6,680 research outputs found
Game Theory Meets Network Security: A Tutorial at ACM CCS
The increasingly pervasive connectivity of today's information systems brings
up new challenges to security. Traditional security has accomplished a long way
toward protecting well-defined goals such as confidentiality, integrity,
availability, and authenticity. However, with the growing sophistication of the
attacks and the complexity of the system, the protection using traditional
methods could be cost-prohibitive. A new perspective and a new theoretical
foundation are needed to understand security from a strategic and
decision-making perspective. Game theory provides a natural framework to
capture the adversarial and defensive interactions between an attacker and a
defender. It provides a quantitative assessment of security, prediction of
security outcomes, and a mechanism design tool that can enable
security-by-design and reverse the attacker's advantage. This tutorial provides
an overview of diverse methodologies from game theory that includes games of
incomplete information, dynamic games, mechanism design theory to offer a
modern theoretic underpinning of a science of cybersecurity. The tutorial will
also discuss open problems and research challenges that the CCS community can
address and contribute with an objective to build a multidisciplinary bridge
between cybersecurity, economics, game and decision theory
Active Cyber Defense Dynamics Exhibiting Rich Phenomena
The Internet is a man-made complex system under constant attacks (e.g.,
Advanced Persistent Threats and malwares). It is therefore important to
understand the phenomena that can be induced by the interaction between cyber
attacks and cyber defenses. In this paper, we explore the rich phenomena that
can be exhibited when the defender employs active defense to combat cyber
attacks. To the best of our knowledge, this is the first study that shows that
{\em active cyber defense dynamics} (or more generally, {\em cybersecurity
dynamics}) can exhibit the bifurcation and chaos phenomena. This has profound
implications for cyber security measurement and prediction: (i) it is
infeasible (or even impossible) to accurately measure and predict cyber
security under certain circumstances; (ii) the defender must manipulate the
dynamics to avoid such {\em unmanageable situations} in real-life defense
operations.Comment: Proceedings of 2015 Symposium on the Science of Security (HotSoS'15
Allocating Limited Resources to Protect a Massive Number of Targets using a Game Theoretic Model
Resource allocation is the process of optimizing the rare resources. In the
area of security, how to allocate limited resources to protect a massive number
of targets is especially challenging. This paper addresses this resource
allocation issue by constructing a game theoretic model. A defender and an
attacker are players and the interaction is formulated as a trade-off between
protecting targets and consuming resources. The action cost which is a
necessary role of consuming resource, is considered in the proposed model.
Additionally, a bounded rational behavior model (Quantal Response, QR), which
simulates a human attacker of the adversarial nature, is introduced to improve
the proposed model. To validate the proposed model, we compare the different
utility functions and resource allocation strategies. The comparison results
suggest that the proposed resource allocation strategy performs better than
others in the perspective of utility and resource effectiveness.Comment: 14 pages, 12 figures, 41 reference
Hidden and Uncontrolled - On the Emergence of Network Steganographic Threats
Network steganography is the art of hiding secret information within innocent
network transmissions. Recent findings indicate that novel malware is
increasingly using network steganography. Similarly, other malicious activities
can profit from network steganography, such as data leakage or the exchange of
pedophile data. This paper provides an introduction to network steganography
and highlights its potential application for harmful purposes. We discuss the
issues related to countering network steganography in practice and provide an
outlook on further research directions and problems.Comment: 11 page
- …