GLIDE: A Game Theory and Data-Driven Mimicking Linkage Intrusion Detection for Edge Computing Networks

摘要

The real-time and high-continuity requirements of the edge computing network gain more and more attention because of its active defence problem, that is, a data-driven complex problem. Due to the dual constraints of the hybrid feature of edge computing networks and the uncertainty of new attack features, implementing active defence measures such as detection, evasion, trap, and control is essential for the security protection of edge computing networks with high real-time and continuity requirements. The basic idea of safe active defence is to make the defence gain more significant than the attack loss. To encounter the new attacks with uncertain features introduced by the ubiquitous transmission network in the edge computing network, this paper investigates the attack behaviour and presents an attack-defence mechanism based on game theory. Based on the idea of dynamic intrusion detection, we utilize the game theory in the field of edge computing network and suggest a data-driven mimicry intrusion detection game model-based technique called GLIDE. The game income of participants and utility computing methods under different deployment strategies are analysed in detail. According to the proof analysis of the Nash equilibrium condition in the model, the contradictory dynamic game relationship is described. Therefore, the optimal deployment strategy of the multiredundancy edge computing terminal intrusion detection service in the edge computing network is obtained by solving the game balance point. The detection probability of the edge computing network for network attacks is improved, and the cost of intrusion detection of the edge computing network is reduced.