A Network Security Game Model

Computer Communications, 2008

In this paper, we study using game theory the problem of detecting intrusions in wired infrastructure networks. Detection is accomplished by sampling a subset of the transmitted packets over selected network links or router interfaces. Given a total sampling budget, our framework aims at developing a network packet sampling strategy to effectively reduce the success chances of an intruder. We consider two different scenarios: (1) A well informed intruder divides his attack over multiple packets in order to increase his chances of successfully intruding a target domain. (2) Different cooperating intruders distribute the attack among themselves each send their attack fragments to the target node. Each of the packets containing a fragment of the attack is transmitted through a different path using multipath routing, where each path is selected with a different probability. Knowing that, if these packets are independently analyzed then the intrusion will not be detected, i.e., a series of packets form an intrusion. To the best of our knowledge, there has not been any work done for the case where the attack is split over multiple packets or distributed over cooperative intruders using game theory. Non-cooperative game theory is used to formally express the problem, where the two players are: (1) the smart intruder or the cooperative intruders (depends on which scenario we are solving) and (2) the Intrusion Detection System (IDS). Our game theoretic framework will guide the intruder or the intruders to know their attack strategy and the IDS to have an optimal sampling strategy in order to detect the malicious packets.

IEEE Communications Surveys & Tutorials, 2000

2009 IEEE International Conference on Communications, 2009

We study two-player security games which can be viewed as sequences of nonzero-sum matrix games where at each stage of the iterations the players make imperfect observations of each other's previous actions. The players are the Attacker and the Defense System, who have at their disposal two possible actions each. For the former, the two actions are "attack" and "not to attack", and for the latter they are "defend" and "not to defend". The underlying decision process can be viewed as a fictitious play (FP) game, but what differentiates this class from the standard one is that the communication channels that carry action information from one player to the other, or the sensor systems, are error prone. Two possible scenarios are addressed in the paper: (i) the error probabilities associated with the sensor systems are known to the players, then our analysis provides guidelines for each player to reach the Nash equilibrium (NE), which is related to the NE of the underlying static game; (ii) the error probabilities are unknown to the players, in which case we study the effect of errors in the observations on the convergence to the NE and the final outcome of the game. We discuss both classical FP and stochastic FP, where for the latter the payoff function of each player includes an entropy term to randomize its own strategy, which can be interpreted as a way of concealing its true strategy.

Given the scale of consequences attributable to cyber attacks, the field of cybersecurity has long outgrown ad-hoc decision-making. A popular choice to provide disciplined decision-making in cybersecurity is Game Theory, which seeks to mathematically understand strategic interaction. In practice though, game-theoretic approaches are scarcely utilized (to our knowledge), highlighting the need to understand the deficit between the existing state-of-the-art and the needs of cybersecurity practitioners. Therefore, we develop a framework to characterize the function and assumptions of existing works as applied to cybersecurity and leverage it to characterize 80 unique technical papers. Then, we leverage this information to analyze the capabilities of the proposed models in comparison to the application-specific needs they are meant to serve, as well as the practicality of implementing the proposed solution. Our main finding is that Game Theory largely fails to incorporate notions of uncertainty critical to the application being considered. To remedy this, we provide guidance in terms of how to incorporate uncertainty in a model, and what forms of uncertainty are critical to consider in each application area, and how to model the information that is available in each application area. CCS Concepts: • Security and privacy → Network security; Intrusion detection systems; • Mathematics of computing → Mathematical analysis.

Proceedings of the 2010 American Control Conference, 2010

We study two-player security games which can be viewed as sequences of nonzero-sum matrix games played by an Attacker and a Defender. The evolution of the game is based on a stochastic fictitious play process. Players do not have access to each other's payoff matrix. Each has to observe the other's actions up to present and plays the action generated based on the best response to these observations. However, when the game is played over a communication network, there are several practical issues that need to be taken into account: First, the players may make random decision errors from time to time. Second, the players' observations of each other's previous actions may be incorrect. The players will try to compensate for these errors based on the information they have. We examine convergence property of the game in such scenarios, and establish convergence to the equilibrium point under some mild assumptions when both players are restricted to two actions.

2010 43rd Hawaii International Conference on System Sciences, 2010

Network security is a complex and challenging problem. The area of network defense mechanism design is receiving immense attention from the research community for more than two decades. However, the network security problem is far from completely solved. Researchers have been exploring the applicability of game theoretic approaches to address the network security issues and some of these approaches look promising. This paper surveys the existing game theoretic solutions which are designed to enhance network security and presents a taxonomy for classifying the proposed solutions. This taxonomy should provide the reader with a better understanding of game theoretic solutions to a variety of cyber security problems.

2011

Together with the massive and rapid evolution of computer networks, there has been a surge of research interest and activity surrounding network security recently. A secure network has to provide users with confidentiality, authentication, data integrity and nonrepudiation, and availability and access control, among other features. With the evolution of current attacks ACKNOWLEDGMENTS First, I would like to express my sincere thanks to my research adviser at the University of Illinois at Urbana-Champaign (UIUC), Professor Tamer Başar, for his guidance, advice, and support during my Ph.D. studies and research. It has been a great pleasure for me to work with and learn from him. I would also like to thank Professor Tansu Alpcan (Deutsche Telekom Laboratories and the Technical University of Berlin, Germany) for his guidance, advice, and support during my Ph.D. research and my internships at Deutsche Telekom Laboratories. I am grateful to Professor Pierre Moulin, Professor William Sanders, and Professor Rayadurgam Srikant for serving on my Ph.D. committee, and for their valuable comments during my preliminary examination and final defense. I also thank Professor

International Journal of Information Security, 2005

Formal analysis of cryptographic protocols has mainly concentrated on protocols with closed-ended data structures, where closed-ended data structure means that the messages exchanged between principals have fixed and finite format. However, in many protocols the data structures used are open-ended, i.e., messages have an unbounded number of data fields. Formal analysis of protocols with open-ended data structures is one of the challenges pointed out by Meadows. This work studies decidability issues for such protocols. We propose a protocol model in which principals are described by transducers, i.e., finite automata with output, and show that in this model security is decidable and PSPACE-hard in presence of the standard Dolev-Yao intruder.

This paper deals with modeling of network's dynamic using game theory approach. The process of interaction among players (network users), trying to maximize their payoffs (e.g. throughput) could be analyzed using game-based concepts (Nash equilibrium, Pareto efficiency, evolution stability etc). In this work we presented the model of TCP network's dynamic and proved existence and uniqueness of solution, formulated payoff matrix for a network game and found conditions of equilibrium existence depending of loss sensitivity parameter. We consider influence if denial of service attacks on the equilibrium characteristics and illustrate results by simulations.

2008

We aim to advance the understanding of individual security decision-making, by combining formal and behavioral analysis. We sketch a game-theoretic model of security decision-making that generalizes the "weakest link" game, and describe a controlled laboratory experiment to reveal differences between predicted and observed user behavior. Results of a pilot study yield possible explanations for behaviors observed in the wild: users show some willingness to experiment with parameters, rarely converge to a fixed behavior, and face difficulties isolating the impact of individual parameters.