Multi-source fusion-based security detection method for heterogeneous networks

Abstract

In this paper, multi-source fusion-based detection method for the security of heterogeneous network is investigated. Fusion-based detection method exploits multi-source profiles from the whole network to make decisions on whether intrusion incident happens. A game theoretic analysis method for the concerned detection strategy is presented, where the attacker and defender are thought to be rational humans and they always try their best to get their maximum payoffs. A nonzero-sum game model is established to formulate the confrontation between the defender and attacker by considering the detection threshold and attack resource allocation as their strategies. The optimal strategies are then solved by using Nash equilibrium theory. The local optimal attack allocation scheme is firstly presented for heterogeneous network, which shows that with limited resources the attacker should only launch attacks to more valuable nodes and more attack resources should be allocated to more valuable nodes also. Then a general conclusion about the existence of the Nash equilibrium is given, which indicates that the Nash equilibrium must exist despite the attacks types. After that, an iterative method is presented for the calculation of the Nash equilibrium by considering DDoS attack as an example. Numerical simulations are shown to validate our theoretical results.