Abstract
Many efforts have been down on tackling the network security issues using game theory, especially studying the dynamic defense mechanism. They mostly concentrated on the traditional networks, while omitting the advantages of SDN (software-defined networks). In this paper, we formulate a new defense framework for SDN, which adopts multistage dynamic defense strategies with the help of a quantization method of attack. The defender may find the behaviors of a particular attacker and make an adaptive response. This framework seeks to support the defender to interact with an attacker following the initial deployment of cyber defenses. Finally, we conduct evaluations to verify the effectiveness of the framework and method proposed in the paper. In the future, we will further study how to improve the defense capability of those critical nodes in SDN, enable more sophisticated responses to attacker behaviors, and improve the defensive situation.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
La, Q.D., Quek, T.Q.S., Lee, J., et al.: Deceptive attack and defense game in honeypot-enabled networks for the internet of things. IEEE Internet of Things J. 3(6), 1025–1035 (2016)
Wang, Q., Tai, W., Tang, Y., et al.: A two-layer game theoretical attack-defense model for a false data injection attack against power systems. Int. J. Electr. Power Energy Syst. 104, 169–177 (2019)
Kreutz, D., Ramos, F., Verissimo, P.: Towards secure and dependable software-defined networks. In: Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, pp. 55–60. ACM (2013)
Ahmad, I., Namal, S., Ylianttila, M., et al.: Security in software defined networks: a survey. IEEE Commun. Surv. Tutor. 17(4), 2317–2346 (2015)
Fugate, S., Ferguson-Walter, K., Mauger, J., et al.: Game Theory for Adaptive Defensive Cyber Deception. Space and Naval Warfare Systems Center Pacific, San Diego, United States (2018)
Kovach, N.S., Gibson, A.S., Lamont, G.B.: Hypergame theory: a model for conflict, misperception, and deception. Game Theory 2, 1–20 (2015)
Jajodia, S., Ghosh, A.K., Swarup, V., et al.: Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats. Springer, New York (2011). https://doi.org/10.1007/978-1-4614-0977-9
Dabbagh, M., Hamdaoui, B., Guizani, M., et al.: Software-defined networking security: pros and cons. IEEE Commun. Mag. 53(6), 73–79 (2015)
Akhunzada, A., Ahmed, E., Gani, A., et al.: Securing software defined networks: taxonomy, requirements, and open issues. Commun. Mag. 53(4), 36–44 (2015)
Zhu, J.M., Wang, Q.: Analysis of cyberspace security based on game theory. Chin. J. Netw. Inf. Secur. 1(01), 43–49 (2015)
Manshaei, M.H., Zhu, Q., Alpcan, T., et al.: Game theory meets network security and privacy. ACM Comput. Surv. (CSUR) 45(3), 25 (2013)
Kayode, A.B., Babatunde, I.G., Israel, H.D.: DGM approach to network attacker and defender strategies. In: 2013 8th International Conference for Internet Technology and Secured Transactions (ICITST), pp. 313–320. IEEE (2013)
Zhang, H.W., Zhang, J., Han, J.H.: Defense strategies selection method based on non-cooperative game attack forecast. Comput. Sci. 43(01), 195–201 (2016)
Jiang, W., Fang, B.X.: Defense strategies selection based on attack- defense game model. J. Comput. Res. Dev. 47(12), 714–723 (2014)
Carin, L., Cybenko, G., Hughes, J.: Cybersecurity strategies: The queries methodology. Computer 41(8), 20–26 (2008)
Wang, Y.Z., Lin, C., Cheng, X.Q., et al.: Analysis for network attack-defense based on stochastic game model. Chin. J. Comput. 33(09), 1748–1762 (2010)
Gueye, A., Walrand, J.C.: Security in networks: a game-theoretic approach. In: Proceedings of the 47th IEEE Conference on Decision and Control Cancun, pp. 829–834 (2013). Springer, Mexico
Liu, J., Zhang, H.Q., Liu, Y.: Research on optimal selection of moving target defense policy based on dynamic game with incomplete information. Acta Electronica Sinica 46(01), 82–89 (2018)
Zhang, H.W., Li, T.: Optimal active defense based on multistage attack-defense signaling game. Acta Electronica Sinica 45(02), 431–439 (2017)
Lin, W.Q., Wang, H., Liu, J.H., et al.: Research on active defense technology in network security based on non-cooperative dynamic game theory. J. Comput. Res. Dev. 48(02), 306–316 (2011)
Zhu, J., Song, B., Hang, Q.: Evolution game model of offense-defense for network security based on system dynamics. J. Commun. 35(1), 54–61 (2014)
Pingree, L.: Emerging technology analysis: deception techniques and technologies create security technology business opportunities. Gartner Inc. (2015)
Tadelis, S.: Game Theory: An Introduction. Princeton University Press, Princeton (2014)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Mao, D., Zhang, S., Zhang, L., Feng, Y. (2019). Game Theory Based Dynamic Defense Mechanism for SDN. In: Chen, X., Huang, X., Zhang, J. (eds) Machine Learning for Cyber Security. ML4CS 2019. Lecture Notes in Computer Science(), vol 11806. Springer, Cham. https://doi.org/10.1007/978-3-030-30619-9_21
Download citation
DOI: https://doi.org/10.1007/978-3-030-30619-9_21
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-30618-2
Online ISBN: 978-3-030-30619-9
eBook Packages: Computer ScienceComputer Science (R0)