A game-theoretic intrusion detection model for mobile ad hoc networks

Hadi Otrok, Noman Mohammed, Lingyu Wang, Mourad Debbabi, Prabir Bhattacharya

Research output: Contribution to journalArticlepeer-review

63 Scopus citations

Abstract

In this paper, we address the problem of increasing the effectiveness of an intrusion detection system (IDS) for a cluster of nodes in ad hoc networks. To reduce the performance overhead of the IDS, a leader node is usually elected to handle the intrusion detection service on behalf of the whole cluster. However, most current solutions elect a leader randomly without considering the resource level of nodes. Such a solution will cause nodes with less remaining resources to die faster, reducing the overall lifetime of the cluster. It is also vulnerable to selfish nodes who do not provide services to others while at the same time benefiting from such services. Our experiments show that the presence of selfish nodes can significantly reduce the effectiveness of an IDS because less packets are inspected over time. To increase the effectiveness of an IDS in MANET, we propose a unified framework that is able to: (1) Balance the resource consumption among all the nodes and thus increase the overall lifetime of a cluster by electing truthfully and efficiently the most cost-efficient node known as leader-IDS. A mechanism is designed using Vickrey, Clarke, and Groves (VCG) to achieve the desired goal. (2) Catch and punish a misbehaving leader through checkers that monitor the behavior of the leader. A cooperative game-theoretic model is proposed to analyze the interaction among checkers to reduce the false-positive rate. A multi-stage catch mechanism is also introduced to reduce the performance overhead of checkers. (3) Maximize the probability of detection for an elected leader to effectively execute the detection service. This is achieved by formulating a zero-sum non-cooperative game between the leader and intruder. We solve the game by finding the Bayesian Nash Equilibrium where the leader's optimal detection strategy is determined. Finally, empirical results are provided to support our solutions.

Original languageBritish English
Pages (from-to)708-721
Number of pages14
JournalComputer Communications
Volume31
Issue number4
DOIs
StatePublished - 5 Mar 2008

Keywords

  • Cooperative and non-cooperative game theory
  • Intrusion detection system
  • MANET security
  • Mechanism design

Fingerprint

Dive into the research topics of 'A game-theoretic intrusion detection model for mobile ad hoc networks'. Together they form a unique fingerprint.

Cite this