This is a simple presentation on Game Theory in Network Security. I made it when I was searching for research points for my Master degree. Still searching for other research points. Any suggestions on research points in network security or network architecture? :)
2. Agenda:
•Introduction
•What is The Game Theory?
•Games Classifications
•Game Theory and Network
Security
•Examples on Game Theory in
Network Security
•Limitations of Game Theory
and directions of research
3. Introduction:
• Networks today:
• Personal
• Business and governments
(more advanced security)
• Security Devices:
• Preventive (Firewalls)
• Reactive (Anti-viruses and IDSs)
4. Intrusion Detection System
(IDS):
• Monitors the system
• Determine the occurrence of attacks
• Notify network administrator or takes decision
on it’s own (Intrusion Prevention System IPS)
5. Problems with IDSs:
Not sophisticated enough:
• Source Address
• Encrypted Packets
• False Alarms
Suggested Solution is GAME THEORY
6. What is Game Theory?
• The study of strategic decision making.
• A mathematical tool used to describe and solve
games depending on 4 basic elements:
1. Players:
The entities involved in the game
whether human, animal, devices,
organizations or any objects that can
interact with each other.
7. 2. Actions:
In each move, a player takes an action.
Game theory assumes that each player knows
the possible action of other player(s).
3. Payoff:
The return of each player.
It might be positive or negative.
4. Strategies:
A player’s strategy is their plan of
action that specifies which action
to take based on their knowledge of
action history.
8. Types of Games:
According to the past four elements, games can be
classified into:
1- Cooperative and non-cooperative:
Players can communicate while planning in a cooperative
game. In non-cooperative games this is not allowed. Mostly
this classification is not considered a game classification.
2- Symmetric and asymmetric:
Payoffs depend on the strategy not the
player in a symmetric game. In asymmetric
games, payoffs depend on the player.
9. Types of Games:
3- Zero- sum and non-zero -sum:
A player wins the amount loosed by
the opponent in a zero sum game.
No increasing or decreasing in
resources.
4- Simultaneous and Sequential:
Simultaneous games are games where
players move simultaneously,
or if they do not move simult-
aneously, the later players are
unaware of the earlier players' actions.
Sequential games (or dynamic games)
are games where later players have some
knowledge about earlier actions.
10. Types of Games:
5- Perfect information and imperfect
information:
A game is one of perfect information if all players
know the moves previously made by
all other players. Thus, only sequential
games can be games of perfect
information because players in
simultaneous games do not know
the actions of the other players.
6- Combinatorial games
Games in which the difficulty of finding
an optimal strategy comes from the
multiplicity of possible moves.
11. Game Theory in Network
Security:
The main scenario:
Attackers launch attacks on
network or computer systems,
and defenders respond to these attacks.
Main entities:
• System
• Attacker
• IDS or virtual sensors
• Defender
12. Security and Privacy Games in
Computer Networks:
Security of physical and MAC layers:
Zero- sum game.
Required by attacker:
Denial of service.
Required by defender:
Communication of transmitter
and receiver.
Problem model:
• R(T, R, J)
• Transmitter and receiver seek to minimize
R ( transmitter can amplify the signal).
• Attacker seeks to maximize
R ( can add noise).
13. Security and Privacy Games in
Computer Network:
IDS Configuration:
Stochastic Game
Parameters to be modeled:
• Monetary value of protected assets (w)
• Detection rate (d) and false alarm rate (f)
• Cost of attacking (ca) and monitoring (cm)
• Probability of a node being malicious (m)
Suggested mathematical model:
m < [(1+f)w+cm]/(2d+f-1)w
14. Security and Privacy Games in
Computer Networks:
Collaborative IDS Networks:
Modeling is based on trusted value or previous
collaborative history.
15. Directions of Research and
Limitations:
Research:
• Building game models for 3 or more players.
• Development of proper payoff
functions.
• Wireless Networks
Limitations:
• Ad hoc scheme that depends on the case and application itself.
• An IDS’s ability to detect attacks plays
an important role in security games modeling.
• Agents aren’t fully rational.
• How to assess and quantify network security?
(“ We are doomed if we don’t apply
more security”/ “no need to worry, everything
is fine.”)
16. References:
Paper:
1- Game Theory for Network Security
Xiannuan Liang and Yang Xiao, Senior Member, IEEE
2013
2- Game Theory Meets Network Security and Privacy
• Mohammad Hossein Manshaeiy, Isfahan University of Technology (IUT), Iran
• Quanyan Zhu, University of Illinois at Urbana-Champaign (UIUC), USA
• Tansu Alpcanz, University of Melbourne, Australia
• Tamer Basar, University of Illinois at Urbana-Champaign (UIUC), USA
• Jean-Pierre Hubaux, Ecole Polytechnique Federale de Lausanne (EPFL), Switzerland
2011
Links:
For more on Game Theory and more game approaches:
http://en.wikipedia.org/wiki/Game_theory
The International Conference on Game Theory for Networks:
http://gamenets.org/2012/show/home