149,174 research outputs found
Cluster Based Wireless Sensor Network Security Model Using Game Theory and Risk Assessment
The purpose of this thesis is to model an appropriate response to an attack in a wireless sensor network by implementing game theory concepts coupled with risk assessment. In contrast to the widely analyzed key management techniques which involve computation and communication overhead, the security model is designed as a non-cooperative game between the attacker and the network. By creating and using a model that uses a risk assessment model to quantify risk and employing a cost-payoff relation of the game theory for decision making better resource utilization and better security can be achieved. The risk assessment model integrated with a game theoretic framework is investigated for efficiently securing a wireless sensor network. A new methodology to effectively estimate risk based on the threat and damage values, using fuzzy logic has been introduced. The cost of defending a node and the related gain in payoff with respect to the objective of the network was considered while analyzing the game. The game model reduces the computational overhead with nodes by moving the decision making to cluster heads. By choosing appropriate utility parameters and payoff function the network can secure itself efficiently.Computer Science Departmen
ADAPT: A Game Inspired Attack-Defense And Performance Metric Taxonomy
Abstract. Game theory has been researched extensively in network security demonstrating an advantage of modeling the interactions between attackers and defenders. Game theoretic defense solutions have continuously evolved in most recent years. One of the pressing issues in composing a game theoretic defense system is the development of consistent quantifiable metrics to select the best game theoretic defense model. We survey existing game theoretic defense, information assurance, and risk assessment frameworks that provide metrics for information and network security and performance assessment. Coupling these frameworks, we propose a game theoretic approach to attack-defense and performance metric taxonomy (ADAPT). ADAPT uses three classifications of metrics: (i) Attacker, (ii) Defender (iii) Performance. We proffer ADAPT with an attempt to aid game theoretic performance metrics. We further propose a game decision system (GDS) that uses ADAPT to compare competing game models. We demonstrate our approach using a distributed denial of service (DDoS) attack scenario. Keywords: Game Theory, Taxonomy, Security Management INTRODUCTION Game theory has received increased attention from network security researchers, investigating defense solutions. The game theory approach has the advantage of modeling the interactions between attackers and defenders, where players have the ability to analyze other player's behavior. This may enable an administrator to develop better strategic defenses for the system. For instance, when there are many actions available to the attacker and defender, it becomes difficult to develop solution strategies. Hamilton, et al. [1] outlined the areas of game theory which are relevant to information warfare using course of actions with predicted outcomes and what-if scenarios. Jiang, et al. In this paper, we attempt to address limitations in research through the proposed game theoretic attack-defense and performance metric taxonomy (ADAPT), which is a taxonomy of game related metrics. We define a game as the interactions between two players with conflicting goals. In our case these players are the attacker (hacker) and system administrator (defender). Game metrics are a set of tools which are used to measure the various kinds of impact a game model has on each of its players. We classify these game metrics based on their impact on attacker, defender, and the performance of the game model on the system which is being run. Prior research has shown, with the use of game theory, how the interaction should take place based on the strategy and the strategy selected from the game model. In this traditional scenario one game model is assessed relative to a particular attack. He, et al. [6] proposed a Game Theoretical Attack-Defense Model (GTADM), similar to ADAPT, that quantifies the probability of threats in constructing a risk assessment framework. We extend these general game theory steps and concepts proposed in He, et al. [6] with the use of ADAPT being able to assess competing game models and select the game model which is suitable for defense. This provides a defender with a preliminary view of multiple game models associated to a particular attack
Toward optimal multi-objective models of network security: Survey
Information security is an important aspect of a successful business today. However, financial difficulties and budget cuts create a problem of selecting appropriate security measures and keeping networked systems up and running. Economic models proposed in the literature do not address the challenging problem of security countermeasure selection. We have made a classification of security models, which can be used to harden a system in a cost effective manner based on the methodologies used. In addition, we have specified the challenges of the simplified risk assessment approaches used in the economic models and have made recommendations how the challenges can be addressed in order to support decision makers
Towards optimal multi-objective models of network security: survey
Information security is an important aspect of a successful business today. However, financial difficulties and budget cuts create a problem of selecting appropriate security measures and keeping networked systems up and running. Economic models proposed in the literature do not address the challenging problem of security countermeasure selection. We have made a classification of security models, which can be used to harden a system in a cost effective manner based on the methodologies used. In addition, we have specified the challenges of the simplified risk assessment approaches used in the economic models and have made recommendations how the challenges can be addressed in order to support decision makers
Game Theory Meets Network Security: A Tutorial at ACM CCS
The increasingly pervasive connectivity of today's information systems brings
up new challenges to security. Traditional security has accomplished a long way
toward protecting well-defined goals such as confidentiality, integrity,
availability, and authenticity. However, with the growing sophistication of the
attacks and the complexity of the system, the protection using traditional
methods could be cost-prohibitive. A new perspective and a new theoretical
foundation are needed to understand security from a strategic and
decision-making perspective. Game theory provides a natural framework to
capture the adversarial and defensive interactions between an attacker and a
defender. It provides a quantitative assessment of security, prediction of
security outcomes, and a mechanism design tool that can enable
security-by-design and reverse the attacker's advantage. This tutorial provides
an overview of diverse methodologies from game theory that includes games of
incomplete information, dynamic games, mechanism design theory to offer a
modern theoretic underpinning of a science of cybersecurity. The tutorial will
also discuss open problems and research challenges that the CCS community can
address and contribute with an objective to build a multidisciplinary bridge
between cybersecurity, economics, game and decision theory
Multi-Layer Cyber-Physical Security and Resilience for Smart Grid
The smart grid is a large-scale complex system that integrates communication
technologies with the physical layer operation of the energy systems. Security
and resilience mechanisms by design are important to provide guarantee
operations for the system. This chapter provides a layered perspective of the
smart grid security and discusses game and decision theory as a tool to model
the interactions among system components and the interaction between attackers
and the system. We discuss game-theoretic applications and challenges in the
design of cross-layer robust and resilient controller, secure network routing
protocol at the data communication and networking layers, and the challenges of
the information security at the management layer of the grid. The chapter will
discuss the future directions of using game-theoretic tools in addressing
multi-layer security issues in the smart grid.Comment: 16 page
- âŠ