论文信息 - A Game-Theoretic Framework for Network Security Vulnerability Assessment and Mitigation

A Game-Theoretic Framework for Network Security Vulnerability Assessment and Mitigation

In this paper we propose and discuss a game-theoretic framework for (a) evaluating security vulnerability, (b) quantifying the corresponding Pareto optimal vulnerability/cost tradeoff, and (c) identifying the optimal operating point on this Pareto optimal frontier. We discuss our framework in the context of a flow-level model of Supply-Demand (S-D) network where we assume a sophisticated attacker attempting to disrupt the network flow. The vulnerability metric is determined by the Nash equilibrium payoff of the corresponding game. The vulnerability/cost tradeoff is derived by assuming that “the network” can reduce the security vulnerability at the cost of using more expensive flows and the optimal operating point is determined by “the network” preferences with respect to vulnerability and cost. We illustrate the proposed framework on examples through numerical investigations.

Vladimir Marbukh | Assane Gueye

[1] Lawrence A. Gordon,et al. The economics of information security investment , 2002, TSEC.

[2] Assane Gueye,et al. A Game Theoretical Approach to Communication Security , 2011 .

[3] John S. Baras,et al. Decision and Game Theory for Security , 2010, Lecture Notes in Computer Science.

[4] Lawrence A. Gordon,et al. The economics of information security investment , 2002, TSEC.

[5] Levente Buttyán,et al. Game-theoretic Robustness of Many-to-one Networks , 2012, GAMENETS.

[6] Jean C. Walrand,et al. Design of Network Topology in an Adversarial Environment , 2010, GameSec.

[7] D. R. Fulkerson,et al. Blocking Pairs of Polyhedra Arising from Network Flows , 1975 .

[8] Tyler Moore,et al. Measuring the Cost of Cybercrime , 2012, WEIS.

[9] Kamalakar Karlapalem,et al. Cost Tradeoffs for Information Security Assurance , 2005, WEIS.

[10] Karen A. Scarfone,et al. A Complete Guide to the Common Vulnerability Scoring System Version 2.0 | NIST , 2007 .

[11] Jean C. Walrand,et al. Towards a Metric for Communication Network Vulnerability to Attacks: A Game Theoretic Approach , 2012, GAMENETS.

[12] Laurence A. Wolsey,et al. Integer and Combinatorial Optimization , 1988 .

[13] A. McNeil. Extreme Value Theory for Risk Managers , 1999 .