Game Theory Meets Network Security: A Tutorial at ACM CCS

The increasingly pervasive connectivity of today's information systems brings up new challenges to security. Traditional security has accomplished a long way toward protecting well-defined goals such as confidentiality, integrity, availability, and authenticity. However, with the growing sophistication of the attacks and the complexity of the system, the protection using traditional methods could be cost-prohibitive. A new perspective and a new theoretical foundation are needed to understand security from a strategic and decision-making perspective. Game theory provides a natural framework to capture the adversarial and defensive interactions between an attacker and a defender. It provides a quantitative assessment of security, prediction of security outcomes, and a mechanism design tool that can enable security-by-design and reverse the attacker's advantage. This tutorial provides an overview of diverse methodologies from game theory that includes games of incomplete information, dynamic games, mechanism design theory to offer a modern theoretic underpinning of a science of cybersecurity. The tutorial will also discuss open problems and research challenges that the CCS community can address and contribute with an objective to build a multidisciplinary bridge between cybersecurity, economics, game and decision theory

Mean Field Equilibrium in Dynamic Games with Complementarities

We study a class of stochastic dynamic games that exhibit strategic complementarities between players; formally, in the games we consider, the payoff of a player has increasing differences between her own state and the empirical distribution of the states of other players. Such games can be used to model a diverse set of applications, including network security models, recommender systems, and dynamic search in markets. Stochastic games are generally difficult to analyze, and these difficulties are only exacerbated when the number of players is large (as might be the case in the preceding examples). We consider an approximation methodology called mean field equilibrium to study these games. In such an equilibrium, each player reacts to only the long run average state of other players. We find necessary conditions for the existence of a mean field equilibrium in such games. Furthermore, as a simple consequence of this existence theorem, we obtain several natural monotonicity properties. We show that there exist a "largest" and a "smallest" equilibrium among all those where the equilibrium strategy used by a player is nondecreasing, and we also show that players converge to each of these equilibria via natural myopic learning dynamics; as we argue, these dynamics are more reasonable than the standard best response dynamics. We also provide sensitivity results, where we quantify how the equilibria of such games move in response to changes in parameters of the game (e.g., the introduction of incentives to players).Comment: 56 pages, 5 figure

A Multi-Game Framework for Harmonized LTE-U and WiFi Coexistence over Unlicensed Bands

The introduction of LTE over unlicensed bands (LTE-U) will enable LTE base stations (BSs) to boost their capacity and offload their traffic by exploiting the underused unlicensed bands. However, to reap the benefits of LTE-U, it is necessary to address various new challenges associated with LTE-U and WiFi coexistence. In particular, new resource management techniques must be developed to optimize the usage of the network resources while handling the interdependence between WiFi and LTE users and ensuring that WiFi users are not jeopardized. To this end, in this paper, a new game theoretic tool, dubbed as \emph{multi-game} framework is proposed as a promising approach for modeling resource allocation problems in LTE-U. In such a framework, multiple, co-existing and coupled games across heterogeneous channels can be formulated to capture the specific characteristics of LTE-U. Such games can be of different properties and types but their outcomes are largely interdependent. After introducing the basics of the multi-game framework, two classes of algorithms are outlined to achieve the new solution concepts of multi-games. Simulation results are then conducted to show how such a multi-game can effectively capture the specific properties of LTE-U and make of it a "friendly" neighbor to WiFi.Comment: Accepted for publication at IEEE Wireless Communications Magazine, Special Issue on LTE in Unlicensed Spectru

Individual Security and Network Design with Malicious Nodes

Networks are beneficial to those being connected but can also be used as carriers of contagious hostile attacks. These attacks are often facilitated by exploiting corrupt network users. To protect against the attacks, users can resort to costly defense. The decentralized nature of such protection is known to be inefficient but the inefficiencies can be mitigated by a careful network design. Is network design still effective when not all users can be trusted? We propose a model of network design and defense with byzantine nodes to address this question. We study the optimal defended networks in the case of centralized defense and, for the case of decentralized defense, we show that the inefficiencies due to decentralization can be fully mitigated, despite the presence of the byzantine nodes.Comment: 19 pages, 3 figure