Nonfunctional Requirements Validation-A Game Theoretic Approach

Abstract-Network Security requirements have recently gained widespread attention in the requirements engineering community. Despite this, it is not yet clear how to systematically validate these requirements given the complexity and uncertainty characterizing modern networks. Traditionally, network security requirements specification has been the results of a reactive process. This however, limited the immunity property of the software systems that depended on these networks. Security requirements specification prerequisite a proactive approach. Networks' infrastructure is constantly under attack by hackers and malicious software that aim to break into computers. To combat these threats, network designers need sophisticated security validation techniques that will guarantee the minimum level of security for their future networks. To that end, this paper presents a game-theoretic approach to security requirements validation. An introduction to game theory is presented along with a case study that demonstrates the application of the approach in a hypothetical network topology

Security in network games

Attacks on the Internet are characterized by several alarming trends: 1) increases in frequency; 2) increases in speed; and 3) increases in severity. Modern computer worms simply propagate too quickly for human detection. Since attacks are now occurring at a speed which prevents direct human intervention, there is a need to develop automated defenses. Since the financial, social and political stakes are so high, we need defenses which are provably good against worst case attacks and are not too costly to deploy. In this dissertation we present two approaches to tackle these problems. For the first part of the dissertation we consider a game between an alert and a worm over a large network. We show, for this game, that it is possible to design an algorithm for the alerts that can prevent any worm from infecting more than a vanishingly small fraction of the nodes with high probability. Critical to our result is designing a communication network for spreading the alerts that has high expansion. The expansion of the network is related to the gap between the 1st and 2nd eigenvalues of the adjacency matrix. Intuitively high expansion ensures redundant connectivity. We also present results simulating our algorithm on networks of size up to $2^{25}$. In the second part of this dissertation we consider the virus inoculation game which models the selfish behavior of the nodes involved. We present a technique for this game which makes it possible to achieve the \u27windfall of malice\u27 even without the actual presence of malicious players. We also show the limitations of this technique for congestion games that are known to have a windfall of malice

Management and Services

Management in all business areas and organisational activities are the acts of getting people together to accomplish desired goals and objectives. Service is intangible, therefore, it is not too easy to define the theory application in varieties of service industries. Service Management usually incorporates automated systems along with skilled labour; it also provides service development. Due to enormous demand of service industries and management development, the book under the title "Management and Services" would create a milestone in management arena for all categories of readers including Business Administration, Engineering and Architecture. This book covers educational service development, service-oriented-architecture and case research analysis, including theory application in network security, GRID technology, integrated circuit application. The book is comprised of five chapters and has been divided into two parts. Part A contains chapters on service development in educational institutions and it depicts the application of supply chain management concept in service industries like tertiary educational institutions and multiple ways of web 2.0 applications transforming learning patterns and pathways. To understand the subject in a practical manner, Part B of this book consists of noteworthy case studies and research papers on management and services and represents theory application of Data mining, Fuzzy Cluster, Game theory, GRID Technology, simulation of Operational Amplifier and Current Controlled Conveyor II in network security, architecture, and integrated circuit application

Stochastic Games on Graphs

Tohoku University田中一之課

A Network Game with Attacker and Protector Entities

Consider an information network with harmful procedures called attackers (e.g., viruses); each attacker uses a probability distribution to choose a node of the network to damage. Opponent to the attackers is the system protector scanning and cleaning from attackers some part of the network (e.g., an edge or a path), which it chooses independently using another probability distribution. Each attacker wishes to maximize the probability of escaping its cleaning by the system protector; towards a conflicting objective, the system protector aims at maximizing the expected number of cleaned attackers. We model this network scenario as a non-cooperative strategic game on graphs. We focus on the special case where the protector chooses a single edge. We are interested in the associated Nash equilibria, where no network entity can unilaterally improve its local objective. We obtain the following results: • No instance of the game possesses a pure Nash equilibrium. • Every mixed Nash equilibrium enjoys a graph-theoretic structure, which enables a (typically exponential) algorithm to compute it