A Survey of Game Theory as Applied to Network Security

Network security is a complex and challenging problem. The area of network defense mechanism design is receiving immense attention from the research community for more than two decades. However, the network security problem is far from completely solved. Researchers have been exploring the applicability of game theoretic approaches to address the network security issues and some of these approaches look promising. This paper surveys the existing game theoretic solutions which are designed to enhance network security and presents a taxonomy for classifying the proposed solutions. This taxonomy should provide the reader with a better understanding of game theoretic solutions to a variety of cyber security problems.

[1]  Zhang Shiyong,et al.  A kind of network security behavior model based on game theory , 2003, Proceedings of the Fourth International Conference on Parallel and Distributed Computing, Applications and Technologies.

[2]  N. Bambos,et al.  Security investment games of interdependent organizations , 2008, 2008 46th Annual Allerton Conference on Communication, Control, and Computing.

[3]  Tansu Alpcan,et al.  Nash equilibrium design and optimization , 2009, 2009 International Conference on Game Theory for Networks.

[4]  Jeannette M. Wing,et al.  Game strategies in network security , 2005, International Journal of Information Security.

[5]  Michael L. Littman,et al.  Markov Games as a Framework for Multi-Agent Reinforcement Learning , 1994, ICML.

[6]  Ariel Rubinstein,et al.  A Course in Game Theory , 1995 .

[7]  Stefan Savage,et al.  Inside the Slammer Worm , 2003, IEEE Secur. Priv..

[8]  Chuanyi Ji,et al.  Modeling and defending against internet worm attacks , 2007 .

[9]  Peng Liu,et al.  Incentive-based modeling and inference of attacker intent, objectives, and strategies , 2003, CCS '03.

[10]  George W. Bush,et al.  National Strategy to Secure Cyberspace , 2003 .

[11]  G. Manimaran,et al.  Internet infrastructure security: a taxonomy , 2002, IEEE Netw..

[12]  T. Başar,et al.  An Intrusion Detection Game with Limited Observations , 2005 .

[13]  Samuel N. Hamilton,et al.  The Role of Game Theory in Information Warfare , 2002 .

[14]  Jorma Jormakka,et al.  Modelling Information Warfare as a Game , 2005 .

[15]  Maria Kjaerland,et al.  A taxonomy and comparison of computer security incidents from the commercial and government sectors , 2006, Comput. Secur..

[16]  T. Basar,et al.  A game theoretic analysis of intrusion detection in access control systems , 2004, 2004 43rd IEEE Conference on Decision and Control (CDC) (IEEE Cat. No.04CH37601).

[17]  A. Patcha,et al.  A game theoretic approach to modeling intrusion detection in mobile ad hoc networks , 2004, Proceedings from the Fifth Annual IEEE SMC Information Assurance Workshop, 2004..

[18]  Scott A. Rotondo Trusted Computing Group , 2011, Encyclopedia of Cryptography and Security.

[19]  Jean Goubault-Larrecq,et al.  A Logical Framework for Evaluating Network Resilience Against Faults and Attacks , 2007, ASIAN.

[20]  Wei Sun,et al.  Information Security Investment Game with Penalty Parameter , 2008, 2008 3rd International Conference on Innovative Computing Information and Control.

[21]  Tansu Alpcan,et al.  Stochastic games for security in networks with interdependent nodes , 2009, 2009 International Conference on Game Theory for Networks.

[22]  Lawrence Carin,et al.  Quantitative Evaluation of Risk for Investment Ecient Strategies in Cybersecurity: The QuERIES Methodology , 2007 .

[23]  Wei Sun,et al.  Information Security Problem Research Based on Game Theory , 2008, 2008 International Symposium on Electronic Commerce and Security.

[24]  Peter Reiher,et al.  A taxonomy of DDoS attack and DDoS defense mechanisms , 2004, CCRV.

[25]  T. Basar,et al.  Intrusion Response as a Resource Allocation Problem , 2006, Proceedings of the 45th IEEE Conference on Decision and Control.

[26]  Ray Hunt,et al.  A taxonomy of network and computer attacks , 2005, Comput. Secur..

[27]  Tansu Alpcan,et al.  Security Games with Incomplete Information , 2009, 2009 IEEE International Conference on Communications.

[28]  Matthew C. Elder,et al.  Recent worms: a survey and trends , 2003, WORM '03.

[29]  Samuel N. Hamilton,et al.  Challenges in Applying Game Theory to the Domain of Information Warfare , 2001 .

[30]  Dimitri P. Bertsekas,et al.  Dynamic Programming and Optimal Control, Two Volume Set , 1995 .

[31]  Edward D. Lazowska,et al.  Cyber Security: A Crisis of Prioritization , 2005 .

[32]  Cristina Comaniciu,et al.  A Bayesian game approach for intrusion detection in wireless ad hoc networks , 2006, GameNets '06.

[33]  HuntRay,et al.  A taxonomy of network and computer attacks , 2005 .

[34]  Hongsheng Xi,et al.  A Markov Game Theory-Based Risk Assessment Model for Network Information System , 2008, 2008 International Conference on Computer Science and Software Engineering.