A Survey on Game-Theoretic Approaches for Intrusion Detection and Response Optimization
Intrusion Detection Systems (IDS) are key components for securing critical infrastructures, capable of detecting malicious activities on networks or hosts. However, the efficiency of an IDS depends primarily on both its configuration and its precision. The large amount of network traffic that needs...
Saved in:
| Published in | ACM computing surveys Vol. 51; no. 5; pp. 1 - 31 |
|---|---|
| Main Authors | , , , |
| Format | Journal Article |
| Language | English |
| Published |
New York, NY, USA
ACM
22.08.2018
Association for Computing Machinery |
| Subjects | |
| Online Access | Get full text |
| ISSN | 0360-0300 1557-7341 |
| DOI | 10.1145/3232848 |
Cover
| Abstract | Intrusion Detection Systems (IDS) are key components for securing critical infrastructures, capable of detecting malicious activities on networks or hosts. However, the efficiency of an IDS depends primarily on both its configuration and its precision. The large amount of network traffic that needs to be analyzed, in addition to the increase in attacks’ sophistication, renders the optimization of intrusion detection an important requirement for infrastructure security, and a very active research subject. In the state of the art, a number of approaches have been proposed to improve the efficiency of intrusion detection and response systems. In this article, we review the works relying on decision-making techniques focused on game theory and Markov decision processes to analyze the interactions between the attacker and the defender, and classify them according to the type of the optimization problem they address. While these works provide valuable insights for decision-making, we discuss the limitations of these solutions as a whole, in particular regarding the hypotheses in the models and the validation methods. We also propose future research directions to improve the integration of game-theoretic approaches into IDS optimization techniques. |
|---|---|
| AbstractList | Intrusion Detection Systems (IDS) are key components for securing critical infrastructures, capable of detecting malicious activities on networks or hosts. However, the efficiency of an IDS depends primarily on both its configuration and its precision. The large amount of network traffic that needs to be analyzed, in addition to the increase in attacks’ sophistication, renders the optimization of intrusion detection an important requirement for infrastructure security, and a very active research subject. In the state of the art, a number of approaches have been proposed to improve the efficiency of intrusion detection and response systems. In this article, we review the works relying on decision-making techniques focused on game theory and Markov decision processes to analyze the interactions between the attacker and the defender, and classify them according to the type of the optimization problem they address. While these works provide valuable insights for decision-making, we discuss the limitations of these solutions as a whole, in particular regarding the hypotheses in the models and the validation methods. We also propose future research directions to improve the integration of game-theoretic approaches into IDS optimization techniques. Intrusion Detection Systems (IDS) are key components for securing critical infrastructures, capable of detecting malicious activities on networks or hosts. However, the efficiency of an IDS depends primarily on both its configuration and its precision. The large amount of network traffic that needs to be analyzed, in addition to the increase in attacks' sophistication, renders the optimization of intrusion detection an important requirement for infrastructure security, and a very active research subject. In the state of the art, a number of approaches have been proposed to improve the efficiency of intrusion detection and response systems. In this article, we review the works relying on decision-making techniques focused on game theory and Markov decision processes to analyze the interactions between the attacker and the defender, and classify them according to the type of the optimization problem they address. While these works provide valuable insights for decision-making, we discuss the limitations of these solutions as a whole, in particular regarding the hypotheses in the models and the validation methods. We also propose future research directions to improve the integration of game-theoretic approaches into IDS optimization techniques |
| ArticleNumber | 90 |
| Author | Ismail, Ziad Debar, Herve Kiennert, Christophe Leneutre, Jean |
| Author_xml | – sequence: 1 givenname: Christophe surname: Kiennert fullname: Kiennert, Christophe email: christophe.kiennert@telecom-sudparis.eu organization: Télécom SudParis, Évry, France – sequence: 2 givenname: Ziad orcidid: 0000-0002-9421-5242 surname: Ismail fullname: Ismail, Ziad email: ismail.ziad@telecom-paristech.fr organization: Télécom ParisTech, Paris, France – sequence: 3 givenname: Herve surname: Debar fullname: Debar, Herve email: herve.debar@telecom-sudparis.eu organization: Télécom SudParis, Évry, France – sequence: 4 givenname: Jean surname: Leneutre fullname: Leneutre, Jean email: jean.leneutre@telecom-paristech.fr organization: Télécom ParisTech, Paris, France |
| BackLink | https://hal.science/hal-02009646$$DView record in HAL |
| BookMark | eNpl0E1Lw0AQBuBFKthW8e4p4EE8RGez-TyWqq1QKGjB4zLZTmhKm42720L99Sam9aCnWWYelpl3wHqVroixaw4PnIfRowhEkIbpGevzKEr8RIS8x_ogYvBBAFywgbVrAAhCHvfZx8h735k9HTxdeRPckr9YkTbkSuWN6tpoVCuyXqGN91o5s7Nl457IkXLtC6ul90a21pUlb167clt-YTu5ZOcFbixdHeuQLV6eF-OpP5tPXsejmY8CYufznAsRZ4nASGGWEKc0USki5TmKiBehIgghIUTFaRmmIk8QAxVglhWASgzZffftCjeyNuUWzUFqLOV0NJNtDwKALA7jPW_sbWebqz53ZJ1c652pmu1kwJOoCS2Ko0b5nVJGW2uokKp0Pyc5g-VGcpBtzPIYc-Pv_vjTGv_lTSdRbX_RafgNcRCFhg |
