Game-theoretic strategies for IDS deployment in peer-to-peer networks

Abstract

This work studies the problem of optimal positioning of Intrusion Detection Systems (IDSs) in a Peer-to-Peer (P2P) environment involving a number of peers and super-peers. This scenario applies to network architectures like that of Gnutella, Skype or Tor, which involve a huge number of leaf-peers and a selected number of super-peers who have higher responsibilities in the network. A malicious entity may become part of the P2P network by joining from any part of the network. It can attack a super-peer and thus disrupt the functioning of the P2P network. Peers may try to secure the network by running IDSs at certain strategically-chosen locations in the network. But a deterministic schedule of running and positioning the IDSs can be observed and thwarted by an adversary. In this paper, we explore the problem of strategically positioning IDSs in a P2P network with a randomized, game-theoretic approach. Our approach distributes the responsibility of running the IDSs between the peers in a randomized fashion and minimizes the probability of a successful attack.