Game Theory for Network Security

As networks become ubiquitous in people's lives, users depend on networks a lot for sufficient communication and convenient information access. However, networks suffer from security issues. Network security becomes a challenging topic since numerous new network attacks have appeared increasingly sophisticated and caused vast loss to network resources. Game theoretic approaches have been introduced as a useful tool to handle those tricky network attacks. In this paper, we review the existing game-theory based solutions for network security problems, classifying their application scenarios under two categories, attack-defense analysis and security measurement. Moreover, we present a brief view of the game models in those solutions and summarize them into two categories, cooperative game models and non-cooperative game models with the latter category consisting of subcategories. In addition to the introduction to the state of the art, we discuss the limitations of those game theoretic approaches and propose future research directions.

[1]  Chuanyi Ji,et al.  Modeling and defending against internet worm attacks , 2007 .

[2]  Salim Hariri,et al.  Game Theory Based Network Security , 2010, J. Information Security.

[3]  Shahram Latifi,et al.  Partial iris and recognition as a viable biometric scheme , 2011, Int. J. Secur. Networks.

[4]  Svein J. Knapskog,et al.  Towards a stochastic model for integrated security and dependability evaluation , 2006, First International Conference on Availability, Reliability and Security (ARES'06).

[5]  R. Gibbons Game theory for applied economists , 1992 .

[6]  Tansu Alpcan,et al.  Stochastic games for security in networks with interdependent nodes , 2009, 2009 International Conference on Game Theory for Networks.

[7]  Carl E. Landwehr,et al.  Basic concepts and taxonomy of dependable and secure computing , 2004, IEEE Transactions on Dependable and Secure Computing.

[8]  K. P. Subbalakshmi,et al.  KL-sense secure image steganography , 2011, Int. J. Secur. Networks.

[9]  Jingyuan Zhang,et al.  Hidden information in Microsoft Word , 2011, Int. J. Secur. Networks.

[10]  John A. Buzacott Markov Approach to Finding Failure Times of Repairable Systems , 1970 .

[11]  Moustafa Youssef,et al.  A source authentication scheme using network coding , 2011, Int. J. Secur. Networks.

[12]  Hrishikesh B. Acharya,et al.  Is That You? Authentication in a Network without Identities , 2011, 2011 IEEE Global Telecommunications Conference - GLOBECOM 2011.

[13]  Ariel Rubinstein,et al.  A Course in Game Theory , 1995 .

[14]  Christos H. Papadimitriou,et al.  Worst-case Equilibria , 1999, STACS.

[15]  Abdelrahman Desoky,et al.  Edustega: an Education-Centric Steganography methodology , 2011, Int. J. Secur. Networks.

[16]  Tansu Alpcan,et al.  Coalitional Game Theory for Security Risk Management , 2010, 2010 Fifth International Conference on Internet Monitoring and Protection.

[17]  M. Dufwenberg Game theory. , 2011, Wiley interdisciplinary reviews. Cognitive science.

[18]  L. Shapley,et al.  Stochastic Games* , 1953, Proceedings of the National Academy of Sciences.

[19]  Guoliang Xue,et al.  Authenticating strangers in Online Social Networks , 2011, Int. J. Secur. Networks.

[20]  Yang Xiao,et al.  Change-Point Monitoring for Secure In-Network Aggregation in Wireless Sensor Networks , 2007, IEEE GLOBECOM 2007 - IEEE Global Telecommunications Conference.

[21]  Lawrence Carin,et al.  Cybersecurity Strategies: The QuERIES Methodology , 2008, Computer.

[22]  Nicolas Christin,et al.  Secure or insure?: a game-theoretic analysis of information security games , 2008, WWW.

[23]  Tansu Alpcan,et al.  Security Games with Incomplete Information , 2009, 2009 IEEE International Conference on Communications.

[24]  Yang Xiao,et al.  Intrusion Detection in Cellular Mobile Networks , 2007 .

[25]  T. Basar,et al.  Intrusion Response as a Resource Allocation Problem , 2006, Proceedings of the 45th IEEE Conference on Decision and Control.

[26]  Mehran S. Fallah A Puzzle-Based Defense Strategy Against Flooding Attacks Using Game Theory , 2010, IEEE Transactions on Dependable and Secure Computing.

[27]  Hongsheng Xi,et al.  A Markov Game Theory-Based Risk Assessment Model for Network Information System , 2008, 2008 International Conference on Computer Science and Software Engineering.

[28]  Yang Xiao,et al.  Detection of Fraudulent Usage in Wireless Networks , 2007, IEEE Transactions on Vehicular Technology.

[29]  Jorma Jormakka,et al.  Modelling Information Warfare as a Game , 2005 .

[30]  A. Patcha,et al.  A game theoretic approach to modeling intrusion detection in mobile ad hoc networks , 2004, Proceedings from the Fifth Annual IEEE SMC Information Assurance Workshop, 2004..

[31]  Svein J. Knapskog,et al.  Using Stochastic Game Theory to Compute the Expected Behavior of Attackers , 2005, 2005 Symposium on Applications and the Internet Workshops (SAINT 2005 Workshops).

[32]  Nicolas Christin,et al.  When Information Improves Information Security , 2010, Financial Cryptography.

[33]  Xiaohui Liang,et al.  ESPAC: Enabling Security and Patient-centric Access Control for eHealth in cloud computing , 2011, Int. J. Secur. Networks.

[34]  Lin Chen,et al.  A Game Theoretical Framework on Intrusion Detection in Heterogeneous Networks , 2009, IEEE Transactions on Information Forensics and Security.

[35]  Tansu Alpcan,et al.  Security Risk Management via Dynamic Games with Learning , 2011, 2011 IEEE International Conference on Communications (ICC).

