Game Theory Based Dynamic Defense Mechanism for SDN

Many efforts have been down on tackling the network security issues using game theory, especially studying the dynamic defense mechanism. They mostly concentrated on the traditional networks, while omitting the advantages of SDN (software-defined networks). In this paper, we formulate a new defense framework for SDN, which adopts multistage dynamic defense strategies with the help of a quantization method of attack. The defender may find the behaviors of a particular attacker and make an adaptive response. This framework seeks to support the defender to interact with an attacker following the initial deployment of cyber defenses. Finally, we conduct evaluations to verify the effectiveness of the framework and method proposed in the paper. In the future, we will further study how to improve the defense capability of those critical nodes in SDN, enable more sophisticated responses to attacker behaviors, and improve the defensive situation.

[1]  Hongbo Zhu,et al.  Deceptive Attack and Defense Game in Honeypot-Enabled Networks for the Internet of Things , 2016, IEEE Internet of Things Journal.

[2]  Quanyan Zhu,et al.  Game theory meets network security and privacy , 2013, CSUR.

[3]  Iwasokun Gabriel Babatunde,et al.  DGM approach to network attacker and defender strategies , 2013, 8th International Conference for Internet Technology and Secured Transactions (ICITST-2013).

[4]  Li Aiping,et al.  Research on Active Defense Technology in Network Security Based on Non-Cooperative Dynamic Game Theory , 2011 .

[5]  Andrei V. Gurtov,et al.  Security in Software Defined Networks: A Survey , 2015, IEEE Communications Surveys & Tutorials.

[6]  Steven Tadelis Game theory : an introduction , 2013 .

[7]  Chuang Lin,et al.  Analysis for Network Attack-Defense Based on Stochastic Game Model: Analysis for Network Attack-Defense Based on Stochastic Game Model , 2010 .

[8]  Jean C. Walrand,et al.  Security in networks: A game-theoretic approach , 2008, 2008 47th IEEE Conference on Decision and Control.

[9]  Wang Yuan Analysis for Network Attack-Defense Based on Stochastic Game Model , 2010 .

[10]  Fernando M. V. Ramos,et al.  Towards secure and dependable software-defined networks , 2013, HotSDN '13.

[11]  Mohsen Guizani,et al.  Software-defined networking security: pros and cons , 2015, IEEE Communications Magazine.

[12]  Kim-Kwang Raymond Choo,et al.  Security, Privacy, and Anonymity in Computation, Communication, and Storage , 2017, Lecture Notes in Computer Science.

[13]  Sunny Fugate,et al.  Game theory for adaptive defensive cyber deception , 2018, HotSoS.

[14]  Gary B. Lamont,et al.  Hypergame Theory: A Model for Conflict, Misperception, and Deception , 2015 .

[15]  Sushil Jajodia,et al.  Moving Target Defense - Creating Asymmetric Uncertainty for Cyber Threats , 2011, Moving Target Defense.

[16]  Qi Wang,et al.  A two-layer game theoretical attack-defense model for a false data injection attack against power systems , 2019, International Journal of Electrical Power & Energy Systems.

[17]  Lawrence Carin,et al.  Cybersecurity Strategies: The QuERIES Methodology , 2008, Computer.

[18]  Ejaz Ahmed,et al.  Securing software defined networks: taxonomy, requirements, and open issues , 2015, IEEE Communications Magazine.