Network Security

Covering attack detection, malware response, algorithm and mechanism design, privacy, and risk management, this comprehensive work applies unique quantitative models derived from decision, control, and game theories to understanding diverse network security problems. It provides the reader with a system-level theoretical understanding of network security, and is essential reading for researchers interested in a quantitative approach to key incentive and resource allocation issues in the field. It also provides practitioners with an analytical foundation that is useful for formalising decision-making processes in network security.

[1]  Michael Bloem,et al.  Malware Filtering for Network Security Using Weighted Optimality Measures , 2007, 2007 IEEE International Conference on Control Applications.

[2]  Eitan Altman,et al.  CDMA Uplink Power Control as a Noncooperative Game , 2002, Wirel. Networks.

[3]  Thomas M. Chen,et al.  Effectiveness of Quarantine in Worm Epidemics , 2006, 2006 IEEE International Conference on Communications.

[4]  T. Lai SEQUENTIAL ANALYSIS: SOME CLASSICAL PROBLEMS AND NEW CHALLENGES , 2001 .

[5]  Lykomidis Mastroleon Scalable resource control in large-scale computing/networking infrastructures , 2009 .

[6]  Tansu Alpcan,et al.  Distributed hypothesis testing with a fusion center: The conditionally dependent case , 2008, 2008 47th IEEE Conference on Decision and Control.

[7]  Tansu Alpcan,et al.  A game theoretic model for digital identity and trust in online communities , 2010, ASIACCS '10.

[8]  Tansu Alpcan,et al.  Power Control for Multicell CDMA Wireless Networks: A Team Optimization Approach , 2005, WiOpt.

[9]  Cem U. Saraydar,et al.  Pricing and power control in a multicell wireless data network , 2001, IEEE J. Sel. Areas Commun..

[10]  Audun Jøsang,et al.  A survey of trust and reputation systems for online service provision , 2007, Decis. Support Syst..

[11]  Guido van Rossum,et al.  An Introduction to Python , 2003 .

[12]  Jens Zander,et al.  Jamming games in slotted Aloha packet radio networks , 1990, IEEE Conference on Military Communications.

[13]  David C. Parkes,et al.  On non-cooperative location privacy: a game-theoretic analysis , 2009, CCS.

[14]  John N. Tsitsiklis,et al.  Parallel and distributed computation , 1989 .

[15]  István Maros A General Pricing Scheme for the Simplex Method , 2003, Ann. Oper. Res..

[16]  Donald F. Towsley,et al.  Locating network monitors: complexity, heuristics, and coverage , 2005, INFOCOM.

[17]  Jeff S. Shamma,et al.  Unified convergence proofs of continuous-time fictitious play , 2004, IEEE Transactions on Automatic Control.

[18]  Katya Scheinberg,et al.  An Efficient Implementation of an Active Set Method for SVMs , 2006, J. Mach. Learn. Res..

[19]  Zhu Han,et al.  Coalitional game theory for communication networks , 2009, IEEE Signal Processing Magazine.

[20]  N. Bambos,et al.  Security investment games of interdependent organizations , 2008, 2008 46th Annual Allerton Conference on Communication, Control, and Computing.

[21]  John N. Tsitsiklis,et al.  Extremal properties of likelihood-ratio quantizers , 1993, IEEE Trans. Commun..

[22]  Panagiotis Papadimitratos,et al.  Secure vehicular communication systems: implementation, performance, and research challenges , 2008, IEEE Communications Magazine.

[23]  P. D. Groom,et al.  The IT security model , 2003 .

[24]  Christian Bauckhage,et al.  A discrete-time parallel update algorithm for distributed learning , 2008, 2008 19th International Conference on Pattern Recognition.

[25]  Eric van Damme,et al.  Non-Cooperative Games , 2000 .

[26]  Tansu Alpcan,et al.  Distributed Algorithms for Nash Equilibria of Flow Control Games , 2005 .

[27]  Michael Bloem,et al.  An optimal control approach to malware filtering , 2007, 2007 46th IEEE Conference on Decision and Control.

[28]  Nancy R. Mead,et al.  Survivable Network Systems: An Emerging Discipline , 1997 .

[29]  Joseph Y. Halpern,et al.  Iterated Regret Minimization: A More Realistic Solution Concept , 2008, ArXiv.

[30]  Tansu Alpcan,et al.  Nash equilibrium design and optimization , 2009, 2009 International Conference on Game Theory for Networks.

