Applying game theory to analyze attacks and defenses in virtual coordinate systems

Virtual coordinate systems provide an accurate and efficient service that allows hosts on the Internet to determine latency to arbitrary hosts based on information provided by a subset of participating nodes. Unfortunately, the accuracy of the service can be severely impacted by compromised nodes providing misleading information. We define and use a game theory framework in order to identify the best attack and defense strategies assuming that the attacker is aware of the defense mechanisms. Our approach leverages concepts derived from the Nash equilibrium to model more powerful adversaries. We consider attacks that target the latency estimation (inflation, deflation, oscillation) and defense mechanisms that combine outlier detection with control theory to deter adaptive adversaries. We apply the game theory framework to demonstrate the impact and efficiency of these attack and defense strategies using a well-known virtual coordinate system and real-life Internet data sets.

[1]  Walid Dabbous,et al.  Virtual networks under attack: disrupting internet coordinate systems , 2006, CoNEXT '06.

[2]  Charles A. Holt,et al.  Regular Quantal Response Equilibrium , 2005 .

[3]  Jon Crowcroft,et al.  On the accuracy of embeddings for internet coordinate systems , 2005, IMC '05.

[4]  Playing Vivaldi in Hyperbolic Space , 2006 .

[5]  Jeannette M. Wing,et al.  Game strategies in network security , 2005, International Journal of Information Security.

[6]  Margo I. Seltzer,et al.  Network Coordinates in the Wild , 2007, NSDI.

[7]  Nicolas Christin,et al.  Secure or insure?: a game-theoretic analysis of information security games , 2008, WWW.

[8]  Micah Sherr,et al.  Veracity: a fully decentralized service for securing network coordinate systems , 2008, IPTPS.

[9]  Miguel Castro,et al.  PIC: practical Internet coordinates for distance estimation , 2004, 24th International Conference on Distributed Computing Systems, 2004. Proceedings..

[10]  Olivier Bonaventure,et al.  A Reputation-Based Approach for Securing Vivaldi Embedding System , 2007, EUNICE.

[11]  E. Rowland Theory of Games and Economic Behavior , 1946, Nature.

[12]  Walid Dabbous,et al.  Securing internet coordinate embedding systems , 2007, SIGCOMM '07.

[13]  S. Stubberud,et al.  FRIARS: a feedback control system for information assurance using a Markov decision process , 2001, Proceedings IEEE 35th Annual 2001 International Carnahan Conference on Security Technology (Cat. No.01CH37186).

[14]  Cristina Nita-Rotaru,et al.  On the accuracy of decentralized virtual coordinate systems in adversarial networks , 2007, CCS '07.

[15]  Robert Tappan Morris,et al.  Vivaldi: a decentralized network coordinate system , 2004, SIGCOMM '04.

[16]  Walid Dabbous,et al.  Real attacks on virtual networks: Vivaldi out of tune , 2006, LSAD '06.

[17]  G. Cybenko,et al.  Temporal and spatial distributed event correlation for network security , 2004, Proceedings of the 2004 American Control Conference.

[18]  Eng Keong Lua,et al.  Internet Routing Policies and Round-Trip-Times , 2005, PAM.

[19]  C. Desoer,et al.  Feedback system design: The fractional representation approach to analysis and synthesis , 1979, 1979 18th IEEE Conference on Decision and Control including the Symposium on Adaptive Processes.

[20]  Salvatore J. Stolfo,et al.  Anomalous Payload-Based Network Intrusion Detection , 2004, RAID.

[21]  R. Firoozian Feedback Control Theory , 2009 .

[22]  Micah Sherr,et al.  Veracity: Practical Secure Network Coordinates via Vote-based Agreements , 2009, USENIX Annual Technical Conference.

[23]  Krishna P. Gummadi,et al.  King: estimating latency between arbitrary internet end hosts , 2002, IMW '02.

[24]  Matt Bishop,et al.  Computer Security: Art and Science , 2002 .

[25]  Eric van Damme,et al.  Non-Cooperative Games , 2000 .

[26]  Radu State,et al.  Using game theory to configure P2P SIP , 2009, IPTComm.