A game theoretic approach to optimize the performance of Host-Based IDS

Shuai Liu, Da Yong Zhang, Xiao Chu, Hadi Otrok, Prabir Bhattacharya

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

5 Scopus citations

Abstract

A traditional Host-Based Intrusion Detection System (HIDS) has to continuously monitor thousands of objects on the host, regardless of whether or not there are any attacks and in what scenarios these attacks have been occurred. This leads to a huge consumption of system resources. In this paper, we put forward an approach that dynamically adjusts the objects a HIDS monitors according to the expected attack scenario. To achieve this goal, we formulate a repeated non-cooperative game between an attacker and a HIDS. The solution leads the HIDS to find the optimal number of objects that should be monitored and the corresponding monitored time. We study the case of multiple-step attack to gain more insight of the solution for this game model. Therefore, our model considers the tradeoff between the detection accuracy and the resource consumption. Analysis and simulation results prove that our approach can effectively decrease the resource consumption of the HIDS taking into consideration the detection accurac.

Original languageBritish English
Title of host publicationProceedings - 4th IEEE International Conference on Wireless and Mobile Computing, Networking and Communication, WiMob 2008
Pages448-453
Number of pages6
DOIs
StatePublished - 2008
Event4th IEEE International Conference on Wireless and Mobile Computing, Networking and Communication, WiMob 2008 - Avignon, France
Duration: 12 Oct 200814 Oct 2008

Publication series

NameProceedings - 4th IEEE International Conference on Wireless and Mobile Computing, Networking and Communication, WiMob 2008

Conference

Conference4th IEEE International Conference on Wireless and Mobile Computing, Networking and Communication, WiMob 2008
Country/TerritoryFrance
CityAvignon
Period12/10/0814/10/08

Keywords

  • Host-based Intrusion Detection Systems (HIDS)
  • Resource consumption and game theory

Fingerprint

Dive into the research topics of 'A game theoretic approach to optimize the performance of Host-Based IDS'. Together they form a unique fingerprint.

Cite this