Abstract
In Cloud Computing environment, the availability, authentication and integrity became a more challenging problem. Indeed, the classical solutions of security based on intrusion detection system and firewalls are easily bypassed by experienced attackers. In addition, the use of different technologies in term of security didn’t mitigate the attack considerably. To achieve network system’s security with the complexity and the diversity of attack types is too difficult and costly. However, to make them more resistant to attacks, anomaly-based Intrusion Prevention System (IPS) are used. Such systems take into consideration the probability of legitimacy of a packet if it didn’t match any signature of malicious packets. In this paper, a competitive normal form game is developed based on the probability of packets’ legitimacy and the trust that an IPS has over the owner of the packet. Furthermore, a decision is made about dropping, accepting or testing packet in the network, and different Nash Equilibriums are calculated based on the system’s parameters. Our approach demonstrated its feasibility in term of prediction of the cases in which the system could be compromised and the actions that should be performed in case of an intrusion.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Mell, P., Grance, T.: The NIST definition of cloud computing (2011)
Hock, F., Kortiš, P.: Commercial and open-source based Intrusion Detection System and Intrusion Prevention System (IDS/IPS) design for an IP networks. In: 13th International Conference on Emerging eLearning Technologies and Applications (ICETA), Slovakia, pp. 1–4. IEEE (2015)
Garcia-Teodoro, P., Diaz-Verdejo, J., Macia-Fernandez, G., Vazquez, E.: Anomaly-based network intrusion detection: techniques, systems and challenges. Comput. Secur. 28(1), 18–28 (2009)
Ajay Kumara, M.A, Jaidhar, C.D: Hypervisor and virtual machine dependent intrusion detection and prevention system for virtualized cloud environment. In: 1st International Conference on Telematics and Future Generation Networks (TAFGEN), Malaysia, pp. 28–33. IEEE (2015)
El Mir, I., Kim, D.S., Haqiq, A.: Security modeling and analysis of an intrusion tolerant cloud data center. In: Third World Conference Complex Systems (WCCS), Morocco, pp. 1–6. IEEE (2015)
El Mir, I., Kim, D.S., Haqiq, A.: Security modeling and analysis of a self-cleansing intrusion tolerance technique. In: 11th International Conference Information Assurance and Security (IAS), Morocco, pp. 111–117. IEEE (2015)
El Mir, I., Kandoussi, E.M., Hanini, M., Kim, D.S., Haqiq, A.: A game theoretic approach based virtual machine migration for cloud environment security. Int. J. Commun. Netw. Inf. Secur. (IJCNIS) 3(9), 345–357 (2017)
Wu, Q., Shiva, S., Roy, S., Ellis, C., Datla, V.: On modeling and simulation of game theory based defense mechanisms against Dos and DDoS attacks. In: The spring Simulation Multiconference, pp. 312–318. ACM, San Diego (2010)
Ibidunmoye, E.O., Alese, B.K., Ogundele, O.S.: Modeling attacker-defender interaction as a zero-sum stochastic game. J. Comput. Sci. Appl. 2(1), 27–32 (2013)
Alpcan, T., Basar, T.: Network Security: A Decision and Game-Theoretic Approach. Cambridge University Press, New York (2010)
Kamhoua, C.A., Kwiat, L., Kwiat, K.A., Park, J.S., Zhao, M., Rodriguez, M.: Game theoretic modeling of security and interdependency in a public cloud. In: 7th International Conference Cloud Computing (CLOUD), USA, pp. 514–521. IEEE (2014)
Kwiat, L., Kamhoua, C.A., Kwiat, K.A., Tang, J., Martin, A.: Security-aware virtual machine allocation in the cloud: a game theoretic approach. In: 8th International Conference Cloud Computing (CLOUD), New York, pp. 556–563. IEEE (2015)
Van, N.T., Thinh, T.N., Sach, L.T.: An anomaly-based network intrusion detection system using deep learning. In: 2017 International Conference on System Science and Engineering (ICSSE), Ho Chi Minh City, pp. 210–214. IEEE (2017)
Subba, B., Biswas, S., Karmakar, S.: False alarm reduction in signature-based IDS: game theory approach. Secur. Commun. Netw. 18(9), 4863–4881 (2016)
Wang, K., Du, M., Maharjan, S., et al.: Strategic honeypot game model for distributed denial of service attacks in the smart grid. IEEE Trans. Smart Grid 5(8), 2474–2482 (2017)
Nezarat, A., Shams, Y.: A game theoretic-based distributed detection method for VM-to-hypervisor attacks in cloud environment. J. Supercomput. 10(73), 4407–4427 (2017)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this paper
Cite this paper
Kandoussi, E.M., El Mir, I., Hanini, M., Haqiq, A. (2018). Modeling an Anomaly-Based Intrusion Prevention System Using Game Theory. In: Abraham, A., Haqiq, A., Muda, A., Gandhi, N. (eds) Innovations in Bio-Inspired Computing and Applications. IBICA 2017. Advances in Intelligent Systems and Computing, vol 735. Springer, Cham. https://doi.org/10.1007/978-3-319-76354-5_24
Download citation
DOI: https://doi.org/10.1007/978-3-319-76354-5_24
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-76353-8
Online ISBN: 978-3-319-76354-5
eBook Packages: EngineeringEngineering (R0)