655 research outputs found
Individual Security and Network Design with Malicious Nodes
Networks are beneficial to those being connected but can also be used as
carriers of contagious hostile attacks. These attacks are often facilitated by
exploiting corrupt network users. To protect against the attacks, users can
resort to costly defense. The decentralized nature of such protection is known
to be inefficient but the inefficiencies can be mitigated by a careful network
design. Is network design still effective when not all users can be trusted? We
propose a model of network design and defense with byzantine nodes to address
this question. We study the optimal defended networks in the case of
centralized defense and, for the case of decentralized defense, we show that
the inefficiencies due to decentralization can be fully mitigated, despite the
presence of the byzantine nodes.Comment: 19 pages, 3 figure
A Survey of Interdependent Information Security Games
Risks faced by information system operators and users are not only determined by their own security posture, but are also heavily affected by the security-related decisions of others. This interdependence between information system operators and users is a fundamental property that shapes the efficiency of security defense solutions. Game theory is the most appropriate method to model the strategic interactions between these participants. In this survey, we summarize game-theoretic interdependence models, characterize the emerging security inefficiencies, and present mechanisms to improve the security decisions of the participants. We focus our attention on games with interdependent defenders and do not discuss two-player attackerdefender games. Our goal is to distill the main insights from the state-of-the-art and to identify the areas that need more attention from the research community
On Sparse Discretization for Graphical Games
This short paper concerns discretization schemes for representing and
computing approximate Nash equilibria, with emphasis on graphical games, but
briefly touching on normal-form and poly-matrix games. The main technical
contribution is a representation theorem that informally states that to account
for every exact Nash equilibrium using a nearby approximate Nash equilibrium on
a grid over mixed strategies, a uniform discretization size linear on the
inverse of the approximation quality and natural game-representation parameters
suffices. For graphical games, under natural conditions, the discretization is
logarithmic in the game-representation size, a substantial improvement over the
linear dependency previously required. The paper has five other objectives: (1)
given the venue, to highlight the important, but often ignored, role that work
on constraint networks in AI has in simplifying the derivation and analysis of
algorithms for computing approximate Nash equilibria; (2) to summarize the
state-of-the-art on computing approximate Nash equilibria, with emphasis on
relevance to graphical games; (3) to help clarify the distinction between
sparse-discretization and sparse-support techniques; (4) to illustrate and
advocate for the deliberate mathematical simplicity of the formal proof of the
representation theorem; and (5) to list and discuss important open problems,
emphasizing graphical-game generalizations, which the AI community is most
suitable to solve.Comment: 30 pages. Original research note drafted in Dec. 2002 and posted
online Spring'03 (http://www.cis.upenn.
edu/~mkearns/teaching/cgt/revised_approx_bnd.pdf) as part of a course on
computational game theory taught by Prof. Michael Kearns at the University of
Pennsylvania; First major revision sent to WINE'10; Current version sent to
JAIR on April 25, 201
Are Individuals Fickle-Minded?
