The proposed framework applies two game theoretic models for economic deployment of intrusion detection system (IDS). The first scheme models and analyzes the interaction behaviors of between an attacker and intrusion detection agent within a non-cooperative game, and t More
The proposed framework applies two game theoretic models for economic deployment of intrusion detection system (IDS). The first scheme models and analyzes the interaction behaviors of between an attacker and intrusion detection agent within a non-cooperative game, and then the security risk value is derived from the mixed strategy Nash equilibrium. The second scheme uses the security risk value to compute the Shapley value of intrusion detection agent under the various threat levels. Therefore, the fair agent allocation creates a minimum set of IDS deployment costs. Numerical examples show that the network administrator can quantitatively evaluate the security risk of each intrusion detection agent and easily select the most effective IDS agent deployment to meet the various threat levels.
Manuscript profile
Network intrusion detection systems are tools used to protect network resources from attacks. Due to the spread of attacks in the Internet space and the change in the form and type of attacks from centralized to distributed, the architecture of such systems is also movi More
Network intrusion detection systems are tools used to protect network resources from attacks. Due to the spread of attacks in the Internet space and the change in the form and type of attacks from centralized to distributed, the architecture of such systems is also moving towards distribution. In this article, a method based on mobile agents that act as sensors for detecting invalid movements is proposed. Mobile attack detection agents are scattered in the network moving from one node to another and at any time they build a security upper network and use a kind of cooperative game and communicate with each other, after reaching the Shipley value. They can detect and report the extent and origin of the attack. In this article, a method is proposed that WGA in a non-cooperative game with the attacking element tries to establish a revelation communication in order to calculate the value of Nash and reach the maximum utility, so that it can separate the attacks or real requests, the amount and intensity of the attack with Get help from other WGA
Manuscript profile
