53 research outputs found
Compact Representation of Value Function in Partially Observable Stochastic Games
Value methods for solving stochastic games with partial observability model
the uncertainty about states of the game as a probability distribution over
possible states. The dimension of this belief space is the number of states.
For many practical problems, for example in security, there are exponentially
many possible states which causes an insufficient scalability of algorithms for
real-world problems. To this end, we propose an abstraction technique that
addresses this issue of the curse of dimensionality by projecting
high-dimensional beliefs to characteristic vectors of significantly lower
dimension (e.g., marginal probabilities). Our two main contributions are (1)
novel compact representation of the uncertainty in partially observable
stochastic games and (2) novel algorithm based on this compact representation
that is based on existing state-of-the-art algorithms for solving stochastic
games with partial observability. Experimental evaluation confirms that the new
algorithm over the compact representation dramatically increases the
scalability compared to the state of the art
Modeling Security and Cooperation in Wireless Networks Using Game Theory
This research involves the design, development, and theoretical demonstration of models resulting in integrated misbehavior resolution protocols for ad hoc networked devices. Game theory was used to analyze strategic interaction among independent devices with conflicting interests. Packet forwarding at the routing layer of autonomous ad hoc networks was investigated. Unlike existing reputation based or payment schemes, this model is based on repeated interactions. To enforce cooperation, a community enforcement mechanism was used, whereby selfish nodes that drop packets were punished not only by the victim, but also by all nodes in the network. Then, a stochastic packet forwarding game strategy was introduced. Our solution relaxed the uniform traffic demand that was pervasive in other works. To address the concerns of imperfect private monitoring in resource aware ad hoc networks, a belief-free equilibrium scheme was developed that reduces the impact of noise in cooperation. This scheme also eliminated the need to infer the private history of other nodes. Moreover, it simplified the computation of an optimal strategy. The belief-free approach reduced the node overhead and was easily tractable. Hence it made the system operation feasible. Motivated by the versatile nature of evolutionary game theory, the assumption of a rational node is relaxed, leading to the development of a framework for mitigating routing selfishness and misbehavior in Multi hop networks. This is accomplished by setting nodes to play a fixed strategy rather than independently choosing a rational strategy. A range of simulations was carried out that showed improved cooperation between selfish nodes when compared to older results. Cooperation among ad hoc nodes can also protect a network from malicious attacks. In the absence of a central trusted entity, many security mechanisms and privacy protections require cooperation among ad hoc nodes to protect a network from malicious attacks. Therefore, using game theory and evolutionary game theory, a mathematical framework has been developed that explores trust mechanisms to achieve security in the network. This framework is one of the first steps towards the synthesis of an integrated solution that demonstrates that security solely depends on the initial trust level that nodes have for each other
Honeypot Allocation for Cyber Deception in Dynamic Tactical Networks: A Game Theoretic Approach
Honeypots play a crucial role in implementing various cyber deception
techniques as they possess the capability to divert attackers away from
valuable assets. Careful strategic placement of honeypots in networks should
consider not only network aspects but also attackers' preferences. The
allocation of honeypots in tactical networks under network mobility is of great
interest. To achieve this objective, we present a game-theoretic approach that
generates optimal honeypot allocation strategies within an attack/defense
scenario. Our proposed approach takes into consideration the changes in network
connectivity. In particular, we introduce a two-player dynamic game model that
explicitly incorporates the future state evolution resulting from changes in
network connectivity. The defender's objective is twofold: to maximize the
likelihood of the attacker hitting a honeypot and to minimize the cost
associated with deception and reconfiguration due to changes in network
topology. We present an iterative algorithm to find Nash equilibrium strategies
and analyze the scalability of the algorithm. Finally, we validate our approach
and present numerical results based on simulations, demonstrating that our game
model successfully enhances network security. Additionally, we have proposed
additional enhancements to improve the scalability of the proposed approach.Comment: This paper accepted in 14th International Conference on Decision and
Game Theory for Security, GameSec 202
Transfer Learning for Detecting Unknown Network Attacks
Network attacks are serious concerns in today’s increasingly interconnected society. Recent studies have applied conventional machine learning to network attack detection by learning the patterns of the network behaviors and training a classification model. These models usually require large labeled datasets; however, the rapid pace and unpredictability of cyber attacks make this labeling impossible in real time. To address these problems, we proposed utilizing transfer learning for detecting new and unseen attacks by transferring the knowledge of the known attacks. In our previous work, we have proposed a transfer learning-enabled framework and approach, called HeTL, which can find the common latent subspace of two different attacks and learn an optimized representation, which was invariant to attack behaviors’ changes. However, HeTL relied on manual pre-settings of hyper-parameters such as relativeness between the source and target attacks. In this paper, we extended this study by proposing a clustering-enhanced transfer learning approach, called CeHTL, which can automatically find the relation between the new attack and known attack. We evaluated these approaches by stimulating scenarios where the testing dataset contains different attack types or subtypes from the training set. We chose several conventional classification models such as decision trees, random forests, KNN, and other novel transfer learning approaches as strong baselines. Results showed that proposed HeTL and CeHTL improved the performance remarkably. CeHTL performed best, demonstrating the effectiveness of transfer learning in detecting new network attacks
Optimal deployments of defense mechanisms for the internet of things
Internet of Things (IoT) devices can be exploited by the attackers as entry points to break into the IoT networks without early detection. Little work has taken hybrid approaches that combine different defense mechanisms in an optimal way to increase the security of the IoT against sophisticated attacks. In this work, we propose a novel approach to generate the strategic deployment of adaptive deception technology and the patch management solution for the IoT under a budget constraint. We use a graphical security model along with three evaluation metrics to measure the effectiveness and efficiency of the proposed defense mechanisms. We apply the multi-objective genetic algorithm (GA) to compute the {\em Pareto optimal} deployments of defense mechanisms to maximize the security and minimize the deployment cost. We present a case study to show the feasibility of the proposed approach and to provide the defenders with various ways to choose optimal deployments of defense mechanisms for the IoT. We compare the GA with the exhaustive search algorithm (ESA) in terms of the runtime complexity and performance accuracy in optimality. Our results show that the GA is much more efficient in computing a good spread of the deployments than the ESA, in proportion to the increase of the IoT devices
- …