On the Tradeoff between Privacy and Utility in Collaborative Security-A Game Theoretical Approach

With the rapid development of sophisticated attack techniques, individual security systems which base all of their decisions and actions of attack prevention and response on their own observations and knowledge become incompetent. To cope with this problem, collaborative security that coordinates security entities to perform specific security actions is proposed and developed in literature. In collaborative security schemes, multiple entities collaborate with each other by sharing some security evidence or analysis results so as to make more effective and reasonable decisions. Nevertheless, the information exchange raises privacy concerns, especially for those privacy-sensitive entities. In order to obtain a quantitative understanding of the fundamental tradeoff between the effectiveness of collaboration and the entities’ privacy, a repeated two-layer single-leader multifollower game is proposed in this work. Based on our gametheoretic analysis, the expected behaviors of both the attacker and the security entities are derived and the utility-privacy tradeoff curve is obtained. In addition, the existence of Nash equilibrium (NE) is proved and an asynchronous dynamic update algorithm is proposed to compute the optimal collaboration strategies of the entities. Furthermore, the existence of Byzantine entities is considered and its influence is investigated. Finally, simulation results are shown to validate the analysis.

[1]  Max Mühlhäuser,et al.  SkipMon: A locality-aware Collaborative Intrusion Detection System , 2015, 2015 IEEE 34th International Performance Computing and Communications Conference (IPCCC).

[2]  Yang Liu,et al.  Collaborative Security , 2015, ACM Comput. Surv..

[3]  EMMANOUIL VASILOMANOLAKIS,et al.  Taxonomy and Survey of Collaborative Intrusion Detection , 2015, ACM Comput. Surv..

[4]  Wee Keong Ng,et al.  Privacy-preserving approach for sharing and processing intrusion alert data , 2015, 2015 IEEE Tenth International Conference on Intelligent Sensors, Sensor Networks and Information Processing (ISSNIP).

[5]  Nitin H. Vaidya,et al.  Iterative Byzantine Vector Consensus in Incomplete Graphs , 2013, ICDCN.

[6]  Nitin H. Vaidya,et al.  Byzantine vector consensus in complete graphs , 2013, PODC '13.

[7]  Gerald Tesauro,et al.  Playing repeated Stackelberg games with unknown opponents , 2012, AAMAS.

[8]  Andreas Haeberlen,et al.  Differential privacy for collaborative security , 2010, EUROSEC '10.

[9]  Lin Chen,et al.  A Game Theoretical Framework on Intrusion Detection in Heterogeneous Networks , 2009, IEEE Transactions on Information Forensics and Security.

[10]  Quanyan Zhu,et al.  A game-theoretical approach to incentive design in collaborative intrusion detection networks , 2009, 2009 International Conference on Game Theory for Networks.

[11]  Nicholas Bambos,et al.  Security Decision-Making among Interdependent Organizations , 2008, 2008 21st IEEE Computer Security Foundations Symposium.

[12]  M. Perles,et al.  A generalization of Tverberg's Theorem , 2007, 0710.4668.

[13]  Songwu Lu,et al.  SmartSiren: virus detection and alert for smartphones , 2007, MobiSys '07.

[14]  Peng Ning,et al.  A Flexible Approach to Intrusion Alert Anonymization and Correlation , 2006, 2006 Securecomm and Workshops.

[15]  Peng Ning,et al.  Privacy-preserving alert correlation: a concept hierarchy based approach , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).

[16]  M.E. Locasto,et al.  Towards collaborative security and P2P intrusion detection , 2005, Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop.

[17]  Vitaly Shmatikov,et al.  Privacy-Preserving Sharing and Correlation of Security Alerts , 2004, USENIX Security Symposium.

[18]  Ariel Rubinstein,et al.  A Course in Game Theory , 1995 .

[19]  Nancy A. Lynch,et al.  Impossibility of distributed consensus with one faulty process , 1985, JACM.

[20]  Leslie Lamport,et al.  The Byzantine Generals Problem , 1982, TOPL.

[21]  E. Jaynes Information Theory and Statistical Mechanics , 1957 .

[22]  Philip Gross,et al.  Secure "selecticast" for collaborative intrusion detection systems , 2004, ICSE 2004.