3,566 research outputs found
Game Theory Meets Network Security: A Tutorial at ACM CCS
The increasingly pervasive connectivity of today's information systems brings
up new challenges to security. Traditional security has accomplished a long way
toward protecting well-defined goals such as confidentiality, integrity,
availability, and authenticity. However, with the growing sophistication of the
attacks and the complexity of the system, the protection using traditional
methods could be cost-prohibitive. A new perspective and a new theoretical
foundation are needed to understand security from a strategic and
decision-making perspective. Game theory provides a natural framework to
capture the adversarial and defensive interactions between an attacker and a
defender. It provides a quantitative assessment of security, prediction of
security outcomes, and a mechanism design tool that can enable
security-by-design and reverse the attacker's advantage. This tutorial provides
an overview of diverse methodologies from game theory that includes games of
incomplete information, dynamic games, mechanism design theory to offer a
modern theoretic underpinning of a science of cybersecurity. The tutorial will
also discuss open problems and research challenges that the CCS community can
address and contribute with an objective to build a multidisciplinary bridge
between cybersecurity, economics, game and decision theory
Securing SDN controlled IoT Networks Through Edge-Blockchain
The Internet of Things (IoT) connected by Software Defined Networking (SDN) promises to bring great benefits to cyber-physical systems. However, the increased attack surface offered by the growing number of connected vulnerable devices and separation of SDN control and data planes could overturn the huge benefits of such a system. This paper addresses the vulnerability of the trust relationship between the control and data planes. To meet this aim, we propose an edge computing based blockchain-as-a-service (BaaS), enabled by an external BaaS provider. The proposed solution provides verification of inserted flows through an efficient, edge-distributed, blockchain solution. We study two scenarios for the blockchain reward purpose: (a) information symmetry, in which the SDN operator has direct knowledge of the real effort spent by the BaaS provider; and (b) information asymmetry, in which the BaaS provider controls the exposure of information regarding spent effort. The latter yields the so called “moral hazard”, where the BaaS may claim higher than actual effort. We develop a novel mathematical model of the edge BaaS solution; and propose an innovative algorithm of a fair reward scheme based on game theory that takes into account moral hazard. We evaluate the viability of our solution through analytical simulations. The results demonstrate the ability of the proposed algorithm to maximize the joint profits of the BaaS and the SDN operator, i.e. maximizing the social welfare
- …