Game Theory Based Dynamic Defense Mechanism for SDN

  • Deming Mao
  • Shuwen ZhangEmail author
  • Ling Zhang
  • Yu Feng
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11806)


Many efforts have been down on tackling the network security issues using game theory, especially studying the dynamic defense mechanism. They mostly concentrated on the traditional networks, while omitting the advantages of SDN (software-defined networks). In this paper, we formulate a new defense framework for SDN, which adopts multistage dynamic defense strategies with the help of a quantization method of attack. The defender may find the behaviors of a particular attacker and make an adaptive response. This framework seeks to support the defender to interact with an attacker following the initial deployment of cyber defenses. Finally, we conduct evaluations to verify the effectiveness of the framework and method proposed in the paper. In the future, we will further study how to improve the defense capability of those critical nodes in SDN, enable more sophisticated responses to attacker behaviors, and improve the defensive situation.


Software-defined network (SDN) Multistage dynamic game Cyber Deception New cyber security Adaptive defense 


  1. 1.
    La, Q.D., Quek, T.Q.S., Lee, J., et al.: Deceptive attack and defense game in honeypot-enabled networks for the internet of things. IEEE Internet of Things J. 3(6), 1025–1035 (2016)CrossRefGoogle Scholar
  2. 2.
    Wang, Q., Tai, W., Tang, Y., et al.: A two-layer game theoretical attack-defense model for a false data injection attack against power systems. Int. J. Electr. Power Energy Syst. 104, 169–177 (2019)CrossRefGoogle Scholar
  3. 3.
    Kreutz, D., Ramos, F., Verissimo, P.: Towards secure and dependable software-defined networks. In: Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, pp. 55–60. ACM (2013)Google Scholar
  4. 4.
    Ahmad, I., Namal, S., Ylianttila, M., et al.: Security in software defined networks: a survey. IEEE Commun. Surv. Tutor. 17(4), 2317–2346 (2015)CrossRefGoogle Scholar
  5. 5.
    Fugate, S., Ferguson-Walter, K., Mauger, J., et al.: Game Theory for Adaptive Defensive Cyber Deception. Space and Naval Warfare Systems Center Pacific, San Diego, United States (2018)Google Scholar
  6. 6.
    Kovach, N.S., Gibson, A.S., Lamont, G.B.: Hypergame theory: a model for conflict, misperception, and deception. Game Theory 2, 1–20 (2015)MathSciNetCrossRefGoogle Scholar
  7. 7.
    Jajodia, S., Ghosh, A.K., Swarup, V., et al.: Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats. Springer, New York (2011). Scholar
  8. 8.
    Dabbagh, M., Hamdaoui, B., Guizani, M., et al.: Software-defined networking security: pros and cons. IEEE Commun. Mag. 53(6), 73–79 (2015)CrossRefGoogle Scholar
  9. 9.
    Akhunzada, A., Ahmed, E., Gani, A., et al.: Securing software defined networks: taxonomy, requirements, and open issues. Commun. Mag. 53(4), 36–44 (2015)CrossRefGoogle Scholar
  10. 10.
    Zhu, J.M., Wang, Q.: Analysis of cyberspace security based on game theory. Chin. J. Netw. Inf. Secur. 1(01), 43–49 (2015)Google Scholar
  11. 11.
    Manshaei, M.H., Zhu, Q., Alpcan, T., et al.: Game theory meets network security and privacy. ACM Comput. Surv. (CSUR) 45(3), 25 (2013)CrossRefGoogle Scholar
  12. 12.
    Kayode, A.B., Babatunde, I.G., Israel, H.D.: DGM approach to network attacker and defender strategies. In: 2013 8th International Conference for Internet Technology and Secured Transactions (ICITST), pp. 313–320. IEEE (2013)Google Scholar
  13. 13.
    Zhang, H.W., Zhang, J., Han, J.H.: Defense strategies selection method based on non-cooperative game attack forecast. Comput. Sci. 43(01), 195–201 (2016)Google Scholar
  14. 14.
    Jiang, W., Fang, B.X.: Defense strategies selection based on attack- defense game model. J. Comput. Res. Dev. 47(12), 714–723 (2014)Google Scholar
  15. 15.
    Carin, L., Cybenko, G., Hughes, J.: Cybersecurity strategies: The queries methodology. Computer 41(8), 20–26 (2008)CrossRefGoogle Scholar
  16. 16.
    Wang, Y.Z., Lin, C., Cheng, X.Q., et al.: Analysis for network attack-defense based on stochastic game model. Chin. J. Comput. 33(09), 1748–1762 (2010)CrossRefGoogle Scholar
  17. 17.
    Gueye, A., Walrand, J.C.: Security in networks: a game-theoretic approach. In: Proceedings of the 47th IEEE Conference on Decision and Control Cancun, pp. 829–834 (2013). Springer, MexicoGoogle Scholar
  18. 18.
    Liu, J., Zhang, H.Q., Liu, Y.: Research on optimal selection of moving target defense policy based on dynamic game with incomplete information. Acta Electronica Sinica 46(01), 82–89 (2018)Google Scholar
  19. 19.
    Zhang, H.W., Li, T.: Optimal active defense based on multistage attack-defense signaling game. Acta Electronica Sinica 45(02), 431–439 (2017)Google Scholar
  20. 20.
    Lin, W.Q., Wang, H., Liu, J.H., et al.: Research on active defense technology in network security based on non-cooperative dynamic game theory. J. Comput. Res. Dev. 48(02), 306–316 (2011)Google Scholar
  21. 21.
    Zhu, J., Song, B., Hang, Q.: Evolution game model of offense-defense for network security based on system dynamics. J. Commun. 35(1), 54–61 (2014)Google Scholar
  22. 22.
    Pingree, L.: Emerging technology analysis: deception techniques and technologies create security technology business opportunities. Gartner Inc. (2015)Google Scholar
  23. 23.
    Tadelis, S.: Game Theory: An Introduction. Princeton University Press, Princeton (2014)zbMATHGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Deming Mao
    • 1
    • 2
  • Shuwen Zhang
    • 1
    Email author
  • Ling Zhang
    • 1
  • Yu Feng
    • 1
  1. 1.China Electronic Technology Cyber Security Co., Ltd.ChengduChina
  2. 2.Northwestern Polytechnical UniversityXi’anChina

Personalised recommendations