Game theory has been used to model large-scale social events — such as constitutional law, democratic stability, standard setting, gender roles, social movements, communication, markets, the selection of officials by means of elections, coalition formation, resource allocation, distribution of goods, and war — as the aggregate result of individual choices in interdependent decision-making. Game theory in this way assumes methodological individualism. The widespread observation that game theory predictions do not in general match observation has led to many attempts to repair game theory by creating behavioral game theory, which adds corrective terms to the game theoretic predictions in the hope of making predictions that better match observations. But for game theory to be useful in making predictions, we must be able to generalize from an individual’s behavior in one situation to that individual’s behavior in very closely similar situations. In other words, behavioral game theory needs individuals to be reasonably consistent in action if the theory is to have predictive power. We argue on the basis of experimental evidence that the assumption of such consistency is unwarranted. More realistic models of individual agents must be developed that acknowledge the variance in behavior for a given individual
On a Generic Security Game Model
To protect the systems exposed to the Internet against attacks, a security
system with the capability to engage with the attacker is needed. There have
been attempts to model the engagement/interactions between users, both benign
and malicious, and network administrators as games. Building on such works, we
present a game model which is generic enough to capture various modes of such
interactions. The model facilitates stochastic games with imperfect
information. The information is imperfect due to erroneous sensors leading to
incorrect perception of the current state by the players. To model this error
in perception distributed over other multiple states, we use Euclidean
distances between the outputs of the sensors. We build a 5-state game to
represent the interaction of the administrator with the user. The states
correspond to 1) the user being out of the system in the Internet, and after
logging in to the system; 2) having low privileges; 3) having high privileges;
4) when he successfully attacks and 5) gets trapped in a honeypot by the
administrator. Each state has its own action set. We present the game with a
distinct perceived action set corresponding to each distinct information set of
these states. The model facilitates stochastic games with imperfect
information. The imperfect information is due to erroneous sensors leading to
incorrect perception of the current state by the players. To model this error
in perception distributed over the states, we use Euclidean distances between
outputs of the sensors. A numerical simulation of an example game is presented
to show the evaluation of rewards to the players and the preferred strategies.
We also present the conditions for formulating the strategies when dealing with
more than one attacker and making collaborations.Comment: 31 page
Interdependent Defense Games with Applications to Internet Security at the Level of Autonomous Systems
We propose interdependent defense (IDD) games, a computational game-theoretic framework to study aspects of the interdependence of risk and security in multi-agent systems under deliberate external attacks. Our model builds upon interdependent security (IDS) games, a model by Heal and Kunreuther that considers the source of the risk to be the result of a fixed randomized-strategy. We adapt IDS games to model the attacker’s deliberate behavior. We define the attacker’s pure-strategy space and utility function and derive appropriate cost functions for the defenders. We provide a complete characterization of mixed-strategy Nash equilibria (MSNE), and design a simple polynomial-time algorithm for computing all of them for an important subclass of IDD games. We also show that an efficient algorithm to determine whether some attacker’s strategy can be a part of an MSNE in an instance of IDD games is unlikely to exist. Yet, we provide a dynamic programming (DP) algorithm to compute an approximate MSNE when the graph/network structure of the game is a directed tree with a single source. We also show that the DP algorithm is a fully polynomial-time approximation scheme. In addition, we propose a generator of random instances of IDD games based on the real-world Internet-derived graph at the level of autonomous systems (≈27 K nodes and ≈100 K edges as measured in March 2010 by the DIMES project). We call such games Internet games. We introduce and empirically evaluate two heuristics from the literature on learning-in-games, best-response gradient dynamics (BRGD) and smooth best-response dynamics (SBRD), to compute an approximate MSNE in IDD games with arbitrary graph structures, such as randomly-generated instances of Internet games. In general, preliminary experiments applying our proposed heuristics are promising. Our experiments show that, while BRGD is a useful technique for the case of Internet games up to certain approximation level, SBRD is more efficient and provides better approximations than BRGD. Finally, we discuss several extensions, future work, and open problems
Decentralized Protection Strategies against SIS Epidemics in Networks
Defining an optimal protection strategy against viruses, spam propagation or
any other kind of contamination process is an important feature for designing
new networks and architectures. In this work, we consider decentralized optimal
protection strategies when a virus is propagating over a network through a SIS
epidemic process. We assume that each node in the network can fully protect
itself from infection at a constant cost, or the node can use recovery
software, once it is infected.
We model our system using a game theoretic framework and find pure, mixed
equilibria, and the Price of Anarchy (PoA) in several network topologies.
Further, we propose both a decentralized algorithm and an iterative procedure
to compute a pure equilibrium in the general case of a multiple communities
network. Finally, we evaluate the algorithms and give numerical illustrations
of all our results.Comment: accepted for publication in IEEE Transactions on Control of Network
System
- …