Optimal Scanning Bandwidth Strategy Incorporating Uncertainty about Adversary's Characteristics

In this paper we investigate the problem of designing a spectrum scanning strategy to detect an intelligent Invader who wants to utilize spectrum undetected for his/her unapproved purposes. To deal with this problem we model the situation as two games, between a Scanner and an Invader, and solve them sequentially. The first game is formulated to design the optimal (in maxmin sense) scanning algorithm, while the second one allows one to find the optimal values of the parameters for the algorithm depending on parameters of the network. These games provide solutions for two dilemmas that the rivals face. The Invader's dilemma consists of the following: the more bandwidth the Invader attempts to use leads to a larger payoff if he is not detected, but at the same time also increases the probability of being detected and thus fined. Similarly, the Scanner faces a dilemma: the wider the bandwidth scanned, the higher the probability of detecting the Invader, but at the expense of increasing the cost of building the scanning system. The equilibrium strategies are found explicitly and reveal interesting properties. In particular, we have found a discontinuous dependence of the equilibrium strategies on the network parameters, fine and the type of the Invader's award. This discontinuity of the fine means that the network provider has to take into account a human/social factor since some threshold values of fine could be very sensible for the Invader, while in other situations simply increasing the fine has minimal deterrence impact. Also we show how incomplete information about the Invader's technical characteristics and reward (e.g. motivated by using different type of application, say, video-streaming or downloading files) can be incorporated into scanning strategy to increase its efficiency.Comment: This is the last draft version of the paper. Revised version of the paper was published in EAI Endorsed Transactions on Mobile Communications and Applications, Vol. 14, Issue 5, 2014, doi=10.4108/mca.2.5.e6. arXiv admin note: substantial text overlap with arXiv:1310.724

A Game Theoretic Approach to Modelling Jamming Attacks in Delay Tolerant Networks

Cyberspace plays a prominent role in our social, economic and civic welfare and cyber security issues are of paramount importance today. Growing reliance of the intertwined military and civilian applications on wireless computer networks makes these networks highly vulnerable to attacks of which jamming attacks are a vital and exigent problem. In this paper, we study defence against jamming attacks as game in a delay tolerant network, with two adversarial players: the jammer playing against the transmitter. The transmitters seek to choose an optimal time to schedule his transmission securely, so as to maximize the probability of successful delivery before his session expires, while these transmissions are subject to inference from the jammer, who attempts to minimize this probability . We design strategies for the transmitters that offset transmission period based inference of network traffic by the jammer. We model these interactions and decisions as a game and use simulation as a tool to evaluate the games. Probability distribution functions over finite set of strategies are proposed to compute the expected payoff of both the players. Simulation results are used to evaluate the expected payoff along with the resulting equilibrium in cases where players are biased and unbiased. These results are used to strategically decide on the optimal time for both the players, and evaluate the efficiency of the strategies used by the transmitters against jammer attacks.

Approximation methods for infinite bayesian stackelberg games: Modeling distributional payoff uncertainty.

ABSTRACT Game theory is fast becoming a vital tool for reasoning about complex real-world security problems, including critical infrastructure protection. The game models for these applications are constructed using expert analysis and historical data to estimate the values of key parameters, including the preferences and capabilities of terrorists. In many cases, it would be natural to represent uncertainty over these parameters using continuous distributions (such as uniform intervals or Gaussians). However, existing solution algorithms are limited to considering a small, finite number of possible attacker types with different payoffs. We introduce a general model of infinite Bayesian Stackelberg security games that allows payoffs to be represented using continuous payoff distributions. We then develop several techniques for finding approximate solutions for this class of games, and show empirically that our methods offer dramatic improvements over the current state of the art, providing new ways to improve the robustness of security game models

Approximation methods for infinite bayesian stackelberg games: Modeling distributional payoff uncertainty.