[31]  M. L. Chambers The Mathematical Theory of Optimal Processes , 1965 .

[32]  John S. Baras,et al.  Malicious Users in Unstructured Networks , 2007, IEEE INFOCOM 2007 - 26th IEEE International Conference on Computer Communications.

[33]  Lorrie Faith Cranor,et al.  Security and Usability: Designing Secure Systems that People Can Use , 2005 .

[34]  Petteri Nurmi,et al.  A Bayesian framework for online reputation systems , 2006, Advanced Int'l Conference on Telecommunications and Int'l Conference on Internet and Web Applications and Services (AICT-ICIW'06).

[35]  Anthony Ephremides,et al.  A Game-Theoretic Analysis of Denial of Service Attacks in Wireless Random Access , 2007, WiOpt.

[36]  Andrew P. Moore,et al.  Foundations for Survivable Systems Engineering , 2002 .

[37]  Amy Nicole Langville,et al.  A Survey of Eigenvector Methods for Web Information Retrieval , 2005, SIAM Rev..

[38]  Shivani Agarwal,et al.  Ranking on graph data , 2006, ICML.

[39]  John S. Baras,et al.  A framework for MAC protocol misbehavior detection in wireless networks , 2005, WiSe '05.

[40]  Tamer Basar,et al.  The detection of RCS worm epidemics , 2005, WORM '05.

[41]  Jean-Yves Le Boudec,et al.  A test-bed for misbehavior detection in mobile ad-hoc networks - how much can watchdogs really do? , 2004, Sixth IEEE Workshop on Mobile Computing Systems and Applications.

[42]  Tamer Basar,et al.  Distributed algorithms for the computation of noncooperative equilibria , 1987, Autom..

[43]  Sven Leyffer,et al.  The Return of the Active Set Method , 2005 .

[44]  Michail G. Lagoudakis,et al.  Value Function Approximation in Zero-Sum Markov Games , 2002, UAI.

[45]  P. Resnick,et al.  The value of reputation on eBay: A controlled experiment , 2006 .

[46]  Frank Stajano,et al.  Mix zones: user privacy in location-aware services , 2004, IEEE Annual Conference on Pervasive Computing and Communications Workshops, 2004. Proceedings of the Second.

[47]  Tansu Alpcan,et al.  Dynamic Control and Mitigation of Interdependent IT Security Risks , 2010, 2010 IEEE International Conference on Communications.

[48]  H. Vincent Poor,et al.  An introduction to signal detection and estimation (2nd ed.) , 1994 .

[49]  Benjamin Johnson,et al.  Uncertainty in the weakest-link security game , 2009, 2009 International Conference on Game Theory for Networks.

[50]  Sachin Agarwal,et al.  A stackelberg game for pricing uplink power in wide-band cognitive radio networks , 2008, 2008 47th IEEE Conference on Decision and Control.

[51]  Donald F. Towsley,et al.  On neighbor discovery in wireless networks with directional antennas , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[52]  Tansu Alpcan,et al.  A Game Theoretic Recommendation System for Security Alert Dissemination , 2009, 2009 International Conference on Network and Service Security.

[53]  T. Basar,et al.  H∞-0ptimal Control and Related Minimax Design Problems: A Dynamic Game Approach , 1996, IEEE Trans. Autom. Control..

[54]  Kaoru Sezaki,et al.  Enhancing wireless location privacy using silent period , 2005, IEEE Wireless Communications and Networking Conference, 2005.

[55]  Rick S. Blum,et al.  The good, bad and ugly: distributed detection of a known signal in dependent Gaussian noise , 2000, IEEE Trans. Signal Process..

[56]  Yoav Shoham,et al.  Essentials of Game Theory: A Concise Multidisciplinary Introduction , 2008, Essentials of Game Theory: A Concise Multidisciplinary Introduction.

[57]  Pramod K. Varshney,et al.  Distributed Bayesian signal detection , 1989, IEEE Trans. Inf. Theory.

[58]  Jeff S. Shamma,et al.  Dynamic fictitious play, dynamic gradient play, and distributed convergence to Nash equilibria , 2005, IEEE Transactions on Automatic Control.

[59]  Christophe Diot,et al.  Reformulating the Monitor Placement Problem: Optimal Network-Wide Sampling , 2006 .

[60]  T. Basar,et al.  A game theoretic analysis of intrusion detection in access control systems , 2004, 2004 43rd IEEE Conference on Decision and Control (CDC) (IEEE Cat. No.04CH37601).

