Game theoretical security detection strategy for networked systems

Abstract In this paper, a game theoretical analysis method is presented to provide the optimal security detection strategies for heterogeneous networked systems. A two-stage game model is firstly established, in which the attacker and defender are considered as two players. In the first stage, the two players make decisions on whether to execute the attack/monitoring actions or to keep silence for each network unit. In the second stage, two important strategic varibles, i.e. the attack intensity and detection threshold, are cautiously determined. The necessary and sufficient conditions to ensure the existence of the Nash equilibriums for the game with complete information are rigorously analyzed. The results reflect that with limited resources and capacities, the defender (attacker) tends to perform defense (attack) actions and further allocate more defense (less attack) resources to the units with larger assets. Besides, Bayesian and robust Nash equilibrium analysis is provided for the game with incomplete information. Finally, a sampling based Nash equilibrium verification and calculation approach is proposed for the game model with continuous kernels. Thus the convexity restrictions can be relaxed and the computational complexity is effectively reduced, with comparison to the existing recursive calculation methods. Numerical examples are given to validate our theoretical results.

[1]  Marcel Staroswiecki,et al.  Fault recoverability and fault tolerant control for a class of interconnected nonlinear systems , 2015, Autom..

[2]  K. J. Ray Liu,et al.  Indirect Reciprocity Security Game for Large-Scale Wireless Networks , 2012, IEEE Transactions on Information Forensics and Security.

[3]  J. Goodman Note on Existence and Uniqueness of Equilibrium Points for Concave N-Person Games , 1965 .

[4]  Tansu Alpcan,et al.  Stochastic games for security in networks with interdependent nodes , 2009, 2009 International Conference on Game Theory for Networks.

[5]  T. Basar,et al.  Relaxation techniques and asynchronous algorithms for on-line computation of noncooperative equilibria , 1987, 26th IEEE Conference on Decision and Control.

[6]  Hossam Afifi,et al.  Game Theoretic Framework for Reputation-Based Distributed Intrusion Detection , 2013, 2013 International Conference on Social Computing.

[7]  Lin Chen,et al.  A Game Theoretical Framework on Intrusion Detection in Heterogeneous Networks , 2009, IEEE Transactions on Information Forensics and Security.

[8]  David K. Y. Yau,et al.  Markov Game Analysis for Attack-Defense of Power Networks Under Possible Misinformation , 2013, IEEE Transactions on Power Systems.

[9]  Cristina Comaniciu,et al.  A Bayesian game approach for intrusion detection in wireless ad hoc networks , 2006, GameNets '06.

[10]  Jianliang Wang,et al.  Output feedback control of networked control systems with packet dropouts in both channels , 2013, Inf. Sci..

[11]  Andrey Garnaev,et al.  Anti-jamming Strategy Versus a Low-Power Jamming Attack When Intelligence of Adversary’s Attack Type is Unknown , 2016, IEEE Transactions on Signal and Information Processing over Networks.

[12]  Quanyan Zhu,et al.  Game theory meets network security and privacy , 2013, CSUR.

[13]  Chun-Hung Richard Lin,et al.  Intrusion detection system: A comprehensive review , 2013, J. Netw. Comput. Appl..

[14]  Jie Wu,et al.  Attack and Flee: Game-Theory-Based Analysis on Interactions Among Nodes in MANETs , 2010, IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics).

[15]  Gabriel Maciá-Fernández,et al.  Anomaly-based network intrusion detection: Techniques, systems and challenges , 2009, Comput. Secur..

[16]  Francis Minhthang Bui,et al.  A Game-Theoretic Framework for Robust Optimal Intrusion Detection in Wireless Sensor Networks , 2014, IEEE Transactions on Information Forensics and Security.

[17]  Qing Li,et al.  A game theoretic approach to detect and co-exist with malicious nodes in wireless networks , 2014, Comput. Networks.

[18]  Quanyan Zhu,et al.  Network Security Configurations: A Nonzero-Sum Stochastic Game Approach , 2010, Proceedings of the 2010 American Control Conference.

