Skip to main content
SpringerLink
Log in

A Game-Theoretical Approach for Finding Optimal Strategies in a Botnet Defense Model

  • Conference paper
Book cover Decision and Game Theory for Security (GameSec 2010)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6442))

Included in the following conference series:

Abstract

Botnets are networks of computers infected with malicious programs that allow cybercriminals/botnet herders to control the infected machines remotely without the user’s knowledge. In many cases, botnet herders are motivated by economic incentives and try to significantly profit from illegal botnet activity while causing significant economic damage to society. To analyze the economic aspects of botnet activity and suggest feasible defensive strategies, we provide a comprehensive game theoretical framework that models the interaction between the botnet herder and the defender group (network/computer users). In our framework, a botnet herder’s goal is to intensify his intrusion in a network of computers for pursuing economic profits whereas the defender group’s goal is to defend botnet herder’s intrusion. The percentage of infected computers in the network evolves according to a modified SIS (susceptible-infectious-susceptible) epidemic model. For a given level of network defense, we define the strategy of the botnet herder as the solution of a control problem and obtain the optimal strategy as a feedback on the rate of infection. In addition, using a differential game model, we obtain two possible closed-loop Nash equilibrium solutions. They depend on the effectiveness of available defense strategies and control/strategy switching thresholds, specified as rates of infection. The two equilibria are either (1) the defender group defends at maximum level while the botnet herder exerts an intermediate constant intensity attack effort or (2) the defender group applies an intermediate constant intensity defense effort while the botnet herder attacks at full power.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bensoussan, A., Kantarcioglu, M., Hoe, C.: Botnet Defense Under Uncertainty: A Stochastic Differential Game Approach, Working Paper, UT Dallas (2010)

    Google Scholar 

  2. Bensoussan, A., Kantarcioglu, M., Hoe, C.: A Game-Theoretical Approach for Finding Optimal Strategies in a Botnet Defense Model, Technical Report, UTDCS-14-10, http://www.utdallas.edu/~mxk055100/publications/botnet-defense-game.pdf

  3. Dagon, D., Zou, C., Lee, W.: Modeling Botnet Propagation Using Time Zones. In: Proc. of the 13th Network and Distributed System Security Symposium NDSS

    Google Scholar 

  4. Cohen, F.: Computer Viruses Theory and Practice. Computer and Security 6, 22–35 (1987)

    Article  Google Scholar 

  5. Theodorakopoulos, G., Baras, J.S., Le Boudec, J.-Y.: Dynamic Network Security Deployment under Partial Information. In: Proc. of the 46th Annual Allerton Conference on Communication, Control, and Computing, pp. 261–267 (2008)

    Google Scholar 

  6. Grossklags, J., Christin, N., Chuang, J.: Security investment (failures) in five economic environments: A comparison of homogeneous and heterogeneous user agents. In: Proc. of the 7th Workshop on the Economics of Information Security (WEIS 2008) (2008)

    Google Scholar 

  7. Liu, J., Tang, Y., Yang, Z.R.: The Spread of Disease with Birth and Death on Networks. Journal of Statistical Mechanics: Theory and Experiment (2004)

    Google Scholar 

  8. Kephart, J.O., White, S.R.: Directed-Graph Epidemiological Models of Computer Viruses. In: Proc. of IEEE Symposium on Security and Provacy, pp. 343–361 (1991)

    Google Scholar 

  9. Lye, K.W., Wang, J.: Game Strategies in Network Securities. International Journal of Information Security 1(1-2), 71–86 (2005)

    Article  Google Scholar 

  10. Bloem, M., Aplcan, T., Basar, T.: Optimal and Robust Epidemic Response for Multiple Networks. IFAC Control Engineering Practice 17(5), 525–533 (2009)

    Article  Google Scholar 

  11. Lelarge, M.: Economics of Malware: Epidemic Risks Model, Network Externalities and Incentives. In: The 8th Workshop on the Economics of Information Security

    Google Scholar 

  12. Lelarge, M., Bolot, J.: A Local Mean Field Analysis of Security Investments in Networks. In: Proc. of the 3rd International Workshop on Economics of Networked Systems, pp. 25–30 (2008)

    Google Scholar 

  13. Fultz, N., Grossklags, J.: Blue versus Red: Towards a model of distributed security attacks. In: Dingledine, R., Golle, P. (eds.) FC 2009. LNCS, vol. 5628, pp. 167–183. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  14. Toutonji, O., Yoo, S.-M.: An Approach against a Computer Worm Attack. International Journal of Communication Networks and Information Security 1(2), 47–53 (2009)

    Google Scholar 

  15. Baucher, P., Holz, T., Kotter, M., Wicherski, G.: Konw your Enemy: Tracking Botnets, http://www.honeynet.org/papers/bots

  16. Alpcan, T., Basar, T.: A Game Theoretic Appropach to Decision and Analysis in Network Intrusion Detection. In: Proceeding of the 42nd IEEE Conference on Decision and Control, pp. 2595–2600

    Google Scholar 

  17. Alpcan, T., Basar, T.: An Inrtusion Detection Game with Limited Observations. In: The 12th Int. Symp. on Dynamic Games and Applications (2006)

    Google Scholar 

  18. Namestnikov, Y.: The Economics of Botnets, http://www.viruslist.com/en/downloads/pdf/ynam_botnets_0907_en.pdf

  19. Li, Z., Liao, Q., Striegel, A.: Botnet Economics: Uncertainty Matters. In: The 7th Workshop on the Economics of Information Security (WEIS 2008) (2008)

    Google Scholar 

  20. Conficker Botnet ’Dead In the Water’, Researcher Says, http://darkreading.com/vulnerability_management/security/attacks/showArticle.jhtml?articleID=224201115

  21. Symantec Global Internet Security Threat Report, http://eval.symantec.com/mktginfo/enterprise/white_papers/b-whitepaper_internet_security_threat_report_x_04-2010.en-us.pdf

  22. Kaspersky Security Bulletin: Malware evolution (2008), http://www.securelist.com/en/analysis?pubid=204792051

Download references

Author information

Authors and Affiliations

  1. University of Texas at Dallas, USA

    Alain Bensoussan, Murat Kantarcioglu & SingRu(Celine) Hoe

  2. The Hong Kong Polytechnic University, Hong Kong

    Alain Bensoussan

Authors
  1. Alain Bensoussan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Murat Kantarcioglu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. SingRu(Celine) Hoe
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Deutsche Telekom Laboratories, Technische Universität Berlin, 10587, Berlin, Germany

    Tansu Alpcan

  2. Laboratory of Cryptography and System Security (CrySyS), Budapest University of Technology and Economics, Budapest, Hungary

    Levente Buttyán

  3. Department of Electrical and Computer Engineering, University of Maryland, College Park, MD, USA

    John S. Baras

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Bensoussan, A., Kantarcioglu, M., Hoe, S. (2010). A Game-Theoretical Approach for Finding Optimal Strategies in a Botnet Defense Model. In: Alpcan, T., Buttyán, L., Baras, J.S. (eds) Decision and Game Theory for Security. GameSec 2010. Lecture Notes in Computer Science, vol 6442. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-17197-0_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-17197-0_9

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-17196-3

  • Online ISBN: 978-3-642-17197-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation