Decision and Game Theory for Security

We revisit in this paper the resilience problem of routing traffic in a parallel link network model with a malicious player using a game theoretic framework. Consider that there are two players in the network: the first player wishes to split its traffic so as to minimize its average delay, which the second player, i.e., the malicious player, tries to maximize. The first player has a demand constraint on the total traffic it routes. The second player controls the link capacities: it can decrease by some amount the capacity of each link under a constraint on the sum of capacity degradation. We first show that the average delay function is convex both in traffic and in capacity degradation over the parallel links and thus does not have a saddle point. We identify best responses strategies of each player and compute both the max-min and the minmax values of the game. We are especially interested in the min max strategy as it guarantees the best performance under worst possible link capacity degradation. It thus allows to obtain routing strategies that are resilient and robust. We compare the results of the min-max to those obtained under the max-min strategies. We provide stable algorithms for computing both max-min and min-max strategies as well as for best responses.

[1]  R. L. Keeney,et al.  Decisions with Multiple Objectives: Preferences and Value Trade-Offs , 1977, IEEE Transactions on Systems, Man, and Cybernetics.

[2]  G. Stigler An Introduction to Privacy in Economics and Politics , 1980, The Journal of Legal Studies.

[3]  J. Rubenfeld The Right of Privacy , 1989 .

[4]  William A. Brock,et al.  Discrete Choice with Social Interactions , 2001 .

[5]  Tadeusz Radzik RESULTS AND PROBLEMS IN GAMES OF TIMING , 1996 .

[6]  A. Acquisti Protecting Privacy with Economics: Economic Incentives for Preventive Technologies in Ubiquitous Computing Environments , 2002 .

[7]  W. Brock,et al.  A Multinomial-Choice Model of Neighborhood Effects , 2002 .

[8]  B. Stengel,et al.  Leadership with commitment to mixed strategies , 2004 .

[9]  Alessandro Acquisti,et al.  Privacy and rationality in individual decision making , 2005, IEEE Security & Privacy.

[10]  Ponnurangam Kumaraguru,et al.  Privacy Indexes: A Survey of Westin's Studies , 2005 .

[11]  H. Varian Economic Aspects of Personal Privacy , 2009 .

[12]  Julian Williams,et al.  Investments and Trade-offs in the Economics of Information Security , 2009, Financial Cryptography.

[13]  Milind Tambe,et al.  Security and Game Theory: IRIS – A Tool for Strategic Security Allocation in Transportation Networks , 2011, AAMAS 2011.

[14]  Carlos Cid,et al.  Are We Compromised? Modelling Security Assessment Games , 2012, GameSec.

[15]  Milind Tambe,et al.  TRUSTS: Scheduling Randomized Patrols for Fare Inspection in Transit Systems , 2012, IAAI.

[16]  Bo An,et al.  PROTECT: a deployed game theoretic system to protect the ports of the United States , 2012, AAMAS.

[17]  Ronald L. Rivest,et al.  FlipIt: The Game of “Stealthy Takeover” , 2012, Journal of Cryptology.

[18]  Rong Yang,et al.  Scaling-up Security Games with Boundedly Rational Adversaries: A Cutting-plane Approach , 2013, IJCAI.

[19]  Jens Grossklags,et al.  A Behavioral Investigation of the FlipIt Game , 2013 .

[20]  Benedikt Nordhoff,et al.  Dijkstra’s Algorithm , 2013 .

[21]  Manish Jain,et al.  Efficiently Solving Joint Activity Based Security Games , 2013, IJCAI.

[22]  Yu Pu,et al.  An Economic Model and Simulation Results of App Adoption Decisions on Networks with Interdependent Privacy Consequences , 2014, GameSec.

[23]  Tadayoshi Kohno,et al.  Sex, Lies, or Kittens? Investigating the Use of Snapchat's Self-Destructing Messages , 2014, Financial Cryptography.

[24]  Rong Yang,et al.  Adaptive resource allocation for wildlife protection against illegal poachers , 2014, AAMAS.

[25]  Michael P. Wellman,et al.  Empirical Game-Theoretic Analysis of an Adaptive Cyber-Defense Scenario (Preliminary Report) , 2014, GameSec.

[26]  Quanyan Zhu,et al.  Flip the Cloud: Cyber-Physical Signaling Games in the Presence of Advanced Persistent Threats , 2015, GameSec.

[27]  David J. Pym,et al.  Discrete Choice, Social Interaction, and Policy in Encryption Technology Adoption (Short Paper) , 2016, Financial Cryptography.

[28]  Curtis R. Taylor,et al.  The Economics of Privacy , 2016 .