{"title":"基于二人贝叶斯博弈论方法的DDoS入侵检测与防御系统","authors":"Logeswari Govindaraj, Bose Sundan, Anitha Thangasamy","doi":"10.1109/ICCCT53315.2021.9711773","DOIUrl":null,"url":null,"abstract":"Distributed Denial-of-Service (DDoS) attacks pose a huge risk to the network and threaten its stability. A game theoretic approach for intrusion detection and prevention is proposed to avoid DDoS attacks in the internet. Game theory provides a control mechanism that automates the intrusion detection and prevention process within a network. In the proposed system, system-subject interaction is modeled as a 2-player Bayesian signaling zero sum game. The game's Nash Equilibrium gives a strategy for the attacker and the system such that neither can increase their payoff by changing their strategy unilaterally. Moreover, the Intent Objective and Strategy (IOS) of the attacker and the system are modeled and quantified using the concept of incentives. In the proposed system, the prevention subsystem consists of three important components namely a game engine, database and a search engine for computing the Nash equilibrium, to store and search the database for providing the optimum defense strategy. The framework proposed is validated via simulations using ns3 network simulator and has acquired over 80% detection rate, 90% prevention rate and 6% false positive alarms.","PeriodicalId":162171,"journal":{"name":"2021 4th International Conference on Computing and Communications Technologies (ICCCT)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-12-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"An Intrusion Detection and Prevention System for DDoS Attacks using a 2-Player Bayesian Game Theoretic Approach\",\"authors\":\"Logeswari Govindaraj, Bose Sundan, Anitha Thangasamy\",\"doi\":\"10.1109/ICCCT53315.2021.9711773\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Distributed Denial-of-Service (DDoS) attacks pose a huge risk to the network and threaten its stability. A game theoretic approach for intrusion detection and prevention is proposed to avoid DDoS attacks in the internet. Game theory provides a control mechanism that automates the intrusion detection and prevention process within a network. In the proposed system, system-subject interaction is modeled as a 2-player Bayesian signaling zero sum game. The game's Nash Equilibrium gives a strategy for the attacker and the system such that neither can increase their payoff by changing their strategy unilaterally. Moreover, the Intent Objective and Strategy (IOS) of the attacker and the system are modeled and quantified using the concept of incentives. In the proposed system, the prevention subsystem consists of three important components namely a game engine, database and a search engine for computing the Nash equilibrium, to store and search the database for providing the optimum defense strategy. The framework proposed is validated via simulations using ns3 network simulator and has acquired over 80% detection rate, 90% prevention rate and 6% false positive alarms.\",\"PeriodicalId\":162171,\"journal\":{\"name\":\"2021 4th International Conference on Computing and Communications Technologies (ICCCT)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-12-16\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 4th International Conference on Computing and Communications Technologies (ICCCT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICCCT53315.2021.9711773\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 4th International Conference on Computing and Communications Technologies (ICCCT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCCT53315.2021.9711773","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
An Intrusion Detection and Prevention System for DDoS Attacks using a 2-Player Bayesian Game Theoretic Approach
Distributed Denial-of-Service (DDoS) attacks pose a huge risk to the network and threaten its stability. A game theoretic approach for intrusion detection and prevention is proposed to avoid DDoS attacks in the internet. Game theory provides a control mechanism that automates the intrusion detection and prevention process within a network. In the proposed system, system-subject interaction is modeled as a 2-player Bayesian signaling zero sum game. The game's Nash Equilibrium gives a strategy for the attacker and the system such that neither can increase their payoff by changing their strategy unilaterally. Moreover, the Intent Objective and Strategy (IOS) of the attacker and the system are modeled and quantified using the concept of incentives. In the proposed system, the prevention subsystem consists of three important components namely a game engine, database and a search engine for computing the Nash equilibrium, to store and search the database for providing the optimum defense strategy. The framework proposed is validated via simulations using ns3 network simulator and has acquired over 80% detection rate, 90% prevention rate and 6% false positive alarms.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
