TY - GEN
T1 - A cooperative approach for analyzing intrusions in mobile ad hoc networks
AU - Otrok, Hadi
AU - Debbabi, Mourad
AU - Assi, Chadi
AU - Bhattacharya, Prabir
PY - 2007
Y1 - 2007
N2 - In this paper, we consider the problem of reducing the number of false positives generated by cooperative Intrusion Detection Systems (IDSs) in Mobile Ad hoc Networks (MANETs). We define a flexible scheme using security classes, where an IDS is able to operate in different modes at each security class. This scheme helps in minimizing false alarms and informing the prevention system accurately about the severity of an intrusion. Shapley value is used to formally express the cooperation among all the nodes. To the best of our knowledge, there has not been any study for the case where the intrusions in MANETs are analyzed, in order to decrease false positives, using cooperative game theory. Our game theoretic model assists in analyzing the contribution of each mobile node on each security class in order to decrease false positives taking into consideration the reputation of nodes. Simulation results are given to validate the efficiency of our model in detecting intrusions and reducing false positives.
AB - In this paper, we consider the problem of reducing the number of false positives generated by cooperative Intrusion Detection Systems (IDSs) in Mobile Ad hoc Networks (MANETs). We define a flexible scheme using security classes, where an IDS is able to operate in different modes at each security class. This scheme helps in minimizing false alarms and informing the prevention system accurately about the severity of an intrusion. Shapley value is used to formally express the cooperation among all the nodes. To the best of our knowledge, there has not been any study for the case where the intrusions in MANETs are analyzed, in order to decrease false positives, using cooperative game theory. Our game theoretic model assists in analyzing the contribution of each mobile node on each security class in order to decrease false positives taking into consideration the reputation of nodes. Simulation results are given to validate the efficiency of our model in detecting intrusions and reducing false positives.
UR - http://www.scopus.com/inward/record.url?scp=35948980415&partnerID=8YFLogxK
U2 - 10.1109/ICDCSW.2007.91
DO - 10.1109/ICDCSW.2007.91
M3 - Conference contribution
AN - SCOPUS:35948980415
SN - 0769528384
SN - 9780769528380
T3 - Proceedings - International Conference on Distributed Computing Systems
BT - 27th International Conference on Distributed Computing Systems Workshops, ICDCSW'07
T2 - 27th International Conference on Distributed Computing Systems Workshops, ICDCSW'07
Y2 - 22 June 2007 through 29 June 2007
ER -