Joint Security-vs-QoS Game Theoretical Optimization for Intrusion Response Mechanisms for Future Network Systems

TL;DR

This paper formulates a joint security and QoS optimization problem for intrusion response systems, using game theory to select cost-effective countermeasures while balancing security and performance in network systems.

Contribution

It introduces a novel game-theoretic model for joint security and QoS optimization in intrusion response, with stable matching solutions and theoretical bounds.

Findings

Proposed stable matching-based solutions effectively balance security and QoS costs.

Validated the approach through simulations under various network scenarios.

Achieved near-optimal security and performance trade-offs in simulated environments.

Abstract

Network connectivity exposes the network infrastructure and assets to vulnerabilities that attackers can exploit. Protecting network assets against attacks requires the application of security countermeasures. Nevertheless, employing countermeasures incurs costs, such as monetary costs, along with time and energy to prepare and deploy the countermeasures. Thus, an Intrusion Response System (IRS) shall consider security and QoS costs when dynamically selecting the countermeasures to address the detected attacks. This has motivated us to formulate a joint Security-vs-QoS optimization problem to select the best countermeasures in an IRS. The problem is then transformed into a matching game-theoretical model. Considering the monetary costs and attack coverage constraints, we first derive the theoretical upper bound for the problem and later propose stable matching-based solutions to address the trade-off. The performance of the proposed solution, considering different settings, is validated over a series of simulations.