud storage. In: Proceedings of the 5th International Conference on Decision and Game Theory for Security (2014)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Télécom ParisTech, Université Paris-Saclay, 46 Rue Barrault, 75013, Paris, France

    Ziad Ismail & Jean Leneutre

  2. Télécom SudParis, 9 Rue Charles Fourier, 91011, Evry, France

    Christophe Kiennert

  3. University of Paris-Sud 11, 15 Rue Georges Clemenceau, 91400, Orsay, France

    Lin Chen

Authors
  1. Ziad Ismail
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Christophe Kiennert
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jean Leneutre
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Lin Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ziad Ismail .

Editor information

Editors and Affiliations

  1. Universität Klagenfurt, Klagenfurt, Austria

    Stefan Rass

  2. Nanyang Technological University, Singapore, Singapore

    Bo An

  3. University of Texas at El Paso, El Paso, Texas, USA

    Christopher Kiekintveld

  4. Carnegie Mellon University, Pittsburgh, Pennsylvania, USA

    Fei Fang

  5. AIT Austrian Institute of Technology GmbH, Klagenfurt, Austria

    Stefan Schauer

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Ismail, Z., Kiennert, C., Leneutre, J., Chen, L. (2017). A Game Theoretical Model for Optimal Distribution of Network Security Resources. In: Rass, S., An, B., Kiekintveld, C., Fang, F., Schauer, S. (eds) Decision and Game Theory for Security. GameSec 2017. Lecture Notes in Computer Science(), vol 10575. Springer, Cham. https://doi.org/10.1007/978-3-319-68711-7_13

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-68711-7_13

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-68710-0

  • Online ISBN: 978-3-319-68711-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation