Game theory for cyber security

While there are significant advances in information technology and infrastructure which offer new opportunities, cyberspace is still far from completely secured. In many cases, the employed security solutions are ad hoc and lack a quantitative decision framework. While they are effective in solving the particular problems they are designed for, they generally fail to respond well in a dynamically changing scenario. To this end, we propose a holistic security approach in this paper. We find that game theory provides huge potential to place such an approach on a solid analytical setting. We consider the interaction between the attacks and the defense mechanisms as a game played between the attacker and the defender (system administrator). In particular, we propose a game theory inspired defense architecture in which a game model acts as the brain. We focus on one of our recently proposed game models, namely imperfect information stochastic game. Although this game model seems to be promising, it also faces new challenges which warrant future attention. We discuss our current ideas on extending this model to address such challenges.

[1]  P. Schönemann On artificial intelligence , 1985, Behavioral and Brain Sciences.

[2]  Michael L. Littman,et al.  Markov Games as a Framework for Multi-Agent Reinforcement Learning , 1994, ICML.

[3]  J. Filar,et al.  Competitive Markov Decision Processes , 1996 .

[4]  Mikhail J. Atallah,et al.  Protecting Software Code by Guards , 2001, Digital Rights Management Workshop.

[5]  Michael P. Wellman,et al.  Nash Q-Learning for General-Sum Stochastic Games , 2003, J. Mach. Learn. Res..

[6]  Jeannette M. Wing,et al.  Game strategies in network security , 2005, International Journal of Information Security.

[7]  Shlomo Zilberstein,et al.  Dynamic Programming for Partially Observable Stochastic Games , 2004, AAAI.

[8]  Michael Kearns,et al.  Near-Optimal Reinforcement Learning in Polynomial Time , 2002, Machine Learning.

[9]  T. Başar,et al.  An Intrusion Detection Game with Limited Observations , 2005 .

[10]  Miguel Castro,et al.  Securing software by enforcing data-flow integrity , 2006, OSDI '06.

[11]  Yoav Shoham,et al.  If multi-agent learning is the answer, what is the question? , 2007, Artif. Intell..

[12]  Anthony Ephremides,et al.  MAC games for distributed wireless network security with incomplete information of selfish and malicious user types , 2009, 2009 International Conference on Game Theory for Networks.

[13]  Tuomas Sandholm,et al.  Computing Equilibria in Multiplayer Stochastic Games of Imperfect Information , 2009, IJCAI.

[14]  Chase Qishi Wu,et al.  A Survey of Game Theory as Applied to Network Security , 2010, 2010 43rd Hawaii International Conference on System Sciences.

[15]  Chase Qishi Wu,et al.  On modeling and simulation of game theory-based defense mechanisms against DoS and DDoS attacks , 2010, SpringSim.