ABSTRACT Game theory is fast becoming a vital tool for reasoning about complex real-world security problems, including critical infrastructure protection. The game models for these applications are constructed using expert analysis and historical data to estimate the values of key parameters, including the preferences and capabilities of terrorists. In many cases, it would be natural to represent uncertainty over these parameters using continuous distributions (such as uniform intervals or Gaussians). However, existing solution algorithms are limited to considering a small, finite number of possible attacker types with different payoffs. We introduce a general model of infinite Bayesian Stackelberg security games that allows payoffs to be represented using continuous payoff distributions. We then develop several techniques for finding approximate solutions for this class of games, and show empirically that our methods offer dramatic improvements over the current state of the art, providing new ways to improve the robustness of security game models

Information security research: External hacking, insider breach, and profound technologies

Information assets are one of the most valuable intangible productive capital for a company to compete with its rivals, to learn consumers’ shopping habits, to guide its development directions, and to standout to retain its profitability. However, with the Internet’s characteristic of pervasiveness, information breaches from both external hacking and internal corruption are continuously encroaching a company’s economic profit. This dissertation consists of three studies where each study investigates the different aspects of information security, and it is aimed to address the growing concern of securing a company’s information assets. The first study examines the external hackers’ behaviors and models a Bayesian game between a firm and two discrete types of hackers (domestic and international) based on the framework of Inspection Game. This study explains why external hackings, especially the international ones, are hard to prevent effectively. The second study is an empirical work and explores the other side of information security data breach, which is mainly due to insiders’ (e.g., employee) malicious deeds or noncompliance with information security policy. This study shows that individual reward and punishment together with 100% detection is the best incentive structure to reduce insider data breaches. In addition, the second study finds that individual reward is more effective than individual punishment, which can better explain why employees are more willing to spend time to comply with security policy when a reward is present. Lastly, the third study is a conceptual work and relies on the Theory of Bounded Rationality to discuss how the Blockchain technology can undermine the motivations of both external and internal intruders in order to prevent information breaches. Overall, this dissertation discusses the current issues of hacking, constructs a payment/incentive structure to regulate noncompliance, empirically tests the validity of the proposed structure, points out a solution to advance information security defense, and provides some managerial recommendations to practitioners