[61]  Christian Bauckhage Image Tagging Using PageRank over Bipartite Graphs , 2008, DAGM-Symposium.

[62]  Firooz Sadjadi Hypotheses Testing in a Distributed Environment , 1986, IEEE Transactions on Aerospace and Electronic Systems.

[63]  Jean C. Walrand,et al.  Game Theory in Communication Systems [Guest Editorial] , 2008, IEEE Journal on Selected Areas in Communications.

[64]  Srdjan Capkun,et al.  Jamming-resistant Key Establishment using Uncoordinated Frequency Hopping , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[65]  Tansu Alpcan,et al.  Modeling dependencies in security risk management , 2009, 2009 Fourth International Conference on Risks and Security of Internet and Systems (CRiSIS 2009).

[66]  Cristina Comaniciu,et al.  A Bayesian game approach for intrusion detection in wireless ad hoc networks , 2006, GameNets '06.

[67]  Jean-Yves Le Boudec,et al.  On the Age of Pseudonyms in Mobile Ad Hoc Networks , 2010, 2010 Proceedings IEEE INFOCOM.

[68]  T. Başar,et al.  Asymptotically optimal quantization for detection in power constrained decentralized sensor networks , 2006, 2006 American Control Conference.

[69]  Christopher M. Bishop,et al.  Pattern Recognition and Machine Learning (Information Science and Statistics) , 2006 .

[70]  Katsuhiko Ogata,et al.  Modern Control Engineering , 1970 .

[71]  Lin Chen,et al.  On Selfish and Malicious Behaviors in Wireless Networks - a Non-cooperative Game Theoretic Approach. (Sur les Comportements Égoïstes et Malveillants dans les Réseaux sans Fil - une Approche base sur la Théorie des Jeux Non-coopératifs) , 2008 .

[72]  Drew Fudenberg,et al.  When is Reputation Bad? , 2002, Games Econ. Behav..

[73]  T. Başar,et al.  Distributed computation of Nash equilibria in linear-quadratic stochastic differential games , 1989 .

[74]  J. Andel Sequential Analysis , 2022, The SAGE Encyclopedia of Research Design.

[75]  Karin Sallhammar,et al.  Stochastic Models for Combined Security and Dependability Evaluation , 2007 .

[76]  H. Kashima,et al.  Kernels for graphs , 2004 .

[77]  T. Başar,et al.  An Intrusion Detection Game with Limited Observations , 2005 .

[78]  Michael L. Littman,et al.  Markov Games as a Framework for Multi-Agent Reinforcement Learning , 1994, ICML.

[79]  Ariel Rubinstein,et al.  A Course in Game Theory , 1995 .

[80]  T. Basar,et al.  Relaxation techniques and asynchronous algorithms for on-line computation of noncooperative equilibria , 1987, 26th IEEE Conference on Decision and Control.

[81]  Feng Zhu,et al.  Rational exposure: A game theoretic approach to optimize identity exposure in pervasive computing environments , 2009, 2009 IEEE International Conference on Pervasive Computing and Communications.

[82]  Christian Bauckhage,et al.  A Probabilistic Diffusion Scheme for Anomaly Detection on Smartphones , 2010, WISTP.

[83]  Tin Kam Ho,et al.  Building projectable classifiers of arbitrary complexity , 1996, Proceedings of 13th International Conference on Pattern Recognition.

[84]  Tansu Alpcan,et al.  Stochastic games for security in networks with interdependent nodes , 2009, 2009 International Conference on Game Theory for Networks.

[85]  Bernhard Schölkopf,et al.  Ranking on Data Manifolds , 2003, NIPS.

[86]  R. Srikant,et al.  Correlated Jamming on MIMO Gaussian Fading Channels , 2004, IEEE Trans. Inf. Theory.

[87]  Ross J. Anderson Security engineering - a guide to building dependable distributed systems (2. ed.) , 2001 .

[88]  B. Ahn Solution of nonsymmetric linear complementarity problems by iterative methods , 1981 .

[89]  Jolyon Clulow,et al.  New Strategies for Revocation in Ad-Hoc Networks , 2007, ESAS.

[90]  V.F. Kleist,et al.  The code book: the science of secrecy from ancient egypt to quantum cryptography [Book Review] , 2002, IEEE Annals of the History of Computing.

[91]  Roger B. Myerson,et al.  Game theory - Analysis of Conflict , 1991 .

