A bandwidth monitoring strategy under uncertainty of the adversary's activity

Andrey Garnaev, Wade Trappe

Research output: Contribution to journalArticlepeer-review

27 Scopus citations


When an adversary illicitly uses spectrum that it is not authorized for, it does so with a purpose in mind, such as to download a file or perhaps engage in a real-time communication session. In this paper, we examine how the incorporation of knowledge related to an adversary's purpose can improve the effectiveness of spectrum scanning protocols. First, we study the difference in the thief's behavior when considering throughput and delay as the two primary QoS parameters he is concerned with. Through our analysis, we show that the detection probability of unlicensed access to spectrum resources depends on the application type. Knowledge of the application type can be incorporated to spectrum scanning to tune better it to detect the thief. To illustrate this, we examine two Bayesian games. In the first game, the scanner wants to minimize the time needed to detect the invader. In the second game, the scanner wants to maximize the detection probability at each time slot by adapting its belief regarding the adversary's activity. In particular, it is shown in the minimizing detection time game that the equilibrium strategies are continuous with respect to priori knowledge of the invader's activity. Meanwhile, for the maximizing detection probability game, the strategies can have a jump discontinuity. This phenomena can be explained as the difference between tactical and strategic decision making: tactical decision making allows short-term, unpredictable moves, while strategic decision making is inclined to predictable moves. Finally, since the bandwidth model used in this paper is general, the conclusion as well as the approach provided can be applied to a variety of different network protection problems.

Original languageEnglish (US)
Article number7362001
Pages (from-to)837-849
Number of pages13
JournalIEEE Transactions on Information Forensics and Security
Issue number4
StatePublished - Apr 1 2016

All Science Journal Classification (ASJC) codes

  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications


  • Bayes methods
  • Intrusion detection
  • Wireless networks


Dive into the research topics of 'A bandwidth monitoring strategy under uncertainty of the adversary's activity'. Together they form a unique fingerprint.

Cite this