A Bayesian game approach for intrusion detection in wireless ad hoc networks

In wireless ad hoc networks, although defense strategies such as intrusion detection systems (IDSs) can be deployed at each mobile node, significant constraints are imposed in terms of the energy expenditure of such systems. In this paper, we propose a game theoretic framework to analyze the interactions between pairs of attacking/defending nodes using a Bayesian formulation. We study the achievable Nash equilibrium for the attacker/defender game in both static and dynamic scenarios. The dynamic Bayesian game is a more realistic model, since it allows the defender to consistently update his belief on his opponent's maliciousness as the game evolves. A new Bayesian hybrid detection approach is suggested for the defender, in which a lightweight monitoring system is used to estimate his opponent's actions, and a heavyweight monitoring system acts as a last resort of defense. We show that the dynamic game produces energy-efficient monitoring strategies for the defender, while improving the overall hybrid detection power.

[1]  O. Kachirski,et al.  Intrusion detection using mobile agents in wireless ad hoc networks , 2002, Proceedings. IEEE Workshop on Knowledge Media Networking.

[2]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[3]  Petteri Nurmi,et al.  Modelling routing in wireless ad hoc networks with dynamic Bayesian games , 2004, 2004 First Annual IEEE Communications Society Conference on Sensor and Ad Hoc Communications and Networks, 2004. IEEE SECON 2004..

[4]  T. Basar,et al.  A game theoretic approach to decision and analysis in network intrusion detection , 2003, 42nd IEEE International Conference on Decision and Control (IEEE Cat. No.03CH37475).

[5]  Philip S. Yu,et al.  Cross-feature analysis for detecting ad-hoc routing anomalies , 2003, 23rd International Conference on Distributed Computing Systems, 2003. Proceedings..

[6]  Sajal K. Das,et al.  Intrusion detection in sensor networks: a non-cooperative game approach , 2004, Third IEEE International Symposium on Network Computing and Applications, 2004. (NCA 2004). Proceedings..

[7]  Karl N. Levitt,et al.  A specification-based intrusion detection system for AODV , 2003, SASN '03.

[8]  David A. Maltz,et al.  A performance comparison of multi-hop wireless ad hoc network routing protocols , 1998, MobiCom '98.

[9]  Vikram Srinivasan,et al.  An analytical approach to the study of cooperation in wireless ad hoc networks , 2005, IEEE Transactions on Wireless Communications.

[10]  Yongkang Xiao,et al.  Game theory models for IEEE 802.11 DCF in wireless ad hoc networks , 2005, IEEE Commun. Mag..

[11]  Yih-Chun Hu,et al.  Packet leashes: a defense against wormhole attacks in wireless networks , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[12]  Yang Li,et al.  Short Paper: A Distributed Cross-Layer Intrusion Detection System for Ad Hoc Networks , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[13]  Drew Fudenberg,et al.  Game theory (3. pr.) , 1991 .

[14]  Peng Liu,et al.  Incentive-based modeling and inference of attacker intent, objectives, and strategies , 2003, CCS '03.

[15]  Silvia Giordano,et al.  Modelling cooperation in mobile ad hoc networks: a formal description of selfishness , 2003 .

[16]  Yang Li,et al.  MAC layer anomaly detection in ad hoc networks , 2005, Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop.

[17]  Wenke Lee,et al.  A cooperative intrusion detection system for ad hoc networks , 2003, SASN '03.

[18]  T. Basar,et al.  A game theoretic analysis of intrusion detection in access control systems , 2004, 2004 43rd IEEE Conference on Decision and Control (CDC) (IEEE Cat. No.04CH37601).

[19]  Dharma P. Agrawal,et al.  SVM-based intrusion detection system for wireless ad hoc networks , 2003, 2003 IEEE 58th Vehicular Technology Conference. VTC 2003-Fall (IEEE Cat. No.03CH37484).

[20]  Murali S. Kodialam,et al.  Detecting network intrusions via sampling: a game theoretic approach , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[21]  Udo W. Pooch,et al.  Allocate fair payoff for cooperation in wireless ad hoc networks using Shapley Value , 2004, 18th International Parallel and Distributed Processing Symposium, 2004. Proceedings..