[92]  David Moore,et al.  Internet quarantine: requirements for containing self-propagating code , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[93]  Jonathan Katz,et al.  A Game-Theoretic Framework for Analyzing Trust-Inference Protocols , 2004 .

[94]  Radha Poovendran,et al.  Swing & swap: user-centric approaches towards maximizing location privacy , 2006, WPES '06.

[95]  J. Tsitsiklis Decentralized Detection' , 1993 .

[96]  Thomas Kailath,et al.  Linear Systems , 1980 .

[97]  Peter Mell,et al.  Intrusion Detection Systems , 2001 .

[98]  R. Poovendran,et al.  CARAVAN: Providing Location Privacy for VANET , 2005 .

[99]  O. Patrick Kreidl,et al.  Feedback control applied to survivability: a host-based autonomic defense system , 2004, IEEE Transactions on Reliability.

[100]  Zhu Han,et al.  Physical layer security game: How to date a girl with her boyfriend on the same table , 2009, 2009 International Conference on Game Theory for Networks.

[101]  Levente Buttyán,et al.  On the Effectiveness of Changing Pseudonyms to Provide Location Privacy in VANETs , 2007, ESAS.

[102]  Levente Buttyán,et al.  Nash equilibria of packet forwarding strategies in wireless ad hoc networks , 2006, IEEE Transactions on Mobile Computing.

[103]  Anthony Ephremides,et al.  MAC games for distributed wireless network security with incomplete information of selfish and malicious user types , 2009, 2009 International Conference on Game Theory for Networks.

[104]  Ranjan K. Mallik,et al.  Analysis of an on-off jamming situation as a dynamic game , 2000, IEEE Trans. Commun..

[105]  A. Atiya,et al.  Learning with Kernels: Support Vector Machines, Regularization, Optimization, and Beyond , 2005, IEEE Transactions on Neural Networks.

[106]  Tansu Alpcan,et al.  A Malware Detector Placement Game for Intrusion Detection , 2007, CRITIS.

[107]  W. Mao,et al.  Comments on "Correlated Jamming on MIMO Gaussian Fading Channels" , 2006, IEEE Trans. Inf. Theory.

[108]  Maxim Raya,et al.  Revocation games in ephemeral networks , 2008, CCS.

[109]  Jean-Yves Le Boudec,et al.  Self-policing mobile ad hoc networks by reputation systems , 2005, IEEE Communications Magazine.

[110]  Stefan Schmid,et al.  On the windfall of friendship: inoculation strategies on social networks , 2008, EC '08.

[111]  Robert R. Tenney,et al.  Detection with distributed sensors , 1980 .

[112]  Adrian Perrig,et al.  On the distribution and revocation of cryptographic keys in sensor networks , 2005, IEEE Transactions on Dependable and Secure Computing.

[113]  Tansu Alpcan,et al.  A control theoretic approach to noncooperative game design , 2009, Proceedings of the 48h IEEE Conference on Decision and Control (CDC) held jointly with 2009 28th Chinese Control Conference.

[114]  Alexander M. Millkey The Black Swan: The Impact of the Highly Improbable , 2009 .

[115]  Venugopal V. Veeravalli,et al.  Asymptotic results for decentralized detection in power constrained wireless sensor networks , 2004, IEEE Journal on Selected Areas in Communications.

[116]  Cormac Herley,et al.  So long, and no thanks for the externalities: the rational rejection of security advice by users , 2009, NSPW '09.

[117]  David R. Musicant,et al.  Active set support vector regression , 2004, IEEE Transactions on Neural Networks.

[118]  John N. Tsitsiklis,et al.  On the complexity of decentralized decision making and detection problems , 1985 .

[119]  Nicolas Christin,et al.  Secure or insure?: a game-theoretic analysis of information security games , 2008, WWW.

[120]  Christian Bauckhage,et al.  A distributed machine learning framework , 2009, Proceedings of the 48h IEEE Conference on Decision and Control (CDC) held jointly with 2009 28th Chinese Control Conference.

[121]  B. Anderson,et al.  Optimal control: linear quadratic methods , 1990 .

[122]  Nicholas Bambos,et al.  Security Decision-Making among Interdependent Organizations , 2008, 2008 21st IEEE Computer Security Foundations Symposium.

[123]  Konstantin Rozinov krozinov Are Usability and Security Two Opposite Directions in Computer Systems ? , 2004 .

[124]  Andrew James Simmonds,et al.  An Ontology for Network Security Attacks , 2004, AACC.

