Skip to main content
SpringerLink
Log in
Book cover

Proactive and Dynamic Network Defense pp 33–58Cite as

Proactive Network Defense with Game Theory

  • Chapter
  • First Online:

  • 852 Accesses

Part of the book series: Advances in Information Security ((ADIS,volume 74))

Abstract

Traditional proactive network defenses deploy security resources in the network based on probabilistic policies to confuse potential attackers. However, this strategy can be exploited by stealthy attackers, leading to reduced efficiency and higher vulnerability. Game theory has been shown to provide a sound mathematical approach to overcome these deficiencies and determine an optimal defense strategy. However, existing game theoretic models typically either assume additive utility functions, or that the attacker can attack only one target. While such assumptions lead to tractable analyses, they miss key inherent dependencies that exist among different targets in current complex networks. In this chapter, we generalize the traditional security game model to the network scenario. We examine such a general security game from a theoretical perspective and provide a unified theoretical framework. In particular, we show that each security game is equivalent to a combinatorial optimization problem over a set system, which consists of defender’s pure strategy space. The key technique we use is based on projection of a polytope based transformation, and the ellipsoid method. We also provide several important applications of our developed framework, and show that for several problem classes, optimal defense strategies can be developed in polynomial time. Our approach paves the way for a deeper investigation into using game theoretic techniques for solving designing security mechanisms in networks, and we conclude by outlining a number of important future directions that need to be investigated.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   119.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD   159.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    Compared with traditional measures such as degree and betweenness centrality, the network value provides a more accurate description of the importance of different nodes.

  2. 2.

    In this example, we adopt the zero-sum game model and assume the defender can protect the nodes with probability 1.

  3. 3.

    \({A}\backslash{D}\) is the standard set difference, defined by \(A\backslash D\) = {x|x ∈ A, xD} and is equal to A ∩ D c, where D c is the complementary set of subset D.

  4. 4.

    The notation (⋅, ⋅) denotes the concatenation operator of vector.

  5. 5.

    Note that each vector in \(\varDelta _{N_d}^d\) is consists of two parts g 1(q) and g 2(q). Here the corresponding low-dimensional point is (π S(g 1(q), π S(g 2(q)).

References

  1. R. Anderson, Why information security is hard - an economic perspective, in Proceedings of ACSAC, 2001

    Google Scholar 

  2. T. Moore, R. Anderson, Economics and internet security: a survey of recent analytical, empirical and behavioral research (2011). ftp://ftp.deas.harvard.edu/techreports/tr-03-11.pdf

  3. T. Alpcan, T. Basar, Network Security: A Decision and Game-Theoretic Approach (Cambridge University Press, Cambridge, 2010)

    Book  Google Scholar 

  4. L. Buttyan, J.P. Hubaux, Security and Cooperation in Wireless Networks: Thwarting Malicious and Selfish Behavior in the Age of Ubiquitous Computing (Cambridge University Press, Cambridge, 2007)

    Book  Google Scholar 

  5. H. Kunreuther, G. Heal, Interdependent security. J. Risk Uncertain. 26(2–3), 231–249 (2003)

    Article  Google Scholar 

  6. M.H. Manshaei, Q. Zhu, T. Alpcan, T. Basar, Game theory meets network security and privacy. ACM Comput. Surv. 45, 25 (2012)

    Google Scholar 

  7. A. Laszka, G. Horvath, M. Felegyhazi, L. Buttyan, Flipthem: modeling targeted attacks with flipit for multiple resources, in Proceedings of GameSec, 2014

    Google Scholar 

  8. M. Zhang, Z. Zheng, N.B. Shroff, A game theoretic model for defending against stealthy attacks with limited resources, in GameSec 2015, November 2015, London (Springer, Cham, 2015)

    MATH  Google Scholar 

  9. Z. Zheng, N.B. Shroff, P. Mohapatra, When to reset your keys: optimal timing of security updates via learning, in AAAI’17, San Francisco, CA, February 2017

    Google Scholar 

  10. J. Tsai, C. Kiekintveld, F. Ordonez, M. Tambe, S. Rathi, IRIS-a tool for strategic security allocation in transportation networks, in Eighth International Joint Conference on Autonomous Agents and Multiagent Systems (Industry Track), May 2009

    Google Scholar 

  11. M. Brown, A. Sinha, A. Schlenker, M. Tambe, One size does not fit all: a game-theoretic approach for dynamically and effectively screening for threats, in AAAI Conference on Artificial Intelligence (AAAI), 2016

    Google Scholar 

  12. F. Fang, A. Xin Jiang, M. Tambe, Optimal patrol strategy for protecting moving targets with multiple mobile resources, in Proceedings of the 2013 International Conference on Autonomous Agents and Multi-Agent Systems International Foundation for Autonomous Agents and Multiagent Systems (2013), pp. 957–964

    Google Scholar 

  13. M. Tambe, Security and Game Theory: Algorithms, Deployed Systems, Lessons Learned (Cambridge University Press, Cambridge, 2011)