| CitedBy_id | crossref_primary_10_1109_ACCESS_2023_3321082 crossref_primary_10_1049_iet_com_2019_1372 crossref_primary_10_1109_ACCESS_2019_2943056 crossref_primary_10_1109_TIFS_2024_3515834 crossref_primary_10_1016_j_cie_2019_01_005 crossref_primary_10_1145_3635030 crossref_primary_10_1016_j_pmcj_2021_101385 crossref_primary_10_7717_peerj_cs_791 crossref_primary_10_1016_j_ress_2020_106878 crossref_primary_10_3390_s23010317 crossref_primary_10_1016_j_sysarc_2022_102722 crossref_primary_10_1109_ACCESS_2022_3213711 crossref_primary_10_1145_3652953 crossref_primary_10_1007_s11235_019_00616_1 crossref_primary_10_1109_TIFS_2020_3016842 crossref_primary_10_1016_j_procs_2019_08_098 crossref_primary_10_1002_cpe_7826 crossref_primary_10_1016_j_cie_2020_106584 crossref_primary_10_1016_j_eswa_2023_120386 crossref_primary_10_1109_ACCESS_2024_3381998 crossref_primary_10_1007_s11277_023_10773_x crossref_primary_10_1109_TIFS_2023_3284564 crossref_primary_10_1109_TAC_2024_3384834 crossref_primary_10_1016_j_cose_2022_102984 crossref_primary_10_3390_info13110544 crossref_primary_10_1007_s11277_021_08270_0 crossref_primary_10_1109_TIFS_2022_3191491 crossref_primary_10_1016_j_iot_2021_100462 crossref_primary_10_1145_3409959 crossref_primary_10_3389_fenrg_2024_1413576 |
| Cites_doi | 10.1109/SURV.2012.062612.00056 10.1016/j.comcom.2007.12.028 10.1006/game.1995.1023 10.1016/j.jnca.2015.12.006 10.1287/mnsc.27.4.479 10.2307/2938166 10.1016/j.compeleceng.2012.05.013 10.2307/3007957 10.1016/j.cose.2010.06.002 10.1016/j.cose.2014.04.009 10.5555/1620163.1620192 10.1609/aimag.v33i4.2401 10.5555/1689499.1689587 10.1007/BF01448847 10.2307/2171725 10.5555/2693068.2693077 10.1002/sec.730 10.1016/j.cose.2008.08.003 10.5555/1620270.1620401 10.1109/COMST.2015.2494502 10.5555/1748111.1748149 10.5555/784592.784788 10.1007/s10207-004-0060-x 10.5555/517430 10.1016/j.ins.2011.03.014 10.1007/978-3-642-10844-0_29 10.1109/SURV.2013.050113.00191 10.1016/j.patrec.2005.10.010 10.5555/1039834.1039864 10.5555/248676 10.5555/1689499.1689548 10.1145/357830.357849 10.4304/jnw.6.3.521-532 10.5555/1793974.1794083 10.5555/1025126.1025973 10.2307/1969529 10.1109/TPDS.2013.211 10.1109/TIFS.2009.2019154 10.1145/382912.382923 10.1145/2038916.2038945 10.1109/TSE.1987.232894 10.1109/TIFS.2014.2332816 10.1016/j.comcom.2007.10.024 10.1007/978-1-4614-5416-8_2 10.5555/1951874 10.1109/TPWRS.2014.2326403 10.5555/324119.324126 10.1007/978-3-642-33704-8_14 10.1016/j.cose.2011.08.009 10.1016/j.asoc.2012.01.009 10.5555/1076314 10.1145/2808691 10.1145/3057268 10.5555/501093 10.1504/IJICS.2007.012248 10.5555/517959 10.1007/978-1-4612-4146-1 10.1145/2480741.2480742 10.1111/j.1539-6924.1999.tb00399.x |
| ContentType | Journal Article |
| Copyright | ACM Copyright Association for Computing Machinery Jan 2019 Distributed under a Creative Commons Attribution 4.0 International License |
| Copyright_xml | – notice: ACM – notice: Copyright Association for Computing Machinery Jan 2019 – notice: Distributed under a Creative Commons Attribution 4.0 International License |
| DBID | AAYXX CITATION 7SC 8FD JQ2 L7M L~C L~D 1XC |
| DOI | 10.1145/3232848 |
| DatabaseName | CrossRef Computer and Information Systems Abstracts Technology Research Database ProQuest Computer Science Collection Advanced Technologies Database with Aerospace Computer and Information Systems Abstracts Academic Computer and Information Systems Abstracts Professional Hyper Article en Ligne (HAL) |
| DatabaseTitle | CrossRef Computer and Information Systems Abstracts Technology Research Database Computer and Information Systems Abstracts – Academic Advanced Technologies Database with Aerospace ProQuest Computer Science Collection Computer and Information Systems Abstracts Professional |
| DatabaseTitleList | CrossRef Computer and Information Systems Abstracts |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Computer Science |
| EISSN | 1557-7341 |
| EndPage | 31 |
| ExternalDocumentID | oai_HAL_hal_02009646v1 10_1145_3232848 3232848 |
| GroupedDBID | --Z -DZ -~X .4S .DC 23M 4.4 5GY 5VS 6J9 85S 8US 8VB AAIKC AAKMM AALFJ AAMNW AAYFX ABPPZ ACGFO ACGOD ACM ACNCT ADBCU ADL ADMLS ADPZR AEBYY AEGXH AEMOZ AENEX AENSD AFWIH AFWXC AGHSJ AHQJS AIAGR AIKLT AKVCP ALMA_UNASSIGNED_HOLDINGS ARCSS ASPBG AVWKF BDXCO CCLIF CS3 EBE EBR EBS EBU EDO EJD EMK FEDTE GUFHI HGAVV H~9 IAO ICD IEA IGS IOF K1G LHSKQ N95 P1C P2P PQQKQ QWB RNS ROL RXW TAE TAF TH9 U5U UKR UPT VQA W7O WH7 X6Y XH6 XSW XZL YXB Z5M ZCA ZL0 AAYXX ADXHL AEFXT AEJOY AETEA AKRVB CITATION 7SC 8FD JQ2 L7M L~C L~D 1XC 77I |
| ID | FETCH-LOGICAL-a306t-1b1336973a5ca97e1e87c8aaebba351f4ce0407eaac1ed483b7aa2c2a99f0ac3 |
| ISSN | 0360-0300 |
| IngestDate | Sat Sep 27 06:20:28 EDT 2025 Mon Jun 30 13:02:54 EDT 2025 Thu Apr 24 23:04:07 EDT 2025 Thu Jul 03 08:14:11 EDT 2025 Fri Feb 21 01:11:39 EST 2025 |
| IsPeerReviewed | true |
| IsScholarly | true |
| Issue | 5 |
| Keywords | MDP IDS Intrusion detection and response optimization game theory |
| Language | English |
| License | Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from Permissions@acm.org Distributed under a Creative Commons Attribution 4.0 International License: http://creativecommons.org/licenses/by/4.0 |
| LinkModel | OpenURL |
| MergedId | FETCHMERGED-LOGICAL-a306t-1b1336973a5ca97e1e87c8aaebba351f4ce0407eaac1ed483b7aa2c2a99f0ac3 |
| Notes | ObjectType-Article-1 SourceType-Scholarly Journals-1 ObjectType-Feature-2 content type line 14 |
| ORCID | 0000-0002-9421-5242 0000-0003-1943-1583 0000-0002-1344-4167 0000-0003-1819-3341 |
| PQID | 2175284565 |
| PQPubID | 47570 |
| PageCount | 31 |
| ParticipantIDs | hal_primary_oai_HAL_hal_02009646v1 proquest_journals_2175284565 crossref_citationtrail_10_1145_3232848 crossref_primary_10_1145_3232848 acm_primary_3232848 |
| PublicationCentury | 2000 |
| PublicationDate | 2018-08-22 |
| PublicationDateYYYYMMDD | 2018-08-22 |
| PublicationDate_xml | – month: 08 year: 2018 text: 2018-08-22 day: 22 |
| PublicationDecade | 2010 |
| PublicationPlace | New York, NY, USA |
| PublicationPlace_xml | – name: New York, NY, USA – name: Baltimore |
| PublicationTitle | ACM computing surveys |
| PublicationTitleAbbrev | ACM CSUR |
| PublicationYear | 2018 |
| Publisher | ACM Association for Computing Machinery |
| Publisher_xml | – name: ACM – name: Association for Computing Machinery |
| References | A. L. Buczak and E. Guven. 2016. A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Communications Surveys Tutorials 18, 2 (2016), 1153--1176. K. Lye and M. J. Wing. 2005. Game strategies in network security. International Journal of Information Security 4, 1 (2005), 71--86. 10.1007/s10207-004-0060-x E. Altman. 1999. Constrained Markov Decision Processes. CRC Press. R. Aumann and A. Brandenburger. 1995. Epistemic conditions for Nash equilibrium. Econometrica 63, 5 (1995), 1161--1180. S. Axelsson. 2000a. The base-rate fallacy and the difficulty of intrusion detection. ACM Transactions on Information and System Security 3, 3 (2000), 186--205. 10.1145/357830.357849 P. García-Teodoro, J. Díaz-Verdejo, G. Maciá-Fernández, and E. Vázquez. 2009. Anomaly-based network intrusion detection: Techniques, systems and challenges. Computers and Security 28, 1--2 (2009), 18--28. 10.1016/j.cose.2008.08.003 J. Huang, I. Liao, Y. Chung, and K. Chen. 2013. Shielding wireless sensor network using Markovian intrusion detection system with attack pattern mining. Information Sciences 231 (2013), 32--44. 10.1016/j.ins.2011.03.014 S. A. Zonouz, H. Khurana, W. H. Sanders, and T. M. Yardley. 2014. RRE: A game-theoretic intrusion response and recovery engine. IEEE Transactions on Parallel and Distributed Systems 25, 2 (2014), 395--406. 10.1109/TPDS.2013.211 J. Rosenhead, M. Elton, and S. K. Gupta. 1972. Robustness and optimality as criteria for strategic decisions. Operational Research Quarterly (1970--1977) 23, 4 (1972), 413--431. G. S. Fishman. 2001. Discrete-Event Simulation. Springer-Verlag. Z. Ismail, C. Kiennert, J. Leneutre, and L. Chen. 2017. A game theoretical model for optimal distribution of network security resources. In Proceedings of the 8th Conference on Decision and Game Theory for Security (GameSec’17). J. deMeer and A. Rennoch. 2011. The ETSI TVRA Security-Measurement Methodology by Means of TTCN-3 Notation. ETSI. T. Fawcett. 2006. An introduction to ROC analysis. Pattern Recognition Letters 27, 8 (2006), 861--874. 10.1016/j.patrec.2005.10.010 N. Stakhanova, S. Basu, and J. Wong. 2007. A taxonomy of intrusion response systems. International Journal of Information and Computer Security 1, 1/2 (2007), 169--184. 10.1504/IJICS.2007.012248 I. Kantzavelou and S. Katsikas. 2010. A game-based intrusion detection mechanism to confront internal attackers. Computers 8 Security 29, 8 (2010), 859--874. 10.1016/j.cose.2010.06.002 H. Moosavi and F. M. Bui. 2014a. A discounted stochastic game approach to intrusion detection in wireless ad hoc networks. In Proceedings of the 5th International Conference on Communications and Electronics. H. Otrok, N. Mohammed, L. Wang, M. Debbabi, and P. Bhattacharya. 2008b. A Game-theoretic intrusion detection model for mobile ad hoc networks. Computer Communications 31, 4 (2008), 708--721. 10.1016/j.comcom.2007.10.024 D. Shen, G. Chen, J. B. Cruz, Jr., L. Haynes, M. Kruger, and E. Blasch. 2007. A Markov game theoretic data fusion approach for cyber situational awareness. In Proceedings of SPIE, Vol. 6571. R. T. Clemen and R. L. Winkler. 1999. Combining probability distributions from experts in risk analysis. Risk Analysis 19, 2 (1999), 187--203. A. H. Farooqi and F. A. Khan. 2009. Intrusion detection systems for wireless sensor networks: A survey. Communication and Networking. Springer, Berlin, 234--241. J. Nash. 1951. Non-cooperative games. Annals of Mathematics 54, 2 (1951), 286--295. J. v Neumann. 1928. Zur theorie der gesellschaftsspiele. Mathematische Annalen 100, 1 (1928), 295--320. B. Schneier. 2000. Secrets 8 Lies: Digital Security in a Networked World (1st ed.). John Wiley 8 Sons, Inc. S. Roy, C. Ellis, S. Shiva, D. Dasgupta, V. Shandilya, and Q. Wu. 2010. A survey of game theory as applied to network security. In Proceedings of the 43rd Hawaii International Conference on System Sciences. A. Fielder, E. Panaousis, P. Malacaria, C. Hankin, and F. Smeraldi. 2015. Comparing decision support approaches for cyber security investment. CoRR abs/1502.05532 (2015). I. Butun, S. D. Morgera, and R. Sankar. 2014. A survey of intrusion detection systems in wireless sensor networks. IEEE Communications Surveys Tutorials 16, 1 (2014), 266--282. S. Axelsson. 2000b. Intrusion Detection Systems: A Survey and Taxonomy. Technical Report 99-15, Department of Computer Engineering, Chalmers University of Technology, Sweden. B. Liebald, D. Roth, N. Shah, and V. Srikumar. 2008. Proactive intrusion detection. In Proceedings of the 23rd National Conference on Artificial Intelligence. MATLAB. 2010. Version 7.10.0 (R2010a). The MathWorks Inc. FIRST 2015. Common Vulnerability Scoring System v3.0: Specification Document. FIRST. K. Sallhammar, B. E. Helvik, and S. J. Knapskog. 2005. Incorporating attacker behavior in stochastic models of security. In Proceedings of the 2005 International Conference on Security and Management. Y. Luo, F. Szidarovszky, Y. Al-Nashif, and S. Hariri. 2014. A fictitious play-based response strategy for multistage intrusion defense systems. Security and Communication Networks 7, 3 (2014), 473--491. 10.1002/sec.730 Y. Chen and R. Sion. 2011. To cloud or not to cloud?: Musings on costs and viability. In Proceedings of the 2nd ACM Symposium on Cloud Computing. 10.1145/2038916.2038945 A. Milenkoski, M. Vieira, S. Kounev, A. Avritzer, and B. D. Payne. 2015. Evaluating computer intrusion detection systems: A survey of common practices. ACM Computing Surveys 48, 1 (2015). 10.1145/2808691 J. Filar and K. Vrieze. 1996. Competitive Markov Decision Processes. Springer-Verlag, New York. R. D. McKelvey and T. R. Palfrey. 1995. Quantal response equilibria for normal form games. Games and Economic Behavior 10, 1 (1995), 6--38. H. Moosavi and F. M. Bui. 2014b. A game-theoretic framework for robust optimal intrusion detection in wireless sensor networks. IEEE Transactions on Information Forensics and Security 9, 9 (2014), 1367--1379. 10.1109/TIFS.2014.2332816 T. Alpcan and T. Basar. 2010. Network Security: A Decision and Game-Theoretic Approach. Cambridge University Press. R. L. Winkler. 