[125]  Sahin Albayrak,et al.  Application-level Simulation for Network Security , 2010, Simul..

[126]  Sajal K. Das,et al.  Intrusion detection in sensor networks: a non-cooperative game approach , 2004, Third IEEE International Symposium on Network Computing and Applications, 2004. (NCA 2004). Proceedings..

[127]  Nicholas Bambos,et al.  Dynamic Risk Mitigation in Computing Infrastructures , 2007, Third International Symposium on Information Assurance and Security.

[128]  David Moore,et al.  Code-Red: a case study on the spread and victims of an internet worm , 2002, IMW '02.

[129]  Eitan Altman,et al.  Multiuser rate-based flow control , 1998, IEEE Trans. Commun..

[130]  Tansu Alpcan,et al.  Security games for vehicular networks , 2008, 2008 46th Annual Allerton Conference on Communication, Control, and Computing.

[131]  Paul Resnick,et al.  Trust among strangers in internet transactions: Empirical analysis of eBay' s reputation system , 2002, The Economics of the Internet and E-commerce.

[132]  Stefan Axelsson,et al.  The base-rate fallacy and its implications for the difficulty of intrusion detection , 1999, CCS '99.

[133]  J. Neumann Zur Theorie der Gesellschaftsspiele , 1928 .

[134]  Paul G. Spirakis,et al.  A graph-theoretic network security game , 2008, Int. J. Auton. Adapt. Commun. Syst..

[135]  Eugene H. Spafford,et al.  Using internal sensors for computer intrusion detection , 2001 .

[136]  Jakob Nielsen,et al.  Usability engineering , 1997, The Computer Science and Engineering Handbook.

[137]  Maxim Raya,et al.  On the tradeoff between trust and privacy in wireless ad hoc networks , 2010, WiSec '10.

[138]  Tansu Alpcan,et al.  A Decentralized Bayesian Attack Detection Algorithm for Network Security , 2008, SEC.

[139]  T. Basar,et al.  A game theoretic approach to decision and analysis in network intrusion detection , 2003, 42nd IEEE International Conference on Decision and Control (IEEE Cat. No.03CH37475).

[140]  Tansu Alpcan,et al.  Noncooperative Games for Control of Networked Systems , 2006 .

[141]  J. Nash Equilibrium Points in N-Person Games. , 1950, Proceedings of the National Academy of Sciences of the United States of America.

[142]  H. Vincent Poor,et al.  Decentralized Sequential Detection with a Fusion Center Performing the Sequential Test , 1992 .

[143]  Jean-Pierre Hubaux,et al.  Security and Cooperation in Wireless Networks , 2007, ESAS.

[144]  H. Vincent Poor,et al.  Minimax robust decentralized detection , 1994, IEEE Trans. Inf. Theory.

[145]  Michael Bloem,et al.  Optimal and robust epidemic response for multiple networks , 2007, 2007 46th IEEE Conference on Decision and Control.

[146]  Ulrich Berger Fictitious play in 2xn games , 2003 .

[147]  Tansu Alpcan,et al.  Security Games with Incomplete Information , 2009, 2009 IEEE International Conference on Communications.

[148]  Murali S. Kodialam,et al.  Detecting network intrusions via sampling: a game theoretic approach , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[149]  Herbert W. Hethcote,et al.  The Mathematics of Infectious Diseases , 2000, SIAM Rev..

[150]  Alex Pentland,et al.  Reality mining: sensing complex social systems , 2006, Personal and Ubiquitous Computing.

[151]  Stefan Schmid,et al.  When selfish meets evil: byzantine players in a virus inoculation game , 2006, PODC '06.

[152]  V. Veeravalli,et al.  Decentralized Detection with Correlated Observations , 2007, 2007 Conference Record of the Forty-First Asilomar Conference on Signals, Systems and Computers.

[153]  Michael L. Littman,et al.  Cyclic Equilibria in Markov Games , 2005, NIPS.

[154]  Tansu Alpcan,et al.  Coalitional Game Theory for Security Risk Management , 2010, 2010 Fifth International Conference on Internet Monitoring and Protection.

[155]  Michael Vogt,et al.  Active-Set Methods for Support Vector Machines , 2005 .

[156]  P. J. Huber A Robust Version of the Probability Ratio Test , 1965 .

[157]  T. Basar,et al.  Intrusion Response as a Resource Allocation Problem , 2006, Proceedings of the 45th IEEE Conference on Decision and Control.