    Book  Google Scholar 

  14. A. Gueye, V. Marbukh, J.C. Walrand, Towards a metric for communication network vulnerability to attacks: a game theoretic approach, in International Conference on Game Theory for Networks (Springer, Berlin, 2012)

    MATH  Google Scholar 

  15. F.L. Sinong Wang, N.B. Shroff, Non-additive security games, in AAAI, 2017

    Google Scholar 

  16. S. Wang, N. Shroff, Security game with non-additive utilities and multiple attacker resources, in Proceedings of the ACM on Measurement and Analysis of Computing Systems, vol. 1 (2017), p. 13

    Google Scholar 

  17. H. Von Stackelberg, Marktform und gleichgewicht (J. Springer, Berlin, 1934)

    MATH  Google Scholar 

  18. B. Von Stengel, S. Zamir, Leadership with commitment to mixed strategies, vol. 38. Technical report LSE-CDAM-2004-01, CDAM research report (2004)

    Google Scholar 

  19. F.V. Fomin, D. Kratsch, Exact Exponential Algorithms (Springer, Berlin, 2010)

    Book  Google Scholar 

  20. R. Kennes, P. Smets, Computational aspects of the Mobius transformation, in Proceedings of the Sixth Annual Conference on Uncertainty in Artificial Intelligence, pp. 401–416 (Elsevier Science Inc., Amsterdam, 1990)

    Google Scholar 

  21. M. Grotschel, L. Lovasz, A. Schrijver, The ellipsoid method and its consequences in combinatorial optimization. Combinatorica 1(2), 169–197 (1981)

    Article  MathSciNet  Google Scholar 

  22. R.J. Lipton, E. Markakis, A. Mehta, Playing large games using simple strategies, in Proceedings of the 4th ACM Conference on Electronic Commerce (EC), pp. 36–41 (ACM, New York, 2003)

    Google Scholar 

  23. P. Shakarian, H. Lei, R. Lindelauf, Power grid defense against malicious cascading failure, in Proceedings of the 2014 International Conference on Autonomous Agents and Multi-Agent Systems. International Foundation for Autonomous Agents and Multiagent Systems (2014)

    Google Scholar 

  24. J. Pita, M. Jain, J. Marecki, F. Ordonez, C. Portway, M. Tambe, C. Western, P. Paruchuri, S. Kraus, Deployed ARMOR protection: the application of a game theoretic model for security at the Los Angeles International Airport, in Proceedings of the 7th International Joint Conference on Autonomous Agents and Multiagent Systems: Industrial Track, pp. 125–132. International Foundation for Autonomous Agents and Multiagent Systems (2013)

    Google Scholar 

  25. D. Korzhyk, V. Conitzer, R. Parr, Security games with multiple attacker resources, in IJCAI Proceedings - International Joint Conference on Artificial Intelligence, vol. 22 (2011), pp. 273–279. Citeseer

    Google Scholar 

  26. D. Korzhyk, V. Conitzer, R. Parr, Complexity of computing optimal Stackelberg strategies in security resource allocation games, in AAAI, 2010

    Google Scholar 

  27. F. Fang, T.H. Nguyen, R. Pickles, W.Y. Lam, G.R. Clements, B. An, A. Singh, M. Tambe, A. Lemieu, Deploying PAWS: field optimization of the protection assistant for wildlife security, in Proceedings of the Twenty-Eighth Innovative Applications of Artificial Intelligence Conference, 2016

    Google Scholar 

  28. H. Xu, F. Fang, A.X. Jiang, V. Conitzer, S. Dughmi, M. Tambe, Solving zero-sum security games in discretized spatio-temporal domains, in AAAI (2014), pp. 1500–1506, Citeseer

    Google Scholar 

  29. S.V. Buldyrev et al., Catastrophic cascade of failures in interdependent networks. Nature 464(7291), 1025 (2010)

    Google Scholar 

Download references

Acknowledgement

This work has been funded in part by a grant from the Army Research Office W911NF-15-1-0277.

Author information

Authors and Affiliations

  1. The Ohio State University, Columbus, OH, USA

    Sinong Wang & Ness Shroff

Authors
  1. Sinong Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ness Shroff
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ness Shroff .

Editor information

Editors and Affiliations

  1. Computing and Information Science Division, Army Research Office, Durham, NC, USA

    Cliff Wang

  2. Department of Electrical Engineering, University of South Florida, Tampa, FL, USA

    Zhuo Lu

Rights and permissions

Reprints and permissions

Copyright information

© 2019 This is a U.S. government work and not under copyright protection in the U.S.; foreign copyright protection may apply

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Wang, S., Shroff, N. (2019). Proactive Network Defense with Game Theory. In: Wang, C., Lu, Z. (eds) Proactive and Dynamic Network Defense. Advances in Information Security, vol 74. Springer, Cham. https://doi.org/10.1007/978-3-030-10597-6_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-10597-6_2

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-10596-9

  • Online ISBN: 978-3-030-10597-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation