Game Theory in Network Security

Agenda:

•Introduction•What is The Game Theory?•Games Classifications•Game Theory and Network Security•Examples on Game Theory in Network Security•Limitations of Game Theory and directions of research

Introduction:

• Networks today:• Personal• Business and governments (more advanced security)

• Security Devices:• Preventive (Firewalls)• Reactive (Anti-viruses and IDSs)

Intrusion Detection System (IDS):• Monitors the system• Determine the occurrence of attacks• Notify network administrator or takes decision

on it’s own (Intrusion Prevention System IPS)

Problems with IDSs:

Not sophisticated enough:• Source Address• Encrypted Packets• False Alarms

Suggested Solution is GAME THEORY.

What is Game Theory?

• The study of strategic decision making.

• A mathematical tool used to describe and solve games depending on 4 basic elements:

1. Players: The entities involved in the game whether human, animal, devices, organizations or any objects that caninteract with each other.

2. Actions: In each move, a player takes an action. Game theory assumes that each player knows the possible action of other player(s).

3. Payoff: The return of each player. It might be positive or negative.

4. Strategies: A player’s strategy is their plan of action that specifies which actionto take based on their knowledge ofaction history.

Types of Games:According to the past four elements, games can be classified into:

1- Cooperative and non-cooperative: Players can communicate while planning in a cooperative game. In non-cooperative games this is not allowed. Mostly this classification is not considered a game classification.

2- Symmetric and asymmetric:Payoffs depend on the strategy not the player in a symmetric game. In asymmetricgames, payoffs depend on the player.

Types of Games:3- Zero- sum and non-zero -sum: A player wins the amount loosed by the opponent in a zero sum game.No increasing or decreasing in resources.

4- Simultaneous and Sequential:Simultaneous games are games where players move simultaneously,or if they do not move simult-aneously, the later players areunaware of the earlier players' actions.Sequential games (or dynamic games)are games where later players have some knowledge about earlier actions.

Types of Games:5- Perfect information and imperfect information:A game is one of perfect information if all players know the moves previously made byall other players. Thus, only sequential games can be games of perfectinformation because players in simultaneous games do not knowthe actions of the other players.

6- Combinatorial gamesGames in which the difficulty of finding an optimal strategy comes from themultiplicity of possible moves.

Game Theory in Network Security:

The main scenario:Attackers launch attacks onnetwork or computer systems, and defenders respond to these attacks.

Main entities:• System• Attacker• IDS or virtual sensors • Defender

Security and Privacy Games in Computer Networks:Security of physical and MAC layers:

Zero- sum game.

Required by attacker:

Denial of service.

Required by defender:

Communication of transmitter and receiver.

Problem model:• R(T, R, J)• Transmitter and receiver seek to minimize R ( transmitter can amplify the signal).• Attacker seeks to maximize R ( can add noise).

Security and Privacy Games in Computer Network:IDS Configuration:Stochastic Game

Parameters to be modeled:• Monetary value of protected assets (w)• Detection rate (d) and false alarm rate (f)• Cost of attacking (ca) and monitoring (cm)• Probability of a node being malicious (m)

Suggested mathematical model: m < [(1+f)w+cm]/(2d+f-1)w

Security and Privacy Games in Computer Networks:Collaborative IDS Networks:

Modeling is based on trusted value or previous collaborative history.

Directions of Research and Limitations:Research:• Building game models for 3 or more players.• Development of proper payoff functions.• Wireless Networks

Limitations:• Ad hoc scheme that depends on the case and application itself.• An IDS’s ability to detect attacks plays an important role in security games modeling.• Agents aren’t fully rational.• How to assess and quantify network security? (“ We are doomed if we don’t apply more security”/ “no need to worry, everything is fine.”)

References:Paper:1- Game Theory for Network SecurityXiannuan Liang and Yang Xiao, Senior Member, IEEE 2013

2- Game Theory Meets Network Security and Privacy• Mohammad Hossein Manshaeiy, Isfahan University of Technology (IUT), Iran• Quanyan Zhu, University of Illinois at Urbana-Champaign (UIUC), USA• Tansu Alpcanz, University of Melbourne, Australia• Tamer Basar, University of Illinois at Urbana-Champaign (UIUC), USA• Jean-Pierre Hubaux, Ecole Polytechnique Federale de Lausanne (EPFL), Switzerland 2011

Links:For more on Game Theory and more game approaches:http://en.wikipedia.org/wiki/Game_theory

The International Conference on Game Theory for Networks:http://gamenets.org/2012/show/home

Thank you