1981. Combining probability distributions from dependent information sources. Management Science 27, 4 (1981), 479--488. 10.1287/mnsc.27.4.479 M. Willem. 1996. Minimax Theorems. Birkhäuser. N. Bao and J. Musacchio. 2009. Optimizing the decision to expel attackers from an information system. In Proceedings of the 47th Annual Allerton Conference on Communication, Control, and Computing. C. A. Catania and C. G. Garino. 2012. Automatic network intrusion detection: Current techniques and open issues. Computers and Electrical Engineering 38, 5 (2012), 1062--1072. 10.1016/j.compeleceng.2012.05.013 R. P. Lippmann, D. J. Fried, I. Graf, J. W. Haines, K. R. Kendall, D. McClung, D. Weber, S. E. Webster, D. Wyschogrod, R. K. Cunningham, and M. A. Zissman. 2000. Evaluating intrusion detection systems: The 1998 DARPA off-line intrusion detection evaluation. In Proceedings of the DARPA Information Survivability Conference and Exposition. S. Shen, G. Yue, Q. Cao, and F. Yu. 2011. A survey of game theory in wireless sensor networks security. Journal of Networks 6, 3 (2011). Q. Zhu and T. Basar. 2009. Dynamic policy-based IDS configuration. In Proceedings of the 48th IEEE Conference on Decision and Control. A. Shameli-Sendi, M. Cheriet, and A. Hamou-Lhadj. 2014. Taxonomy of intrusion risk assessment and response system. Computers and Security 45 (2014), 1--16. 10.1016/j.cose.2014.04.009 F. M. Delle Fave, A. X. Jiang, Z. Yin, C. M. Zhang, M. Tambe, S. Kraus, and J. P. Sullivan. 2014. Game-theoretic security patrolling with dynamic execution uncertainty and a case study on a real transit system. Journal of Artificial Intelligence Research 50 (2014), 321--367. H. Otrok, M. Mehrandish, C. Assi, M. Debbabi, and P. Bhattacharya. 2008a. Game theoretic models for detecting network intrusions. Computer Communications 31, 10 (2008), 1934--1944. 10.1016/j.comcom.2007.12.028 R. J. Aumann. 1997. Rationality and Bounded Rationality. Springer, Berlin, 219--231. A. Agah, S. K. Das, K. Basu, and M. Asadi. 2004. Intrusion detection in sensor networks: A non-cooperative game approach. In Proceedings of the 3rd IEEE International Symposium on Network Computing and Applications. M. Ghorbani and M. R. Hashemi. 2015. Networked IDS configuration in heterogeneous networks—A game theory approach. In Proceedings of the 23rd Iranian Conference on Electrical Engineering. Y. W. Law, T. Alpcan, and M. Palaniswami. 2015. Security games for risk minimization in automatic generation control. IEEE Transactions on Power Systems 30, 1 (2015), 223--232. A. Rubinstein. 1991. Comments on the interpretation of game theory. Econometrica 59, 4 (1991), 909--924. L. Chen and J. Leneutre. 2009. A game theoretical framework on intrusion detection in heterogeneous networks. IEEE Transactions on Information Forensics and Security 4, 2 (2009), 165--178. 10.1109/TIFS.2009.2019154 C. Kolias, G. Kambourakis, and M. Maragoudakis. 2011. Swarm intelligence in intrusion detection: A survey. Computers and Security 30, 8 (2011), 625--642. 10.1016/j.cose.2011.08.009 J. McHugh. 2000. Testing intrusion detection systems: A critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln laboratory. ACM Transactions on Information and System Security 3, 4 (2000), 262--294. 10.1145/382912.382923 T. Alpcan and T. Basar. 2003. A game theoretic approach to decision and analysis in network intrusion detection. In Proceedings of the 42nd IEEE Conference on Decision and Control. Y. Luo, F. Szidarovszky, Y. Al-Nashif, and S. Hariri. 2009. A game theory based risk and impact analysis method for intrusion defense systems. In Proceedings of the International Conference on Computer Systems and Applications. D. E. Denning. 1987. An intrusion-detection model. IEEE Transactions on Software Engineering 13, 2 (1987), 222--232. 10.1109/TSE.1987.232894 R. Bellman. 1957. A Markovian decision process. Journal ETSI (e_1_2_1_25_1) Alpcan T. (e_1_2_1_3_1) e_1_2_1_60_1 Zhu Q. (e_1_2_1_88_1) Paramasivan B. (e_1_2_1_67_1) 2011; 5 e_1_2_1_20_1 e_1_2_1_41_1 e_1_2_1_66_1 e_1_2_1_87_1 e_1_2_1_68_1 e_1_2_1_89_1 e_1_2_1_24_1 e_1_2_1_45_1 e_1_2_1_62_1 e_1_2_1_83_1 e_1_2_1_22_1 e_1_2_1_64_1 e_1_2_1_85_1 e_1_2_1_28_1 e_1_2_1_26_1 e_1_2_1_47_1 Lippmann R. P. (e_1_2_1_49_1) Alpcan T. (e_1_2_1_4_1) Sallhammar K. (e_1_2_1_73_1) Ghorbani M. (e_1_2_1_35_1) Howard R. (e_1_2_1_37_1) Spaan M. T. J. (e_1_2_1_80_1) e_1_2_1_71_1 e_1_2_1_31_1 e_1_2_1_54_1 e_1_2_1_77_1 e_1_2_1_8_1 e_1_2_1_56_1 e_1_2_1_12_1 e_1_2_1_10_1 e_1_2_1_52_1 e_1_2_1_75_1 e_1_2_1_16_1 e_1_2_1_39_1 e_1_2_1_14_1 e_1_2_1_18_1 Miura-Ko R. A. (e_1_2_1_58_1) Zhu Q. (e_1_2_1_86_1) Fudenberg D. (e_1_2_1_33_1) e_1_2_1_82_1 Aumann R. J. (e_1_2_1_9_1) e_1_2_1_42_1 e_1_2_1_65_1 e_1_2_1_23_1 e_1_2_1_46_1 e_1_2_1_61_1 e_1_2_1_84_1 Alexander C. (e_1_2_1_2_1) e_1_2_1_21_1 e_1_2_1_44_1 e_1_2_1_63_1 e_1_2_1_27_1 Kodialam M. (e_1_2_1_43_1) e_1_2_1_48_1 e_1_2_1_69_1 e_1_2_1_29_1 Sonnenreich W. (e_1_2_1_79_1) 2006; 38 Ismail Z. (e_1_2_1_40_1) e_1_2_1_70_1 Shen D. (e_1_2_1_76_1); 6571 Altman E. (e_1_2_1_6_1) Bellman R. (e_1_2_1_13_1) 1957; 6 e_1_2_1_7_1 e_1_2_1_30_1 e_1_2_1_55_1 e_1_2_1_5_1 e_1_2_1_57_1 e_1_2_1_78_1 e_1_2_1_34_1 Luo Y. (e_1_2_1_50_1) e_1_2_1_51_1 e_1_2_1_72_1 e_1_2_1_1_1 e_1_2_1_32_1 e_1_2_1_53_1 e_1_2_1_74_1 e_1_2_1_17_1 e_1_2_1_38_1 Srinivasan V. (e_1_2_1_81_1) e_1_2_1_15_1 e_1_2_1_36_1 Moosavi H. (e_1_2_1_59_1) e_1_2_1_19_1 |
| References_xml | – reference: K. Lye and M. J. Wing. 2005. Game strategies in network security. International Journal of Information Security 4, 1 (2005), 71--86. 10.1007/s10207-004-0060-x – reference: T. Alpcan and T. Basar. 2010. Network Security: A Decision and Game-Theoretic Approach. Cambridge University Press. – reference: A. Shameli-Sendi, M. Cheriet, and A. Hamou-Lhadj. 2014. Taxonomy of intrusion risk assessment and response system. Computers and Security 45 (2014), 1--16. 10.1016/j.cose.2014.04.009 – reference: ETSI 2015. Information Security Indicators (ISI); Indicators (INC); Part 1: A Full Set of Operational Indicators for Organizations to Use to Benchmark Their Security Posture. ETSI. – reference: G. S. Fishman. 2001. Discrete-Event Simulation. Springer-Verlag. – reference: E. Altman. 1999. Constrained Markov Decision Processes. CRC Press. – reference: V. Srinivasan, P. Nuggehalli, C. F. Chiasserini, and R. R. Rao. 2003. Cooperation in wireless ad hoc networks. In Proceedings of the 22nd Annual Joint Conference of the IEEE Computer and Communications (INFOCOM’03). – reference: D. Shen, G. Chen, J. B. Cruz, Jr., L. Haynes, M. Kruger, and E. Blasch. 2007. A Markov game theoretic data fusion approach for cyber situational awareness. In Proceedings of SPIE, Vol. 6571. – reference: B. Schneier. 2000. Secrets 8 Lies: Digital Security in a Networked World (1st ed.). John Wiley 8 Sons, Inc. – reference: S. Axelsson. 2000b. Intrusion Detection Systems: A Survey and Taxonomy. Technical Report 99-15, Department of Computer Engineering, Chalmers University of Technology, Sweden. – reference: H. Moosavi and F. M. Bui. 2014a. A discounted stochastic game approach to intrusion detection in wireless ad hoc networks. In Proceedings of the 5th International Conference on Communications and Electronics. – reference: J. Rosenhead, M. Elton, and S. K. Gupta. 1972. Robustness and optimality as criteria for strategic decisions. Operational Research Quarterly (1970--1977) 23, 4 (1972), 413--431. – reference: M. J. Osborne and A. Rubinstein. 1994. A Course in Game Theory. MIT Press. – reference: R. L. Winkler. 1981. Combining probability distributions from dependent information sources. Management Science 27, 4 (1981), 479--488. 10.1287/mnsc.27.4.479 – reference: J. Huang, I. Liao, Y. Chung, and K. Chen. 2013. Shielding wireless sensor network using Markovian intrusion detection system with attack pattern mining. Information Sciences 231 (2013), 32--44. 10.1016/j.ins.2011.03.014 – reference: R. A. Miura-Ko, B. Yolken, N. Bambos, and J. Mitchell. 2008. Security investment games of interdependent organizations. In Proceedings of the 46th Annual Allerton Conference on Communication, Control, and Computing. – reference: J. Nash. 1951. Non-cooperative games. Annals of Mathematics 54, 2 (1951), 286--295. – reference: Q. Zhu, C. Fung, R. Boutaba, and T. Basar. 2009. A game-theoretical approach to incentive design in collaborative intrusion detection networks. In Proceedings of the International Conference on Game Theory for Networks (GameNets’09). – reference: S. Roy, C. Ellis, S. Shiva, D. Dasgupta, V. Shandilya, and Q. Wu. 2010. A survey of game theory as applied to network security. In Proceedings of the 43rd Hawaii International Conference on System Sciences. – reference: R. Howard. 1960. Dynamic Programming and Markov Processes. MIT Press. – reference: R. T. Clemen and R. L. Winkler. 1999. Combining probability distributions from experts in risk analysis. Risk Analysis 19, 2 (1999), 187--203. – reference: T. Alpcan and T. Basar. 2006. An intrusion detection game with limited observations. In Proceedings of the 12th International Symposium on Dynamic Games and Applications. – reference: M. Willem. 1996. Minimax Theorems. Birkhäuser. – reference: R. D. McKelvey and T. R. Palfrey. 1995. Quantal response equilibria for normal form games. Games and Economic Behavior 10, 1 (1995), 6--38. – reference: R. Bellman. 1957. A Markovian decision process. Journal of Mathematics and Mechanics 6 (1957), 679--684. – reference: J. deMeer and A. Rennoch. 2011. The ETSI TVRA Security-Measurement Methodology by Means of TTCN-3 Notation. ETSI. – reference: F. M. Delle Fave, A. X. Jiang, Z. Yin, C. M. Zhang, M. Tambe, S. Kraus, and J. P. Sullivan. 2014. Game-theoretic security patrolling with dynamic execution uncertainty and a case study on a real transit system. Journal of Artificial Intelligence Research 50 (2014), 321--367. – reference: Z. Inayat, A. Gani, N. B. Anuar, M. K. Khan, and S. Anwar. 2016. Intrusion response systems: Foundations, design, and challenges. Journal of Network and Computer Applications 62 (2016), 53--74. 10.1016/j.jnca.2015.12.006 – reference: B. Liebald, D. Roth, N. Shah, and V. Srikumar. 2008. Proactive intrusion detection. In Proceedings of the 23rd National Conference on Artificial Intelligence. – reference: Y. Luo, F. Szidarovszky, Y. Al-Nashif, and S. Hariri. 2009. A game theory based risk and impact analysis method for intrusion defense systems. In Proceedings of the International Conference on Computer Systems and Applications. – reference: I. Butun, S. D. Morgera, and R. Sankar. 2014. A survey of intrusion detection systems in wireless sensor networks. IEEE Communications Surveys Tutorials 16, 1 (2014), 266--282. – reference: R. P. Lippmann, D. J. Fried, I. Graf, J. W. Haines, K. R. Kendall, D. McClung, D. Weber, S. E. Webster, D. Wyschogrod, R. K. Cunningham, and M. A. Zissman. 2000. Evaluating intrusion detection systems: The 1998 DARPA off-line intrusion detection evaluation. In Proceedings of the DARPA Information Survivability Conference and Exposition. – reference: M. Ghorbani and M. R. Hashemi. 2015. Networked IDS configuration in heterogeneous networks—A game theory approach. In Proceedings of the 23rd Iranian Conference on Electrical Engineering. – reference: M. H. Manshaei, Q. Zhu, T. Alpcan, T. Basar, and J. P. Hubaux. 2013. Game theory meets network security and privacy. ACM Computing Surveys 45, 3 (2013). 10.1145/2480741.2480742 – reference: C. Kolias, G. Kambourakis, and M. Maragoudakis. 2011. Swarm intelligence in intrusion detection: A survey. Computers and Security 30, 8 (2011), 625--642. 10.1016/j.cose.2011.08.009 – reference: P. García-Teodoro, J. Díaz-Verdejo, G. Maciá-Fernández, and E. Vázquez. 2009. Anomaly-based network intrusion detection: Techniques, systems and challenges. Computers and Security 28, 1--2 (2009), 18--28. 10.1016/j.cose.2008.08.003 – reference: T. Toth and C. Kruegel. 2002. Evaluating the impact of automated intrusion response mechanisms. In Proceedings of the 18th Annual Computer Security Applications Conference. – reference: J. Filar and K. Vrieze. 1996. Competitive Markov Decision Processes. Springer-Verlag, New York. – reference: M. Kodialam and T. V. Lakshman. 