Research Of Dynamic Intrusion Response In Ad Hoc Network Based On Repeated Game

With the development of computer networks, Internet security has got more and more attentions. Especially because of the popularity of mobile devices, wireless network security has become increasingly important. With increasing number of wireless network intrusion occurrence, attacks are becoming increasingly complex, therefore security of target systems protected by IDS appears to be particularly important. However, the current intrusion detection systems, most of current intrusion detection systems response manually and thus cannot achieve desired results. To be able to quickly and timely response to a variety of invasions, more and more researchers study automatic response technology to response the invasions.Adaptive technology is one of the most important technologies in automatic intrusion detection system. Current intrusion detection systems are weak in predicting attack and they cannot provide real-time response. Adaptive technology can handle a variety of uncertain situations and automatically adjust response strategies. What's more, it is the base of other types' automatic Intrusion Response technology. In the perspective of game theory, this paper proposes a dynamic intrusion response model based on repeated games. Main works are as follows:1. Analyzing current intrusion detection system response mechanism in domestic and foreign countries, giving the basic knowledge of game theory, proposing the background, significance and main layout of the research.2. Based on Nash Equilibrium of game theory, combining with the features between attackers and IDS, a forecast mode that can be used in IDS is advanced. After considering the cost and avenue of the players, with the theory of replicator dynamics, we set up the stage game between the attackers and IDS. According to the classic game theory, Nash equilibrium, based on a combination of intrusion detection systems and the game between the recurring features, costs and benefits to the system established based intrusion detection system between the intruder and the stage of the game model, given the stage game. We calculate the Nash equilibrium of the game and find the unique sub-game perfect Nash Equilibrium. With the theory of repeated games and QRE module, we modulate the dynamics changes between the attackers and IDS with different rates of strategies, and forecast the trend of the use of strategies in the long time under current situation. Using Gambit we simulated the trend of the forecast of the two players.3. With GloMoSim simulation tool, we design the attacker and IDS scene in Ad Hoc networks. Under the predictions from QRE, we simulated the actions between attackers and IDS. The results have showed that, the predictive consequence can do intelligent analysis, adaptively respond and modify its strategy. It provides better support for IDS to respond to the Attacker's actions than the general Nash Equilibrium.