Network Security Configurations: A Nonzero-Sum Stochastic Game Approach

In this paper, we study a network security configuration problem. More specifically, we consider distributed intrusion detection systems in a network subject to possible simultaneous attacks launched by a number of attackers. We formulate an N + M-person nonzero-sum stochastic game to capture the interactions among detection systems in the network as well as their interactions against exogenous intruders. We show the existence of stationary Nash equilibrium of the game and a value iteration method to attain an ∈-Nash equilibrium. Mimicking the concept of Shannon's capacity in information theory, we propose the notion of security capacity as the largest achievable payoff to an agent at an equilibrium to yield performance limits on the network security. Furthermore, we discuss a mathematical programming approach to characterize the equilibrium as well as the feasibility of a given security target.

[1]  A. M. Fink,et al.  Equilibrium in a stochastic $n$-person game , 1964 .

[2]  Heiko Krumm,et al.  Improving the Configuration Management of Large Network Security Systems , 2005, DSOM.

[3]  Eilon Solan Discounted Stochastic Games , 1998, Math. Oper. Res..

[4]  Matthew J. Sobel,et al.  Myopic Solutions of Markov Decision Processes and Stochastic Games , 1981, Oper. Res..

[5]  J. Filar,et al.  Competitive Markov Decision Processes , 1996 .

[6]  Quanyan Zhu,et al.  Dynamic policy-based IDS configuration , 2009, Proceedings of the 48h IEEE Conference on Decision and Control (CDC) held jointly with 2009 28th Chinese Control Conference.

[7]  Marc Dacier,et al.  Towards a taxonomy of intrusion-detection systems , 1999, Comput. Networks.

[8]  Masayuki Takahashi Equilibrium points of stochastic non-cooperative $n$-person games , 1964 .

[9]  E. Altman,et al.  Approximations in Dynamic Zero-Sum Games II , 1997 .

[10]  T. Başar,et al.  Dynamic Noncooperative Game Theory , 1982 .

[11]  Vikram Krishnamurthy,et al.  Transmission control in cognitive radio systems with latency constraints as a switching control dynamic game , 2008, 2008 47th IEEE Conference on Decision and Control.

[12]  T. E. S. Raghavan,et al.  Algorithms for stochastic games — A survey , 1991, ZOR Methods Model. Oper. Res..

[13]  Raouf Boutaba,et al.  Policy-based Management: A Historical Perspective , 2007, Journal of Network and Systems Management.

[14]  Lambert Schaelicke,et al.  Characterizing the Performance of Network Intrusion Detection Sensors , 2003, RAID.

[15]  Tung Le,et al.  Graphical Inference for Multiple Intrusion Detection , 2008, IEEE Transactions on Information Forensics and Security.

[16]  Drew Fudenberg,et al.  Game theory (3. pr.) , 1991 .