论文信息 - The Power of the Defender

The Power of the Defender

We consider a security problem on a distributed network. We assume a network whose nodes are vulnerable to infection by threats (e.g. viruses), the attackers. A system security software, the defender, is available in the system. However, due to the network’s size, economic and performance reasons, it is capable to provide safety, i.e. clean nodes from the possible presence of attackers, only to a limited part of it. The objective of the defender is to place itself in such a way as to maximize the number of attackers caught, while each attacker aims not to be caught. In [7], a basic case of this problem was modeled as a non-cooperative game, called the Edge model. There, the defender could protect a single link of the network. Here, we consider a more general case of the problem where the defender is able to scan and protect a set of k links of the network, which we call the Tuple model. It is natural to expect that this increased power of the defender should result in a better quality of protection for the network. Ideally, this would be achieved at little expense on the existence and complexity of Nash equilibria (profiles where no entity can improve its local objective unilaterally by switching placements on the network). In this paper we study pure and mixed Nash equilibria in the model. In particular, we propose algorithms for computing such equilibria in polynomial time and we provide a polynomial-time transformation of a special class of Nash equilibria, called matching equilibria, between the Edge model and the Tuple model, and vice versa. Finally, we establish that the increased power of the defender results in higher-quality protection of the network.

[1] William Cheswick,et al. Firewalls and Internet Security , 1994 .

[2] Noga Alon,et al. A Graph-Theoretic Game and Its Application to the k-Server Problem , 1995, SIAM J. Comput..

[3] Paul G. Spirakis,et al. A graph-theoretic network security game , 2005, Int. J. Auton. Adapt. Commun. Syst..

[4] Ariel Rubinstein,et al. A Course in Game Theory , 1995 .

[5] William Stallings,et al. Cryptography and Network Security: Principles and Practice , 1998 .

[6] Luis E. Ortiz,et al. Algorithms for Interdependent Security Games , 2003, NIPS.

[7] Paul G. Spirakis,et al. Network Game with Attacker and Protector Entities , 2005, ISAAC.

[8] Eric van Damme,et al. Non-Cooperative Games , 2000 .

[9] Kathryn Fraughnaugh,et al. Introduction to graph theory , 1973, Mathematical Gazette.

[10] James Aspnes,et al. Inoculation strategies for victims of viruses and the sum-of-squares partition problem , 2005, SODA '05.

[11] J. Nash. Equilibrium Points in N-Person Games. , 1950, Proceedings of the National Academy of Sciences of the United States of America.