In this paper, the game theoretical analysis method is presented to provide optimal strategies for anomaly-based intrusion detection systems (A-IDS). A two-stage game model is established to represent the interactions between the attackers and defenders. In the first stage, the players decide to do actions or keep silence, and in the second stage, attack intensity and detection threshold are considered as two important strategic variables for the attackers and defenders, respectively. The existence, uniqueness, and explicit computation of the Nash equilibrium are analyzed and obtained by considering six different scenarios, from which the optimal detection and attack actions are provided. Numerical examples are provided to validate our theoretical results.

中文翻译：

---

基于异常的入侵检测的博弈论方法

本文提出了一种博弈论分析方法，为基于异常的入侵检测系统（A-IDS）提供最佳策略。建立了一个两阶段博弈模型来表示攻击者和防御者之间的交互。在第一阶段，玩家决定采取行动或保持沉默，在第二阶段，攻击强度和检测阈值分别被视为攻击者和防御者的两个重要战略变量。通过考虑六个不同的场景，分析并获得了纳什均衡的存在性，唯一性和显式计算，从而提供了最佳的检测和攻击动作。数值例子验证了我们的理论结果。