2003. Detecting network intrusions via sampling: A game theoretic approach. In Proceedings of the 22nd Annual Joint Conference of the IEEE Computer and Communications (INFOCOM’03). – reference: Y. Luo, F. Szidarovszky, Y. Al-Nashif, and S. Hariri. 2014. A fictitious play-based response strategy for multistage intrusion defense systems. Security and Communication Networks 7, 3 (2014), 473--491. 10.1002/sec.730 – reference: N. Bao and J. Musacchio. 2009. Optimizing the decision to expel attackers from an information system. In Proceedings of the 47th Annual Allerton Conference on Communication, Control, and Computing. – reference: D. P. Bertsekas. 2000. Dynamic Programming and Optimal Control (2nd ed.). Athena Scientific. – reference: I. Kantzavelou and S. Katsikas. 2010. A game-based intrusion detection mechanism to confront internal attackers. Computers 8 Security 29, 8 (2010), 859--874. 10.1016/j.cose.2010.06.002 – reference: T. Alpcan and T. Basar. 2003. A game theoretic approach to decision and analysis in network intrusion detection. In Proceedings of the 42nd IEEE Conference on Decision and Control. – reference: M. Jain, B. An, and M. Tambe. 2013. Security games applied to real-world: Research contributions and challenges. Moving Target Defense II. – reference: Q. Zhu and T. Basar. 2009. Dynamic policy-based IDS configuration. In Proceedings of the 48th IEEE Conference on Decision and Control. – reference: T. Fawcett. 2006. An introduction to ROC analysis. Pattern Recognition Letters 27, 8 (2006), 861--874. 10.1016/j.patrec.2005.10.010 – reference: A. Agah, S. K. Das, K. Basu, and M. Asadi. 2004. Intrusion detection in sensor networks: A non-cooperative game approach. In Proceedings of the 3rd IEEE International Symposium on Network Computing and Applications. – reference: H. Debar, M. Dacier, and A. Wespi. 1999. Towards a taxonomy of intrusion-detection systems. Computer Networks 31, 9 (1999), 805--822. – reference: M. Roesch. 1999. Snort—Lightweight intrusion detection for networks. In Proceedings of the 13th USENIX Conference on System Administration. – reference: S. Shen, G. Yue, Q. Cao, and F. Yu. 2011. A survey of game theory in wireless sensor networks security. Journal of Networks 6, 3 (2011). – reference: D. E. Denning. 1987. An intrusion-detection model. IEEE Transactions on Software Engineering 13, 2 (1987), 222--232. 10.1109/TSE.1987.232894 – reference: C. T. Do, N. H. Tran, C. Hong, C. A. Kamhoua, K. A. Kwiat, E. Blasch, S. Ren, N. Pissinou, and S. S. Iyengar. 2017. Game theory for cyber security and privacy. ACM Computing Surveys 50, 2 (2017). 10.1145/3057268 – reference: A. Lazarevic, V. Kumar, and J. Srivastava. 2005. Managing Cyber Threats: Issues, Approaches, and Challenges. Springer US, Chapter Intrusion Detection: A Survey, 19--78. – reference: J. Pita, M. Jain, F. Ordóñez, C. Portway, M. Tambe, C. Western, P. Paruchuri, and S. Kraus. 2008. ARMOR security for Los Angeles International Airport. In Proceedings of the 23rd National Conference on Artificial Intelligence. – reference: M. T. J. Spaan. 2012. Partially Observable Markov Decision Processes. Springer, Berlin, 387--414. – reference: B. Paramasivan and K. Mohaideen Pitchai. 2011. Comprehensive survey on game theory based intrusion detection system for mobile adhoc networks. IJCA Special Issue on Network Security and Cryptography NSC, 5 (2011), 23--29. – reference: R. J. Aumann. 1997. Rationality and Bounded Rationality. Springer, Berlin, 219--231. – reference: K. Sallhammar, B. E. Helvik, and S. J. Knapskog. 2005. Incorporating attacker behavior in stochastic models of security. In Proceedings of the 2005 International Conference on Security and Management. – reference: A. Rubinstein. 1991. Comments on the interpretation of game theory. Econometrica 59, 4 (1991), 909--924. – reference: H. Otrok, N. Mohammed, L. Wang, M. Debbabi, and P. Bhattacharya. 2008b. A Game-theoretic intrusion detection model for mobile ad hoc networks. Computer Communications 31, 4 (2008), 708--721. 10.1016/j.comcom.2007.10.024 – reference: R. Aumann and A. Brandenburger. 1995. Epistemic conditions for Nash equilibrium. Econometrica 63, 5 (1995), 1161--1180. – reference: C. A. Catania and C. G. Garino. 2012. Automatic network intrusion detection: Current techniques and open issues. Computers and Electrical Engineering 38, 5 (2012), 1062--1072. 10.1016/j.compeleceng.2012.05.013 – reference: J. McHugh. 2000. Testing intrusion detection systems: A critique of the 1998 and 1999 DARPA intrusion detection system evaluations as performed by Lincoln laboratory. ACM Transactions on Information and System Security 3, 4 (2000), 262--294. 10.1145/382912.382923 – reference: A. H. Farooqi and F. A. Khan. 2009. Intrusion detection systems for wireless sensor networks: A survey. Communication and Networking. Springer, Berlin, 234--241. – reference: L. Chen and J. Leneutre. 2009. A game theoretical framework on intrusion detection in heterogeneous networks. IEEE Transactions on Information Forensics and Security 4, 2 (2009), 165--178. 10.1109/TIFS.2009.2019154 – reference: Z. Ismail, C. Kiennert, J. Leneutre, and L. Chen. 2017. A game theoretical model for optimal distribution of network security resources. In Proceedings of the 8th Conference on Decision and Game Theory for Security (GameSec’17). – reference: Y. W. Law, T. Alpcan, and M. Palaniswami. 2015. Security games for risk minimization in automatic generation control. IEEE Transactions on Power Systems 30, 1 (2015), 223--232. – reference: D. Fudenberg. 1998. The Theory of Learning in Games. MIT Press. – reference: A. L. Buczak and E. Guven. 2016. A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Communications Surveys Tutorials 18, 2 (2016), 1153--1176. – reference: Y. Chen and R. Sion. 2011. To cloud or not to cloud?: Musings on costs and viability. In Proceedings of the 2nd ACM Symposium on Cloud Computing. 10.1145/2038916.2038945 – reference: B. An, E. Shieh, R. Yang, M. Tambe, C. Baldwin, J. DiRenzo, B. Maule, and G. Meyer. 