Numerical Computation of Multi-goal Security Strategies

Security is often investigated in terms of a single goal (e.g., confidentiality), but in practical settings mostly a compound property comprising multiple and often interdependent aspects. Security strategies are behavior profiles that guarantee some performance regardless of how the adversary really behaves (provided that it stays within its action set). While security strategies towards a single goal are easy to compute via Nash-equilibria (or refinements thereof), playing safe towards multiple security goals induces the notion of Pareto-optimal security strategies. These were recently characterized via Nash-equilibria of multi-player games, for which solution algorithms are intricate and may fail for small instances already. Iterative techniques, however, exhibited good stability even for large games. In this work, we thus report on theoretical and practical results how security strategies for multiple (interdependent) goals can be computed via a set of simple transformations and a final application of humble fictitious play.

[1]  Alan R. Washburn A New Kind of Fictitious Play , 2001 .

[2]  Peter Schartner,et al.  A Unified Framework for the Analysis of Availability, Reliability and Security, With Applications to Quantum Networks , 2011, IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews).

[3]  Akhil Sahai,et al.  A Game-theoretic Framework for Creating Optimal SLA/Contract , 2007 .

[4]  J. Robinson AN ITERATIVE METHOD OF SOLVING A GAME , 1951, Classics in Game Theory.

[5]  H. Raghav Rao,et al.  Security protection design for deception and real system regimes: A model and analysis , 2010, Eur. J. Oper. Res..

[6]  Faustino Acosta Ortega,et al.  Security Strategies and Equilibria in Multiobjective Matrix Games , 2005 .

[7]  K. J. Ray Liu,et al.  Game Theoretic Analysis of Cooperation Stimulation and Security in Autonomous Mobile Ad Hoc Networks , 2007, IEEE Transactions on Mobile Computing.

[8]  Tansu Alpcan,et al.  Network Security , 2010 .

[9]  Matthias Fitzi,et al.  Towards Optimal and Efficient Perfectly Secure Message Transmission , 2007, TCC.

[10]  Felix A. Fischer,et al.  On the Rate of Convergence of Fictitious Play , 2010, SAGT.

[11]  Yehuda Lindell,et al.  More Efficient Constant-Round Multi-Party Computation from BMR and SHE , 2016, IACR Cryptol. ePrint Arch..

[12]  Hu Hanping,et al.  Network security transmission based on bimatrix game theory , 2008, Wuhan University Journal of Natural Sciences.

[13]  Yongge Wang,et al.  Perfectly Secure Message Transmission Revisited , 2008, IEEE Trans. Inf. Theory.

[14]  Stefan Rass,et al.  On Game-Theoretic Network Security Provisioning , 2012, Journal of Network and Systems Management.

[15]  Mark Voorneveld,et al.  Pareto-Optimal Security Strategies as Minimax Strategies of a Standard Matrix Game , 1999 .

[16]  Debasish Ghose,et al.  Solution concepts in two-person multicriteria games , 1989 .

[17]  Debasish Ghose,et al.  A necessary and sufficient condition for Pareto-optimal security strategies in multicriteria matrix games , 1991 .

[18]  K. Srinathan,et al.  On perfectly secure communication over arbitrary networks , 2002, PODC '02.

[19]  Aner Sela Fictitious play in ‘one-against-all’ multi-player games , 1999 .

[20]  Andrew McLennan,et al.  Gambit: Software Tools for Game Theory , 2006 .

[21]  Mark Perry,et al.  A Framework for Automatic SLA Creation , 2008 .

[22]  Alexander Zelikovsky,et al.  Multiobjective Games and Determining Pareto-Nash Equilibria , 2005 .

[23]  Peter Schartner,et al.  Multipath Authentication without shared Secrets and with Applications in Quantum Networks , 2010, Security and Management.