[1]林辉,陈行,陶军.基于静态非合作博弈的网络报文取样模型[J].东南大学学报(自然科学版),2010,40(3):481-485.[doi:10.3969/j.issn.1001-0505.2010.03.009]
 Lin Hui,Chen Hang,Tao Jun.Network packets sampling modeling based on static non-cooperative game[J].Journal of Southeast University (Natural Science Edition),2010,40(3):481-485.[doi:10.3969/j.issn.1001-0505.2010.03.009]
点击复制

基于静态非合作博弈的网络报文取样模型()
分享到:

《东南大学学报(自然科学版)》[ISSN:1001-0505/CN:32-1178/N]

卷:
40
期数:
2010年第3期
页码:
481-485
栏目:
计算机科学与工程
出版日期:
2010-05-20

文章信息/Info

Title:
Network packets sampling modeling based on static non-cooperative game
作者:
林辉1 陈行2 陶军12
1 南京大学商学院,南京 210093; 2 东南大学计算机科学与工程学院,南京 210096
Author(s):
Lin Hui1 Chen Hang2 Tao Jun12
1 School of Business, Nanjing University,Nanjing 210093,China
2 School of Computer Science and Engineering, Southeast University, Nanjing 210096, China
关键词:
博弈论 Nash均衡 网络入侵 报文取样
Keywords:
game theory Nash equilibrium network intrusion packet sampling
分类号:
F224.32;U459.2
DOI:
10.3969/j.issn.1001-0505.2010.03.009
摘要:
为了提高网络入侵检测系统的性能,运用博弈论建立网络入侵报文取样模型.基于静态非合作博弈的分析思路,通过网络安全系统和网络攻击者调整自身的策略以取得最大化的效用,推导出混合策略Nash均衡的解析解,并根据该策略设计了网络报文动态取样算法(DDPSA)和集中式增量取样算法(CIPSA),以等概率攻击、随机攻击和博弈攻击等3种方式的攻击报文来检验2种算法的性能.仿真结果表明,CIPSA算法比DDPSA算法更为有效.CIPSA算法在3种攻击方式下均有相同的取样成功率,不仅表明CIPSA算法的稳定性,也验证了入侵报文取样模型混合策略的合理性.
Abstract:
In order to improve the performance of network intrusion detection systems,game theory is introduced to model intrusion packet sampling for network security. Based on the analysis approach of static non-cooperative game theory, the closed solution of the mixed strategy Nash equilibrium is derived by means such that both network defender and attacker adjusted their strategies to maximize their utility. A dynamic packets sampling algorithm(DDPSA)and a centralized increment packets sampling algorithm(CIPSA)are designed according to the mixed strategy. By the three intrusion packets sampling on equal-probability,randomness and game-theory attacking modes, the effectiveness of the both two algorithms are inspected. The results of simulation indicate that the CIPSA has more effective utilities than the DDSPA. Moreover, the CIPSA has the same packets sampling effectiveness under the three attacking modes, which indicate the stability of the CIPSA and the rationality of a mixed strategy in this network intrusion packet sampling model.

参考文献/References:

[1] Uribe T E,Cheung S.Automatic analysis of firewall and network intrusion detection system configurations [J].Journal of Computer Security,2007,15(6):663-687.
[2] Altman E,Boulogne T,El-Azouzi R,et al.A survey on networking games in telecommunications [J]. Computers and Operations Research,2006,33(2):286-311.
[3] Alpcan T,Basar T.A game theoretic approach to decision and analysis in network intrusion detection [C] //Proceedings of the 42nd IEEE Conference on Decision and Control.Maui,Hawaii,USA,2003:2595-2600.
[4] Liu Y,Comaniciu C,Man H.Modeling misbehavior in ad hoc networks:a game theoretic approach for intrusion detection [J]. International Journal of Security and Networks,2006,1(3/4):243-254.
[5] Otrok H,Mehrandish M,Assi C,et al.Game theoretic models for detecting network intrusions [J].Computer Communications,2008,31(10):1934-1944.
[6] Alpcan T,Basar T.A game theoretic analysis of intrusion detection in access control systems [C] //Proceedings of the 43rd IEEE Conference on Decision and Control.Atlantis,Bahamas,2004:1568-1573.
[7] Kodialam M,Lakshman T V.Detecting network intrusions via sampling:a game theoretic approach [C] //IEEE INFOCOM.San Francisco,USA,2003:1880-1889.
[8] Felegyhazi M,Cagalj M,Bidokhti S S,et al.Non-cooperative multi-radio channel allocation in wireless networks [C] //IEEE INFOCOM.Anchorage,AK,USA,2007:1442-1450.
[9] Felegyhazi M,Hubaux J-P,Buttyan L.Nash equilibria of packet forwarding strategies in wireless ad hoc networks [J]. IEEE Transactions on Mobile Computing,2006,5(5):463-476.
[10] 陶军,林辉.非合作流速与拥塞控制博弈的应用[J].东南大学学报:自然科学版,2006,36(1):52-57.
  Tao Jun,Lin Hui.Application and research on non-cooperative flow and congestion control game[J].Journal of Southeast University:Natural Science Edition,2006,36(1):52-57.(in Chinese)
[11] Webb J N. Game theory:decisions,interaction and evolution [M].London:Springer-Verlag,2007.

相似文献/References:

[1]陶军,林辉.非合作流速与拥塞控制博弈的应用[J].东南大学学报(自然科学版),2006,36(1):52.[doi:10.3969/j.issn.1001-0505.2006.01.011]
 Tao Jun,Lin Hui.Application and research on non-cooperative flow and congestion control game[J].Journal of Southeast University (Natural Science Edition),2006,36(3):52.[doi:10.3969/j.issn.1001-0505.2006.01.011]
[2]陶军,吴家皋,刘业.无限重复流速与拥塞控制博弈实例的应用[J].东南大学学报(自然科学版),2005,35(6):853.[doi:10.3969/j.issn.1001-0505.2005.06.005]
 Tao Jun,Wu Jiagao,Liu Ye.Application of examples of infinite repeated flow and congestion control game[J].Journal of Southeast University (Natural Science Edition),2005,35(3):853.[doi:10.3969/j.issn.1001-0505.2005.06.005]
[3]黄园高,周晶.收费公路和公共交通之间的定价博弈分析[J].东南大学学报(自然科学版),2004,34(2):268.[doi:10.3969/j.issn.1001-0505.2004.02.030]
 Huang Yuangao,Zhou Jing.Fare competition between highway and public transport[J].Journal of Southeast University (Natural Science Edition),2004,34(3):268.[doi:10.3969/j.issn.1001-0505.2004.02.030]
[4]陶向京,盛昭瀚.Cournot均衡与企业产品竞争战略[J].东南大学学报(自然科学版),1999,29(4):7.[doi:10.3969/j.issn.1001-0505.1999.04.002]
 Tao Xiangjing,Sheng Zhaohan.Cournot Equilibrium and Competitive Strategies of Firm’s Products[J].Journal of Southeast University (Natural Science Edition),1999,29(3):7.[doi:10.3969/j.issn.1001-0505.1999.04.002]

备注/Memo

备注/Memo:
作者简介: 林辉(1972—),男,博士,副教授,linhui@nju.edu.cn.
基金项目: 国家自然科学基金资助项目(70501013).
引文格式: 林辉,陈行,陶军.基于静态非合作博弈的网络报文取样模型[J].东南大学学报:自然科学版,2010,40(3):481-485. [doi:10.3969/j.issn.1001-0505.2010.03.009]
更新日期/Last Update: 2010-05-20