2012. PROTECT—A deployed game-theoretic system for strategic security allocation for the United States Coast Guard. AI Magazine 33 (2012), 96--110. – reference: A. Milenkoski, M. Vieira, S. Kounev, A. Avritzer, and B. D. Payne. 2015. Evaluating computer intrusion detection systems: A survey of common practices. ACM Computing Surveys 48, 1 (2015). 10.1145/2808691 – reference: S. Shen, R. Han, L. Guo, W. Li, and Q. Cao. 2012. Survivability evaluation towards attacked WSNs based on stochastic game and continuous-time Markov chain. Applied Soft Computing 12, 5 (2012), 1467--1476. 10.1016/j.asoc.2012.01.009 – reference: K. C. Nguyen, T. Alpcan, and T. Basar. 2009. Stochastic games for security in networks with interdependent nodes. In Proceedings of the International Conference on Game Theory for Networks (GameNets’09). – reference: Q. Zhu, H. Tembine, and T. Basar. 2010. Network security configurations: A nonzero-sum stochastic game approach. In Proceedings of the 2010 American Control Conference. – reference: S. A. Zonouz, H. Khurana, W. H. Sanders, and T. M. Yardley. 2014. RRE: A game-theoretic intrusion response and recovery engine. IEEE Transactions on Parallel and Distributed Systems 25, 2 (2014), 395--406. 10.1109/TPDS.2013.211 – reference: J. v Neumann. 1928. Zur theorie der gesellschaftsspiele. Mathematische Annalen 100, 1 (1928), 295--320. – reference: N. Stakhanova, S. Basu, and J. Wong. 2007. A taxonomy of intrusion response systems. International Journal of Information and Computer Security 1, 1/2 (2007), 169--184. 10.1504/IJICS.2007.012248 – reference: S. Axelsson. 2000a. The base-rate fallacy and the difficulty of intrusion detection. ACM Transactions on Information and System Security 3, 3 (2000), 186--205. 10.1145/357830.357849 – reference: MATLAB. 2010. Version 7.10.0 (R2010a). The MathWorks Inc. – reference: A. Fielder, E. Panaousis, P. Malacaria, C. Hankin, and F. Smeraldi. 2015. Comparing decision support approaches for cyber security investment. CoRR abs/1502.05532 (2015). – reference: H. Otrok, M. Mehrandish, C. Assi, M. Debbabi, and P. Bhattacharya. 2008a. Game theoretic models for detecting network intrusions. Computer Communications 31, 10 (2008), 1934--1944. 10.1016/j.comcom.2007.12.028 – reference: G. Gonzalez Granadillo, H. Debar, G. Jacob, C. Gaber, and M. Achemlal. 2012. Individual countermeasure selection based on the return on response investment index. Computer Network Security. Springer, Berlin, 156--170. 10.1007/978-3-642-33704-8_14 – reference: X. Liang and Y. Xiao. 2013. Game theory for network security. IEEE Communications Surveys Tutorials 15, 1 (2013), 472--486. – reference: C. Alexander. 2009. Market Risk Analysis: Value-at-Risk Models. Vol. 4. Wiley. – reference: FIRST 2015. Common Vulnerability Scoring System v3.0: Specification Document. FIRST. – reference: W. Sonnenreich, J. Albanese, and B. Stout. 2006. Return on security investment (ROSI): A practical quantitative model. Journal of Research and Practice in Information Technology 38, 1 (2006), 45--56. – reference: H. Moosavi and F. M. Bui. 2014b. A game-theoretic framework for robust optimal intrusion detection in wireless sensor networks. IEEE Transactions on Information Forensics and Security 9, 9 (2014), 1367--1379. 10.1109/TIFS.2014.2332816 – ident: e_1_2_1_47_1 doi: 10.1109/SURV.2012.062612.00056 – volume: 6571 volume-title: Proceedings of SPIE ident: e_1_2_1_76_1 – volume-title: Proceedings of the 22nd Annual Joint Conference of the IEEE Computer and Communications (INFOCOM’03) ident: e_1_2_1_43_1 – ident: e_1_2_1_65_1 doi: 10.1016/j.comcom.2007.12.028 – volume-title: Proceedings of the 12th International Symposium on Dynamic Games and Applications. ident: e_1_2_1_4_1 – volume-title: The Theory of Learning in Games ident: e_1_2_1_33_1 – ident: e_1_2_1_56_1 doi: 10.1006/game.1995.1023 – ident: e_1_2_1_39_1 doi: 10.1016/j.jnca.2015.12.006 – ident: e_1_2_1_85_1 doi: 10.1287/mnsc.27.4.479 – ident: e_1_2_1_72_1 doi: 10.2307/2938166 – volume-title: Proceedings of the 2010 American Control Conference. ident: e_1_2_1_88_1 – ident: e_1_2_1_17_1 doi: 10.1016/j.compeleceng.2012.05.013 – ident: e_1_2_1_70_1 doi: 10.2307/3007957 – ident: e_1_2_1_42_1 doi: 10.1016/j.cose.2010.06.002 – ident: e_1_2_1_75_1 doi: 10.1016/j.cose.2014.04.009 – ident: e_1_2_1_48_1 doi: 10.5555/1620163.1620192 – ident: e_1_2_1_7_1 doi: 10.1609/aimag.v33i4.2401 – volume-title: Information Security Indicators (ISI) ident: e_1_2_1_25_1 – volume-title: Proceedings of the 46th Annual Allerton Conference on Communication, Control, and Computing. ident: e_1_2_1_58_1 – ident: e_1_2_1_63_1 doi: 10.5555/1689499.1689587 – ident: e_1_2_1_62_1 doi: 10.1007/BF01448847 – ident: e_1_2_1_8_1 doi: 10.2307/2171725 – ident: e_1_2_1_27_1 doi: 10.5555/2693068.2693077 – volume-title: Proceedings of the 23rd Iranian Conference on Electrical Engineering. ident: e_1_2_1_35_1 – ident: e_1_2_1_51_1 doi: 10.1002/sec.730 – volume-title: Partially Observable Markov Decision Processes ident: e_1_2_1_80_1 – volume-title: Proceedings of the 42nd IEEE Conference on Decision and Control. ident: e_1_2_1_3_1 – ident: e_1_2_1_64_1 – ident: e_1_2_1_34_1 doi: 10.1016/j.cose.2008.08.003 – ident: e_1_2_1_68_1 doi: 10.5555/1620270.1620401 – ident: e_1_2_1_15_1 doi: 10.1109/COMST.2015.2494502 – ident: e_1_2_1_71_1 doi: 10.5555/1748111.1748149 – ident: e_1_2_1_83_1 doi: 10.5555/784592.784788 – ident: e_1_2_1_52_1 doi: 10.1007/s10207-004-0060-x – ident: e_1_2_1_14_1 doi: 10.5555/517430 – ident: e_1_2_1_38_1 doi: 10.1016/j.ins.2011.03.014 – ident: e_1_2_1_26_1 doi: 10.1007/978-3-642-10844-0_29 – volume-title: Dynamic Programming and Markov Processes ident: e_1_2_1_37_1 – volume-title: Proceedings of the 2005 International Conference on Security and Management. ident: e_1_2_1_73_1 – ident: e_1_2_1_16_1 doi: 10.1109/SURV.2013.050113.00191 – ident: e_1_2_1_28_1 doi: 10.1016/j.patrec.2005.10.010 – ident: e_1_2_1_69_1 doi: 10.5555/1039834.1039864 – volume-title: Proceedings of the 5th International Conference on Communications and Electronics. ident: e_1_2_1_59_1 – volume: 6 start-page: 