Date post: | 17-Dec-2015 |
Category: |
Documents |
Upload: | betty-maxwell |
View: | 214 times |
Download: | 1 times |
Using Game Theoretic Approach to Analyze Security
Issues In Ad Hoc NetworksTerm Presentation
Name: Li Xiaoqi, GigiSupervisor: Michael R. LyuDepartment: CSE, CUHKDate: 02/05/2006Time: 2:00-2:45pmLocation: HSB 121
2
OutlineOverview and relevant workMotivationGame theory Our Game and solutionConclusion and future work
3
Attacks On Wireless NetworksPassive:
Not disturb the routing protocolHard to detectE.g.:
EavesdroppingSelfish behavior
Refuse to forward packets of other nodes in order to Save own energy Economize own bandwidth ……
4
Attacks On Wireless NetworksActive:
Disrupt the routing protocolModification, e.g.:
Black holeGrey holeWormhole
FabricationE.g.: rushing attack
ImpersonationE.g.: alter MAC/IP address
5
Relevant WorkOn selfish behaviors
Currency-based mechanismForwarding packets is paid
Reputation-based mechanismUse reputation to incent nodes
Game theoretic based mechanismModel forwarding as a strategic gameResult in a Nash equilibrium with a metric,
e.g. best forwarding rateUtility function includes bandwidth, energy, etc.
6
Relevant WorkOn malicious attacks
For intrusion detection system (IDS) of MANET: use game theory to attempt to decrease false alarm rate
Less work on this issueAlmost none of them can effectively solve
malicious node collusion
7
MotivationGame theory is mostly employed as a
tool to analyze, formulate or solve selfishness issue.
It seldom applied to detect/prevent/deter malicious behavior.
8
Game Theory It is a branch of economics that deals
with strategic and rational behavior. It has applications in economics,
international relations, evolutionary biology, political science, military strategy, and so on.
It provides us with tools to study situations of conflict and cooperation.
9
Game TheoryGame theory can be divided from three
dimensionsNoncooperative and Cooperative Games
A player may be an individual (noncooperative) or a group of individuals (cooperative)
Strategic and Extensive Gamesalso called static and dynamic games
Games with Complete and Incomplete Information
Players’ moves or types are fully informed or imperfectly informed
10
Game theoryOur idea:
Security issues in ad hoc network also involve interactions among nodes.
So it is possible to use game theory for designing, formulating, and analyzing those interactions.
Then we may find some solutions to help detecting, preventing or detering malicious behaviors.
11
Possible FormulationsBasic signaling game:
Multi-stage, dynamic, and non-cooperative game with incomplete information
It has perfect Bayesian equilibrium (PBE)Cooperative game:
Analyze payoffs from individual point of view and social point of view respectively
Repeated game:Capture the idea of a player’s current
behavior and the other players’ future behavior.
12
Basic Signaling GameTwo players:
Player 1, the senderPlayer 2, the receiver
Player 1 has a type θ, and player 2 believes that the probability of 1 is θ is p(θ).
Player 1 observes information about his type θ, and chooses an action a1
Player 2 observes a1, chooses an action a2 from her action space.
13
Basic Signaling GamePlayer i’s payoff is denoted by ui(a1, a2,θ).Player 1’s strategy is a probability
distribution σ1(·|θ) over actions a1 for each type θ
Player 2’s strategy is a probability distribution σ2(·| a1) over actions a2 for each action a1
14
Basic Signaling GamePlayer 1’s payoff is:
Player 2’s payoff is
Player 2 updates her beliefs about θ, and bases her choice of action a2 on the posterior distribution μ(·|a1).
),,()()(),,( 21112211211
1 2
aauaaaua a
1 2
)),,()()()((),,( 21212211212a a
aauaaapu
15
Basic Signaling GameA perfect Bayesian equilibrium (PBE) of
a signaling game is a strategy profile σ* and posterior beliefs μ(·|a1) such that
);,();,(,: *211
*2
*111 uuP
);,();,(,: *2
*12
**2
*1212 uuaP
)()(
)()()(*:
1*1
1*1
1 ap
apaB
16
Some ConsiderationsWhat are the possible types of nodes?
{Malicious, Normal} {Armed, Unarmed} {Sensitive, Regular}
What are the possible actions a node may take? {Doubt, Trust} {Defend, Miss} {Cooperate, Not Cooperate}
17
Our Direction1. Establish an expressive, realistic, non-
trivial model of interactions between attacker(s) and target(s).
2. Try to solve the model and give a possible and reasonable Nash equilibrium.
3. Obtain some references about value choosing of a design factor.
4. Design a correspond application consistent with the strategies and beliefs in the above equilibrium.
18
Our Direction When establishing interaction model,
possible players are:1. One attacker and one target: 1 vs. 1
simple attack2. Two attackers and one target: 2 vs. 1
collusion attack3. One attacker and n targets: 1 vs. n
DIDS4. N attackers and one target: n vs. 1
DoS5. N attackers and n targets: n vs. n
DDoS
19
Our Direction When establishing interaction model,
possible players are:1. One attacker and one target: 1 vs. 1
normal attack2. Two attackers and one target: 2 vs. 1
collusion attack3. One attacker and n targets: 1 vs. n
DIDS4. N attackers and one target: n vs. 1
DoS5. N attackers and n targets: n vs. n
DDoS
20
Our GameMixed strategies of the stranger:
The stranger may have two types: {Malicious, Regular}. The probability of a stranger is malicious is ε.
If the stranger is malicious, his action space is {Attack, Normal}. The probability of he performs attacks is s.
If the stranger is regular, he will always behave normally.
