Presenting a model for using mobile agents in distributed intrusion detection systems based on game theory
Subject Areas : Generalامین نظارات 1 * , مهدی رجا 2 , Gholamhossein Dastghaibyfard 3
1 -
2 -
3 -
Keywords:
Abstract :
Network intrusion detection systems are tools used to protect network resources from attacks. Due to the spread of attacks in the Internet space and the change in the form and type of attacks from centralized to distributed, the architecture of such systems is also moving towards distribution. In this article, a method based on mobile agents that act as sensors for detecting invalid movements is proposed. Mobile attack detection agents are scattered in the network moving from one node to another and at any time they build a security upper network and use a kind of cooperative game and communicate with each other, after reaching the Shipley value. They can detect and report the extent and origin of the attack. In this article, a method is proposed that WGA in a non-cooperative game with the attacking element tries to establish a revelation communication in order to calculate the value of Nash and reach the maximum utility, so that it can separate the attacks or real requests, the amount and intensity of the attack with Get help from other WGA
1. C. Symantec, “Symantec Corporation,” 10 08 2013. . Available: http://www.symantec.com/index.jsp.
2. P. H. V. L. R. J. Z. H. M. Mel, “An Overview of Issues in Testing Intrusion Detection Systems,” NIST, Gaithersburg, MD, 2002.
3. A. D. V. M. R. D. Keromytis, "SOS: An architecture for mitigating DDoS attacks," IEEE Communications, vol. 22, p. 176–188., 2004.
4. G. V. S. Suryawanshi, “Mobile Agent for Distributed Intrusion detection System in Distributed System,” International Journal of Artificial Intelligence and Computational Research (IJAICR.), p. , 2010.
5. M. A. M. S. M. A. K. &. M. R. M. I. Kamaruzaman Maskat, “Mobile Agents in Intrusion Detection System: Review and Analysis,” Modern Applied Science, جلد 5, شماره 6, pp. 218-231, Dec 2011.
6. R. B. a. P. Mell, “Intrusion detection systems,” 2012 . Available: http://www.snort.org/docs/nistids.pdf.
7. S. E. Schechter, "Computer Security Strength and Risk: A Quantitative Approach," PhD Thesis, Harvard University, 2004.
8. S. E. Schechter, “Toward econometric models of the security risk from remote attacks,” IEEE Security & Privacy, جلد 3, شماره 1, p. 40–44, 2005.
9. D. S. P. J. M. R. K. G. Shaw, “Inside the minds of the insider,” Security Management, جلد 43, p. 34–44., 1999.
10. T. B. T. Alpcan, “A game theoretic approach to decision and analysis in network intrusion detection,” IEEE Conference on Decision and Control, p. 2595–2600, 2003.
11. C.-K. W. Yi-Ming Chen, “A Game Theoretic Framework for Multi-agent Deployment in Intrusion Detection Systems,” Security Informatics, Annals of Information Systems, pp. 117-133, 2010.
12. D. R. B. Mishra, “Cost sharing in a job scheduling problem using the Shapley value,” 2005.
13. P. Z. Liu, “Incentive-basedmodeling and inference of attacker intent, objectives and strategies,” ACM Transactions on Information and System Security, جلد 8, p. 78–118., 2005.
14. A. S. S. Dixit, “Games of Strategy,” 2001. .
15. R. D. M. A. M. a. T. T. L. McKelvey, “Gambit: Software Tools for Game Theory,,” 2007. . Available: http://econweb.tamu.edu/gambit.
16. GAMBIT, “GAMBIT,” 7 2013. . Available: http://www.gambit-project.org/.