A game theoretic approach to control IDS sensitivity

Nowadays, computer networks especially the Internet as a prime example, become a separable part of our social lives. The security is the most important concepts that must be considered in computer networks. Intrusion Detection System (IDS) is a security tool that enhances the information security paradigm beyond traditional reactive and protective network security. It monitors and analyses the received packets in network systems and signs the security problems. Controlling the degree of security is one of the most challenges with IDS. An excessive increase in the IDS sensitivity may cause increasing the system costs and difficulties in accessing to the system. On the other hand, an excessive reduction in the IDS sensitivity may cause damages to system duo to not detecting most of the attacks. Making balance between these tradeoffs is a problem that the system administrator is unable to handle. In this paper, we propose a game theoretic approach to address the IDS sensitivity degree in the system. Our approach in comparison to the previous methods which model the behavior of the attacker and IDS, models the system and attacker as two-players, noncooperative game. We conduct our model on the famous data set in security area and obtained result is promising.