SYNERGY OF BUILDING CYBERSECURITY SYSTEMS

The development of the modern world community is closely related to advances in computing resources and cyberspace. The formation and expansion of the range of services is based on the achievements of mankind in the field of high technologies. However, the rapid growth of computing resources, the emergence of a full-scale quantum computer tightens the requirements for security systems not only for information and communication systems, but also for cyber-physical systems and technologies. The methodological foundations of building security systems for critical infrastructure facilities based on modeling the processes of behavior of antagonistic agents in security systems are discussed in the first chapter. The concept of information security in social networks, based on mathematical models of data protection, taking into account the influence of specific parameters of the social network, the effects on the network are proposed in second chapter. The nonlinear relationships of the parameters of the defense system, attacks, social networks, as well as the influence of individual characteristics of users and the nature of the relationships between them, takes into account. In the third section, practical aspects of the methodology for constructing post-quantum algorithms for asymmetric McEliece and Niederreiter cryptosystems on algebraic codes (elliptic and modified elliptic codes), their mathematical models and practical algorithms are considered. Hybrid crypto-code constructions of McEliece and Niederreiter on defective codes are proposed. They can significantly reduce the energy costs for implementation, while ensuring the required level of cryptographic strength of the system as a whole. The concept of security of corporate information and educational systems based on the construction of an adaptive information security system is proposed. ISBN 978-617-7319-31-2 (on-line)ISBN 978-617-7319-32-9 (print) ------------------------------------------------------------------------------------------------------------------ How to Cite: Yevseiev, S., Ponomarenko, V., Laptiev, O., Milov, O., Korol, O., Milevskyi, S. et. al.; Yevseiev, S., Ponomarenko, V., Laptiev, O., Milov, O. (Eds.) (2021). Synergy of building cybersecurity systems. Kharkiv: РС ТЕСHNOLOGY СЕNTЕR, 188. doi: http://doi.org/10.15587/978-617-7319-31-2 ------------------------------------------------------------------------------------------------------------------ Indexing:                    Розвиток сучасної світової спільноти тісно пов’язаний з досягненнями в області обчислювальних ресурсів і кіберпростору. Формування та розширення асортименту послуг базується на досягненнях людства у галузі високих технологій. Однак стрімке зростання обчислювальних ресурсів, поява повномасштабного квантового комп’ютера посилює вимоги до систем безпеки не тільки інформаційно-комунікаційних, але і до кіберфізичних систем і технологій. У першому розділі обговорюються методологічні основи побудови систем безпеки для об'єктів критичної інфраструктури на основі моделювання процесів поведінки антагоністичних агентів у систем безпеки. У другому розділі пропонується концепція інформаційної безпеки в соціальних мережах, яка заснована на математичних моделях захисту даних, з урахуванням впливу конкретних параметрів соціальної мережі та наслідків для неї. Враховуються нелінійні взаємозв'язки параметрів системи захисту, атак, соціальних мереж, а також вплив індивідуальних характеристик користувачів і характеру взаємовідносин між ними. У третьому розділі розглядаються практичні аспекти методології побудови постквантових алгоритмів для асиметричних криптосистем Мак-Еліса та Нідеррейтера на алгебраїчних кодах (еліптичних та модифікованих еліптичних кодах), їх математичні моделі та практичні алгоритми. Запропоновано гібридні конструкції криптокоду Мак-Еліса та Нідеррейтера на дефектних кодах. Вони дозволяють істотно знизити енергетичні витрати на реалізацію, забезпечуючи при цьому необхідний рівень криптографічної стійкості системи в цілому. Запропоновано концепцію безпеки корпоративних інформаційних та освітніх систем, які засновані на побудові адаптивної системи захисту інформації. ISBN 978-617-7319-31-2 (on-line)ISBN 978-617-7319-32-9 (print) ------------------------------------------------------------------------------------------------------------------ Як цитувати: Yevseiev, S., Ponomarenko, V., Laptiev, O., Milov, O., Korol, O., Milevskyi, S. et. al.; Yevseiev, S., Ponomarenko, V., Laptiev, O., Milov, O. (Eds.) (2021). Synergy of building cybersecurity systems. Kharkiv: РС ТЕСHNOLOGY СЕNTЕR, 188. doi: http://doi.org/10.15587/978-617-7319-31-2 ------------------------------------------------------------------------------------------------------------------ Індексація:                 &nbsp

Security Games: Solution Concepts and Algorithms

<p>Algorithms for finding game-theoretic solutions are now used in several real-world security applications. Many of these applications are based on different but related game-theoretical models collectively known as security games. Much of the research in this area has focused on the two-player setting in which the first player (leader, defender) commits to a strategy, after which the second player (follower, attacker) observes that strategy and responds to it. This is commonly known as the Stackelberg, or leader-follower, model. If none of the players can observe the actions of the others then such a setting is called a simultaneous-move game. A common solution concept in simultaneous-move games is the Nash equilibrium (NE). In the present dissertation, we contribute to this line of research in two ways.</p><p>First, we consider new ways of modeling commitment. We propose the new model in which the leader can commit to a correlated strategy. We show that this model is equivalent to the Stackelberg model in two-player games and is different from the existing models in games with three or more players. We propose an algorithm for computing a solution to this model in polynomial time. We also consider a leader-follower setting in which the players are uncertain about whether the follower can observe. We describe an iterative algorithm for solving such games.</p><p>Second, we analyze the computational complexity of computing Stackelberg and NE strategies in security games. We describe algorithms to solve some variants of the security game model in polynomial time and prove NP-hardness of solving other variants of the model. We also extend the family of security games by allowing the attacker have multiple resources. We provide an algorithm for computing an NE of such games in polynomial time, and we show that computing a Stackelberg strategy is NP-hard.</p>Dissertatio