21
Our GameMixed strategies of the target:
For the target node, she may perform two actions to the stranger: {Doubt, Trust}. The probability of she doubts is t.
When she doubts, she may ask for her neighbors’ help to get the trustworthiness of the stranger, or request the stranger to identify himself, or else.
22
Our Game Payoff formulation:
If the stranger is regular, and the target will get a amount of payoff if she trusts, where a>1.
If the stranger is malicious and he attacks successfully, he will cause a amount of harm to the target.
If the target doubts the stranger, she will cost 1. If the doubt is deserved, the target will get b amount
of feedback, where 0<b<1. If the trust is not worthy, the target will lose b
amount of payoff.
23
Our GamePayoff formulation:
If the stranger is malicious but he pretends to be normal,
in the current round, the target will cost more to doubt him than to trust him, but the doubt will induce the stranger to get payoff of -1.
in the long run game, the target may threat the stranger by doubting more frequently.
We regard the stranger as Player 1, masculine and the target as Player 2, feminine.
24
Our GameThe stranger knows his type assigned by
a virtual player “Nature”.The target doesn’t know the stranger’s
type, and is not sure what behavior the stranger has taken.
This is a two-player, extensive, non-cooperative game with incomplete information.
25
The Game Tree
Regular
NormalNormal
DoubtDoubtTrust
TrustTrust
Attack
Doubt
Malicious
Nature
ε 1-ε
s 1-s
t 1-t
(-a, a+b+1) (a, 0) (-1, a-b-1) (1, a-b) (0, a-1) (0, a)
x0
x1 x2
x3 x4 x5
x6 x7 x8 x9 x10 x11
22
1 1
26
Our Solution This model has no Nash equilibrium on pure
strategy. Consider strategy: (Attack, Doubt)
If player 1 is malicious and attacks, the best response of player 2 is to doubt.
But if player 2 doubts, the best response of player 1 is to behave normal
Consider strategy: (Normal, Trust) If player 1 behaves normal, the best response of player 2
is to trust (doubt is costly). But if player 2 trusts, the best response of player 1 is to
attack.
Both of these two reasonable strategy are not Nash equilibrium strategy.
Regular
NormalNormal
DoubtDoubtTrust
TrustTrust
Attack
Doubt
Malicious
Nature
ε 1-ε
s 1-s
t 1-t
(-a, a+b+1) (a, 0) (-1, a-b-1) (1, a-b) (0, a-1) (0, a)
x0
x1 x2
x3 x4 x5
x6 x7 x8 x9 x10 x11
22
1 1
27
Our Solution The model has Sequential Nash Equilibrium on
mixed strategy, that is the actions that the players take is a probability distribution on the action spaces.
The strategy profile is When σ is given, Pσ(x) denotes the probability
that node x is reached. h is information set containing more than one
node. E.g. h={x3, x4, x5} Belief μ(x) specifies the probability the player
assigns to x conditional on reaching h.
Regular
NormalNormal
DoubtDoubtTrust
TrustTrust
Attack
Doubt
Malicious
Nature
ε 1-ε
s 1-s
t 1-t
(-a, a+b+1) (a, 0) (-1, a-b-1) (1, a-b) (0, a-1) (0, a)
x0
x1 x2
x3 x4 x5
x6 x7 x8 x9 x10 x11
22
1 1
),( 21
28
Our SolutionThe probability distribution on information
set h is
The expected payoff of player 2 is:
Regular
NormalNormal
DoubtDoubtTrust
TrustTrust
Attack
Doubt
Malicious
Nature
ε 1-ε
s 1-s
t 1-t
(-a, a+b+1) (a, 0) (-1, a-b-1) (1, a-b) (0, a-1) (0, a)
x0
x1 x2
x3 x4 x5
x6 x7 x8 x9 x10 x11
22
1 1
1)(
)1()(
)(
5
4
3
x
sx
sx
)1()1()()3()(2 atbasbastabu
29
Our SolutionDifferential coefficient on s is
So we have the following conclusion:When , (1)>0. That is, if s is
increased, the payoff of player 2 will increase.
When , (1)<0. That is, if s is decreased, the payoff of player 2 will increase.
Regular
NormalNormal
DoubtDoubtTrust
TrustTrust
Attack
Doubt
Malicious
Nature
ε 1-ε
s 1-s
t 1-t
(-a, a+b+1) (a, 0) (-1, a-b-1) (1, a-b) (0, a-1) (0, a)
x0
x1 x2
x3 x4 x5
x6 x7 x8 x9 x10 x11
22
1 1
)1()()3(2 batabs
u
ba
bat
3
ba
bat
3
30
Our SolutionFrom the above solution, we get a
threshold value that can be applied to the design of our corresponding secure routing protocol.
In our previous secure routing protocol, if node’s opinion about another node exceeds a threshold, it will exchange opinions with its neighbors to get a more object trustworthiness value.
Regular
NormalNormal
DoubtDoubtTrust
TrustTrust
Attack
Doubt
Malicious
Nature
ε 1-ε
s 1-s
t 1-t
(-a, a+b+1) (a, 0) (-1, a-b-1) (1, a-b) (0, a-1) (0, a)
x0
x1 x2
x3 x4 x5
x6 x7 x8 x9 x10 x11
22
1 1
31
Conclusion and Future WorkWe give a game theoretic model of
stranger-target interactions.We find out a solution of the model and
get a helpful threshold value which can be applied to the design of secure routing protocol.
We will extend our model from several aspects: long-run game, and 2 vs. 1 collusion attacks.
Try to find out other conclusions which will be helpful to secure protocol design.
32
Q & A
Thank You!