[19]  Quanyan Zhu,et al.  GUIDEX: A Game-Theoretic Incentive-Based Mechanism for Intrusion Detection Networks , 2012, IEEE Journal on Selected Areas in Communications.

[20]  Tansu Alpcan,et al.  Security games with decision and observation errors , 2010, Proceedings of the 2010 American Control Conference.

[21]  Tansu Alpcan,et al.  Security Games with Incomplete Information , 2009, 2009 IEEE International Conference on Communications.

[22]  Symeon Papavassiliou,et al.  Network intrusion and fault detection: a statistical anomaly approach , 2002, IEEE Commun. Mag..

[23]  Anthony Ephremides,et al.  Jamming games in wireless networks with incomplete information , 2011, IEEE Communications Magazine.

[24]  Karl Henrik Johansson,et al.  Distributed fault detection for interconnected second-order systems , 2011, Autom..

[25]  S. Shankar Sastry,et al.  Security of interdependent and identical networked control systems , 2013, Autom..

[26]  Koorosh Firouzbakht,et al.  Linearly Constrained Bimatrix Games in Wireless Communications , 2015, IEEE Transactions on Communications.

[27]  Tamer Basar,et al.  Distributed algorithms for the computation of noncooperative equilibria , 1987, Autom..

[28]  Rajgopal Kannan,et al.  CSI Usage over Parallel Fading Channels under Jamming Attacks: A Game Theory Study , 2012, IEEE Transactions on Communications.

[29]  Masao Fukushima,et al.  Newton’s method for computing a normalized equilibrium in the generalized Nash game through fixed point formulation , 2012, Math. Program..

[30]  Anthony Ephremides,et al.  MAC games for distributed wireless network security with incomplete information of selfish and malicious user types , 2009, 2009 International Conference on Game Theory for Networks.

[31]  K. J. Ray Liu,et al.  Secure Cooperation in Autonomous Mobile Ad-Hoc Networks Under Noise and Imperfect Monitoring: A Game-Theoretic Approach , 2008, IEEE Transactions on Information Forensics and Security.

[32]  Jun Wang,et al.  Passivity of Switched Recurrent Neural Networks With Time-Varying Delays , 2015, IEEE Transactions on Neural Networks and Learning Systems.

[33]  William H. Sanders,et al.  RRE: A Game-Theoretic Intrusion Response and Recovery Engine , 2014, IEEE Trans. Parallel Distributed Syst..

[34]  Tansu Alpcan,et al.  Network Security , 2010 .

[35]  Vijay K. Garg,et al.  Fault Tolerance in Distributed Systems Using Fused Data Structures , 2013, IEEE Transactions on Parallel and Distributed Systems.

[36]  Marios M. Polycarpou,et al.  A Distributed Fault Detection Filtering Approach for a Class of Interconnected Continuous-Time Nonlinear Systems , 2013, IEEE Transactions on Automatic Control.

[37]  Wanlei Zhou,et al.  Traceback of DDoS Attacks Using Entropy Variations , 2011, IEEE Transactions on Parallel and Distributed Systems.

[38]  Yang Xiao,et al.  Game Theory for Network Security , 2013, IEEE Communications Surveys & Tutorials.

[39]  Ehab Al-Shaer,et al.  Information theoretic feature space slicing for statistical anomaly detection , 2014, J. Netw. Comput. Appl..

[40]  Zidong Wang,et al.  Distributed Filtering for Switched Nonlinear Positive Systems With Missing Measurements Over Sensor Networks , 2016, IEEE Sensors Journal.

[41]  Mainak Chatterjee,et al.  Attacker Detection Game in Wireless Networks with Channel Uncertainty , 2010, 2010 IEEE International Conference on Communications.

[42]  Chase Qishi Wu,et al.  A Survey of Game Theory as Applied to Network Security , 2010, 2010 43rd Hawaii International Conference on System Sciences.

[43]  Xi Fang,et al.  Coping with a Smart Jammer in Wireless Networks: A Stackelberg Game Approach , 2013, IEEE Transactions on Wireless Communications.

[44]  David Bateman,et al.  A Game Theoretical Analysis of Data Confidentiality Attacks on Smart-Grid AMI , 2014, IEEE Journal on Selected Areas in Communications.