To protect the systems exposed to the Internet against attacks, a security system with the capability to engage with the attacker is needed. There have been attempts to model the engagement/interactions between users, both benign and malicious, and network administrators as games. Building on such works, we present a game model which is generic enough to capture various modes of such interactions. The model facilitates stochastic games with imperfect information. The information is imperfect due to erroneous sensors leading to incorrect perception of the current state by the players. To model this error in perception distributed over other multiple states, we use Euclidean distances between the outputs of the sensors. We build a 5-state game to represent the interaction of the administrator with the user. The states correspond to 1) the user being out of the system in the Internet, and after logging in to the system; 2) having low privileges; 3) having high privileges; 4) when he successfully attacks and 5) gets trapped in a honeypot by the administrator. Each state has its own action set. We present the game with a distinct perceived action set corresponding to each distinct information set of these states. The model facilitates stochastic games with imperfect information. The imperfect information is due to erroneous sensors leading to incorrect perception of the current state by the players. To model this error in perception distributed over the states, we use Euclidean distances between outputs of the sensors. A numerical simulation of an example game is presented to show the evaluation of rewards to the players and the preferred strategies. We also present the conditions for formulating the strategies when dealing with more than one attacker and making collaborations.
References
[1]
Shandilya, V. and Shiva, S. (2013) Security in the Cloud Based Systems: A Structure and Its Breaches. ICITST, London.
[2]
Zhang, M., Zheng, Z. and Shro, N.B. (2015) A Game Theoretic Model for Defending Against Stealthy Attacks with Limited Resources. Springer International Publishing, Cham, 93-112.
[3]
Lye, K.-W. and Wing, J.M. (2005) Game Strategies in Network Security. International Journal of Information Security, 4, 71-86. https://doi.org/10.1007/s10207-004-0060-x
[4]
Roy, S., Ellis, C., Shiva, S., Dasgupta, D., Shandilya, V. and Wu, Q. (2010) A Survey of Game Theory as Applied to Network Security. 43rd Hawaii International Conference on System Sciences, Honolulu, 5-8 January 2010, 1-10. https://doi.org/10.1109/HICSS.2010.35
[5]
Shiva, S., Roy, S., Bedi, H., Dasgupta, D. and Wu, Q. (2010) A Stochastic Game with Imperfect Information for Cyber Security. 5th International Conference on I-Warfare & Security (ICIW), Dayton, 8-9 April 2010, 308-319.
[6]
Nochenson, A. and Heimann, C.F.L. (2012) Simulation and Game-Theoritic Analysis of Attacker-Defender Game. In: Grossklags, J. and Walrand, J.C., Eds., GameSec, Lecture Notes in Computer Science, Springer, Berlin, 138-151.
[7]
Simmons, C., Shiva, S., Bedi, H. and Shandilya, V. (2013) A Game Inspired Attack-Defense and Performance Metric Taxonomy. In: Janczewski, L.J., Wolfe, H.B. and Shenoi, S.-J., Eds., 28th Security and Privacy Protection in Information Processing Systems (SEC), Springer, Auckland.
[8]
Manshaei, M., Zhu, Q., Alpcan, T., Basar, T. and Hubaux, J.-P. (2013) Game Theory Meets Network Security and Privacy. ACM Surveys, 45, Article ID: No. 25. https://doi.org/10.1145/2480741.2480742
[9]
Lu, W., Xu, S. and Yi, X. (2013) Optimizing Active Cyber Defense. In: Das, S.K., Nita-Rotaru, C. and Kantarcioglu, M., Eds., GameSec, 8252, Springer, Berlin, 206-225. https://doi.org/10.1007/978-3-319-02786-9_13
[10]
Carter, K.M., Okhravi, H. and Riordan, J. (2014) Quantitative Analysis of Active Cyber Defenses Based on Temporal Platform Diversity. Cornell University, New York.
[11]
Khouzani, M.H.R., Sarkar, S. and Altman, E. (2011) A Dynamic Game Solution to Malware Attack. 2011 Proceedings IEEE INFOCOM, Shanghai, 10-15 April 2011, 2138-2146. https://doi.org/10.1109/INFCOM.2011.5935025
[12]
Moayedi, B.Z. and Azgomi, M.A. (2012) A Game Theoretic Framework for Evaluation of the Impacts of Hackers Diversity on Security Measures. Reliability Engineering and System Safety, 99, 45-54. https://doi.org/10.1016/j.ress.2011.11.001
[13]
Ma, C.Y.T., Rao, N.S.V. and Yau, D.K.Y. (2011) A Game Theoretic Study of Attack and Defense in Cyber-Physical Systems. 2011 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), Shanghai, 10-15 April 2011, 708-713. https://doi.org/10.1109/INFCOMW.2011.5928904
[14]
Chen, X., Deng, X. and Teng, S.-H. (2009) Settling the Complexity of Computing Two-Player Nash Equilibria. Journal of the ACM, 56, 14:1-14:57. https://doi.org/10.1145/1516512.1516516
[15]
Papadimitriou, C.H. (1994) On the Complexity of the Parity Argument and Other Incident Proofs of Existence. Journal of Computer and System Sciences, 48, 498-532. https://doi.org/10.1016/S0022-0000(05)80063-7
[16]
Prasad, H., Prashanth, L. and Bhatnagar, S. (2014) Algorithms for Nash Equilibria in General-Sum Stochastic Games. ArXiv, Cornell University, New York.
[17]
Hota, A.R. and Sundaram, S. (2016) Interdependent Security Games on Networks under Behavioral Probability Weighting. IEEE Transactions on Control of Network Systems, No. 99, 1. https://doi.org/10.1109/TCNS.2016.2600484
[18]
Shiva, S., Dharam, R. and Shandilya, V. (2011) Runtime Monitors as Sensors of Security Systems. IASTED, Dallas.
[19]
Lisy, V., Pibil, R., Stiborek, J., Bosansky, B. and Pechoucek, M. (2012) Game-Theoretic Approach to Adversarial Plan Recognition. ECAI’12 Proceedings of the 20th European Conference on Artificial Intelligence, Montpellier, 27-31August 2012, 546-551.
[20]
Dritsoula, L., Loiseau, P. and Musacchio, J. (2012) Computing the Nash Equilibria of Intruder Classication Games. GameSec, 7638, 78-97.
[21]
Hota, A.R., Clements, A.A., Sundaram, S. and Bagchi, S. (2016) Optimal and Game-Theoretic Deployment of Security Investments in Interdependent Assets. International Conference on Decision and Game Theory for Security, Springer, New York, 101-113. https://doi.org/10.1007/978-3-319-47413-7_6
[22]
Filar, J. and Vrieze, K. (1997) Competitive Markov Decision Processes. Springer-Verlag, New York.