679 year: 1957 ident: e_1_2_1_13_1 article-title: A Markovian decision process publication-title: Journal of Mathematics and Mechanics – ident: e_1_2_1_30_1 doi: 10.5555/248676 – ident: e_1_2_1_87_1 doi: 10.5555/1689499.1689548 – ident: e_1_2_1_10_1 doi: 10.1145/357830.357849 – volume-title: Proceedings of the 22nd Annual Joint Conference of the IEEE Computer and Communications (INFOCOM’03) ident: e_1_2_1_81_1 – ident: e_1_2_1_29_1 – ident: e_1_2_1_78_1 doi: 10.4304/jnw.6.3.521-532 – volume: 5 start-page: 23 year: 2011 ident: e_1_2_1_67_1 article-title: Comprehensive survey on game theory based intrusion detection system for mobile adhoc networks publication-title: IJCA Special Issue on Network Security and Cryptography NSC – ident: e_1_2_1_54_1 – ident: e_1_2_1_31_1 – ident: e_1_2_1_12_1 doi: 10.5555/1793974.1794083 – ident: e_1_2_1_1_1 doi: 10.5555/1025126.1025973 – ident: e_1_2_1_61_1 doi: 10.2307/1969529 – ident: e_1_2_1_89_1 doi: 10.1109/TPDS.2013.211 – ident: e_1_2_1_18_1 doi: 10.1109/TIFS.2009.2019154 – volume-title: Market Risk Analysis: Value-at-Risk Models ident: e_1_2_1_2_1 – ident: e_1_2_1_55_1 doi: 10.1145/382912.382923 – ident: e_1_2_1_19_1 doi: 10.1145/2038916.2038945 – volume-title: Rationality and Bounded Rationality ident: e_1_2_1_9_1 – ident: e_1_2_1_23_1 doi: 10.1109/TSE.1987.232894 – ident: e_1_2_1_60_1 doi: 10.1109/TIFS.2014.2332816 – volume-title: Constrained Markov Decision Processes ident: e_1_2_1_6_1 – ident: e_1_2_1_66_1 doi: 10.1016/j.comcom.2007.10.024 – ident: e_1_2_1_41_1 doi: 10.1007/978-1-4614-5416-8_2 – ident: e_1_2_1_22_1 – ident: e_1_2_1_5_1 doi: 10.5555/1951874 – ident: e_1_2_1_45_1 doi: 10.1109/TPWRS.2014.2326403 – ident: e_1_2_1_21_1 doi: 10.5555/324119.324126 – ident: e_1_2_1_36_1 doi: 10.1007/978-3-642-33704-8_14 – ident: e_1_2_1_44_1 doi: 10.1016/j.cose.2011.08.009 – ident: e_1_2_1_77_1 doi: 10.1016/j.asoc.2012.01.009 – ident: e_1_2_1_46_1 doi: 10.5555/1076314 – ident: e_1_2_1_57_1 doi: 10.1145/2808691 – ident: e_1_2_1_24_1 doi: 10.1145/3057268 – volume-title: Proceedings of the International Conference on Computer Systems and Applications. ident: e_1_2_1_50_1 – volume-title: Proceedings of the 48th IEEE Conference on Decision and Control. ident: e_1_2_1_86_1 – ident: e_1_2_1_32_1 doi: 10.5555/501093 – ident: e_1_2_1_82_1 doi: 10.1504/IJICS.2007.012248 – volume-title: Proceedings of the DARPA Information Survivability Conference and Exposition. ident: e_1_2_1_49_1 – volume: 38 start-page: 45 year: 2006 ident: e_1_2_1_79_1 article-title: Return on security investment (ROSI): A practical quantitative model publication-title: Journal of Research and Practice in Information Technology – volume-title: Proceedings of the 8th Conference on Decision and Game Theory for Security (GameSec’17) ident: e_1_2_1_40_1 – ident: e_1_2_1_74_1 doi: 10.5555/517959 – ident: e_1_2_1_84_1 doi: 10.1007/978-1-4612-4146-1 – ident: e_1_2_1_53_1 doi: 10.1145/2480741.2480742 – ident: e_1_2_1_20_1 doi: 10.1111/j.1539-6924.1999.tb00399.x |
| SSID | ssj0002416 |
| Score | 2.4611175 |
| Snippet | Intrusion Detection Systems (IDS) are key components for securing critical infrastructures, capable of detecting malicious activities on networks or hosts.... |
| SourceID | hal proquest crossref acm |
| SourceType | Open Access Repository Aggregation Database Enrichment Source Index Database Publisher |
| StartPage | 1 |
| SubjectTerms | Communications traffic Computer Science Computing methodologies Cryptography and Security Cybersecurity Decision analysis Decision making Decision theory Game theory Intrusion detection systems Intrusion/anomaly detection and malware mitigation Machine learning Machine learning approaches Machine learning theory Markov decision processes Markov processes Optimization Optimization techniques Security and privacy Stochastic games Theory and algorithms for application domains Theory of computation |
| SubjectTermsDisplay | Computing methodologies -- Machine learning -- Machine learning approaches -- Stochastic games Security and privacy -- Intrusion/anomaly detection and malware mitigation -- Intrusion detection systems Theory of computation -- Theory and algorithms for application domains -- Machine learning theory -- Markov decision processes |
| Title | A Survey on Game-Theoretic Approaches for Intrusion Detection and Response Optimization |
| URI | https://dl.acm.org/doi/10.1145/3232848 https://www.proquest.com/docview/2175284565 https://hal.science/hal-02009646 |
| Volume | 51 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV1Lb9QwELbo9sKFQgGxbUEWQlyQIYnjPI7RqtWqtMBhgYpLZHtnRSV2W7VpD_x6ZmznsVskHpdo5c1Dyfd5PB7PfGbsVZLmNoNMCWtKEKmeL4TOCBCLkC_Q_ikXGjj9kE0_p8dn6qxfLnDVJY15a3_-tq7kf1DFNsSVqmT_AdnuptiAvxFfPCLCePwrjCvs91e32KtJGkMvQczaskTyLl2tFDi9BQr8Xd1QYAwNTANhe3BXmuhSZOHNRzQdy1CTOXRYq8mpSzu_cenR1-5x_fqPyxbzRT-9SkHPtqX2EeZv53reecxgfE73lHIt29YTEtZsfDz8GAJjQzAiJnFrkQzjkzKLBNoNv9QCwaaqXOTS61u1RjeozJ4Pl7WdBY0HQ7EfH-4a-ZT0MCT6goVX6VyX0d4Y3rqkQ1-Crepw4RbbTnL0t0Zsu3r_ZfKpG7_Rpwkr3P5VfKk1XfouXEqejF2ueTJb3ymPdmM4dz7K7CF7ECYXvPJMecTuwWqX7bQbd_Bgxx-zrxX3xOEXK75OHN4ThyNxeEcc3hGHI3F4Sxw-JM4TNjs6nE2mIuywITROFRsRm1jKrMylVlaXOcRQ5LbQGozRUsWL1AIa-Ry0tjHM00KaXOvEJrosF5G28ikbrS5W8Ixxkt6LUiipuDk1kSp0UhibYH8HCTZTY7aLn6y-9BIqLQZj9rr9hLUNmvS0NcqPegOsMePdie097pzyEjHo_iXZ9Gl1UlNbREuAWZrdxmN20EJUh458XeOsXOEdcGqz9-fH7LP7PfEP2AhBgOfolzbmRSDSL48qjPc |
| linkProvider | EBSCOhost |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=A+Survey+on+Game-Theoretic+Approaches+for+Intrusion+Detection+and+Response+Optimization&rft.jtitle=ACM+computing+surveys&rft.au=Kiennert%2C+Christophe&rft.au=Ismail%2C+Ziad&rft.au=Debar%2C+Herve&rft.au=Leneutre%2C+Jean&rft.date=2018-08-22&rft.issn=0360-0300&rft.eissn=1557-7341&rft.volume=51&rft.issue=5&rft.spage=1&rft.epage=31&rft_id=info:doi/10.1145%2F3232848&rft.externalDBID=n%2Fa&rft.externalDocID=10_1145_3232848 |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=0360-0300&client=summon |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=0360-0300&client=summon |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=0360-0300&client=summon |