[36]  Samuel N. Hamilton,et al.  The Role of Game Theory in Information Warfare , 2002 .

[37]  T. Basar,et al.  A game theoretic analysis of intrusion detection in access control systems , 2004, 2004 43rd IEEE Conference on Decision and Control (CDC) (IEEE Cat. No.04CH37601).

[38]  Guang Gong,et al.  On the (in)security of two Joint Encryption and Error Correction schemes , 2011, Int. J. Secur. Networks.

[39]  Siu-Ming Yiu,et al.  Exclusion-intersection encryption , 2011, 2011 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).

[40]  Matthew N. O. Sadiku,et al.  An intrusion detection technique based on continuous binary communication channels , 2011, Int. J. Secur. Networks.

[41]  Victor C. M. Leung,et al.  Enhancing security using mobility-based anomaly detection in cellular mobile networks , 2004, IEEE Transactions on Vehicular Technology.

[42]  Shanell Shanay Frazer Analyzing Security Incidents Reported by The United States Computer Emergency Readiness Team , 2015 .

[43]  Radha Poovendran,et al.  Optimal Jamming Attacks and Network Defense Policies in Wireless Sensor Networks , 2007, IEEE INFOCOM 2007 - 26th IEEE International Conference on Computer Communications.

[44]  Yang Xiao,et al.  Integration of mobility and intrusion detection for wireless ad hoc networks , 2007, Int. J. Commun. Syst..

[45]  Yang Xiao,et al.  Bio-inspired true coalition formation on intrusion detection by mobile robots , 2009, 2009 5th International Conference on Collaborative Computing: Networking, Applications and Worksharing.

[46]  J. Filar,et al.  Competitive Markov Decision Processes , 1996 .

[47]  Peng Liu,et al.  Incentive-based modeling and inference of attacker intent, objectives, and strategies , 2003, CCS '03.

[48]  Yang Xiao,et al.  NIS08-2: Enhancing Security using Calling Activity for Wireless Networks , 2006, IEEE Globecom 2006.

[49]  Anthony Ephremides,et al.  Jamming games in wireless networks with incomplete information , 2011, IEEE Communications Magazine.

[50]  Jeff S. Shamma,et al.  Dynamic fictitious play, dynamic gradient play, and distributed convergence to Nash equilibria , 2005, IEEE Transactions on Automatic Control.

[51]  Cristina Comaniciu,et al.  A Bayesian game approach for intrusion detection in wireless ad hoc networks , 2006, GameNets '06.

[52]  Neeraj Jaggi,et al.  A three dimensional sender anonymity metric , 2011, Int. J. Secur. Networks.

[53]  Jean C. Walrand,et al.  How Bad Are Selfish Investments in Network Security? , 2011, IEEE/ACM Transactions on Networking.

[54]  Zhang Shiyong,et al.  A kind of network security behavior model based on game theory , 2003, Proceedings of the Fourth International Conference on Parallel and Distributed Computing, Applications and Technologies.

[55]  Harvey J. Greenberg,et al.  How to Analyze the Results of Linear Programs-Part 3: Infeasibility Diagnosis , 1993 .

[56]  Jie Wu,et al.  Friendship-based location privacy in Mobile Social Networks , 2011, Int. J. Secur. Networks.

[57]  Jeannette M. Wing,et al.  Game strategies in network security , 2005, International Journal of Information Security.

[58]  Prasant Mohapatra,et al.  Rendezvous based trust propagation to enhance distributed network security , 2011, 2011 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).

[59]  Yang Xiao,et al.  Studying Bio-Inspired Coalition Formation of Robots for Detecting Intrusions Using Game Theory , 2010, IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics).

[60]  A. N. Zincir-Heywood,et al.  Intrusion Detection Systems , 2008 .

[61]  T. Başar,et al.  An Intrusion Detection Game with Limited Observations , 2005 .

[62]  Chase Qishi Wu,et al.  A Survey of Game Theory as Applied to Network Security , 2010, 2010 43rd Hawaii International Conference on System Sciences.

[63]  Svein J. Knapskog,et al.  On Stochastic Modeling for Integrated Security and Dependability Evaluation , 2006, J. Networks.

[64]  ChenLin,et al.  A game theoretical framework on intrusion detection in heterogeneous networks , 2009 .

[65]  Eugene H. Spafford,et al.  Using internal sensors for computer intrusion detection , 2001 .

[66]  J. Vihar A Survey of Cyber Crimes , 2015 .

[67]  Shensheng Tang,et al.  An epidemic model with adaptive virus spread control for Wireless Sensor Networks , 2011, Int. J. Secur. Networks.

[68]  Yang Xiao,et al.  Outlier detection based fault tolerant data aggregation for wireless sensor networks , 2011, 2011 5th International Conference on Application of Information and Communication Technologies (AICT).

[69]  Yang Xiao,et al.  Intrusion detection techniques in mobile ad hoc and wireless sensor networks , 2007, IEEE Wireless Communications.

[70]  Yang Xiao,et al.  Integration of Secure In-Network Aggregation and System Monitoring for Wireless Sensor Networks , 2007, 2007 IEEE International Conference on Communications.

[71]  Ji Yi,et al.  A Game Theoretical Attack-Defense Model Oriented to Network Security Risk Assessment , 2008, 2008 International Conference on Computer Science and Software Engineering.

[72]  Svein J. Knapskog,et al.  A Framework for Predicting Security and Dependability Measures in Real-time , 2007 .

[73]  Ying Liang,et al.  Stochastic Game Theoretic Method of Quantification for Network Situational Awareness , 2008, 2008 International Conference on Internet Computing in Science and Engineering.

[74]  Victor C. M. Leung,et al.  Improved IP Multimedia Subsystem Authentication mechanism for 3G-WLAN networks , 2011, 2011 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).