Game theory in network security


Published on

This is a simple presentation on Game Theory in Network Security. I made it when I was searching for research points for my Master degree. Still searching for other research points. Any suggestions on research points in network security or network architecture? :)

Published in: Technology
  • thank you very much man , this very terse
    Are you sure you want to  Yes  No
    Your message goes here
  • it really help full for me...
    Are you sure you want to  Yes  No
    Your message goes here
No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Game theory in network security

  1. 1. 
  2. 2. Agenda:•Introduction•What is The Game Theory?•Games Classifications•Game Theory and Network Security•Examples on Game Theory in Network Security•Limitations of Game Theory and directions of research
  3. 3. Introduction:• Networks today: • Personal • Business and governments (more advanced security)• Security Devices: • Preventive (Firewalls) • Reactive (Anti-viruses and IDSs)
  4. 4. Intrusion Detection System(IDS): • Monitors the system • Determine the occurrence of attacks • Notify network administrator or takes decision on it’s own (Intrusion Prevention System IPS)
  5. 5. Problems with IDSs:Not sophisticated enough: • Source Address • Encrypted Packets • False AlarmsSuggested Solution is GAME THEORY
  6. 6. What is Game Theory?• The study of strategic decision making.• A mathematical tool used to describe and solve games depending on 4 basic elements: 1. Players: The entities involved in the game whether human, animal, devices, organizations or any objects that can interact with each other.
  7. 7. 2. Actions:In each move, a player takes an action.Game theory assumes that each player knowsthe possible action of other player(s).3. Payoff:The return of each player.It might be positive or negative.4. Strategies:A player’s strategy is their plan ofaction that specifies which actionto take based on their knowledge ofaction history.
  8. 8. Types of Games:According to the past four elements, games can beclassified into:1- Cooperative and non-cooperative:Players can communicate while planning in a cooperativegame. In non-cooperative games this is not allowed. Mostlythis classification is not considered a game classification.2- Symmetric and asymmetric:Payoffs depend on the strategy not theplayer in a symmetric game. In asymmetricgames, payoffs depend on the player.
  9. 9. Types of Games:3- Zero- sum and non-zero -sum:A player wins the amount loosed bythe opponent in a zero sum game.No increasing or decreasing inresources.4- Simultaneous and Sequential:Simultaneous games are games whereplayers move simultaneously,or if they do not move simult-aneously, the later players areunaware of the earlier players actions.Sequential games (or dynamic games)are games where later players have someknowledge about earlier actions.
  10. 10. Types of Games:5- Perfect information and imperfectinformation:A game is one of perfect information if all playersknow the moves previously made byall other players. Thus, only sequentialgames can be games of perfectinformation because players insimultaneous games do not knowthe actions of the other players.6- Combinatorial gamesGames in which the difficulty of findingan optimal strategy comes from themultiplicity of possible moves.
  11. 11. Game Theory in NetworkSecurity:The main scenario:Attackers launch attacks onnetwork or computer systems,and defenders respond to these attacks.Main entities:• System• Attacker• IDS or virtual sensors• Defender
  12. 12. Security and Privacy Games inComputer Networks:Security of physical and MAC layers:Zero- sum game.Required by attacker:Denial of service.Required by defender:Communication of transmitterand receiver.Problem model:• R(T, R, J)• Transmitter and receiver seek to minimize R ( transmitter can amplify the signal).• Attacker seeks to maximize R ( can add noise).
  13. 13. Security and Privacy Games inComputer Network:IDS Configuration:Stochastic GameParameters to be modeled:• Monetary value of protected assets (w)• Detection rate (d) and false alarm rate (f)• Cost of attacking (ca) and monitoring (cm)• Probability of a node being malicious (m)Suggested mathematical model:m < [(1+f)w+cm]/(2d+f-1)w
  14. 14. Security and Privacy Games inComputer Networks:Collaborative IDS Networks:Modeling is based on trusted value or previouscollaborative history.
  15. 15. Directions of Research andLimitations:Research:• Building game models for 3 or more players.• Development of proper payoff functions.• Wireless NetworksLimitations:• Ad hoc scheme that depends on the case and application itself.• An IDS’s ability to detect attacks plays an important role in security games modeling.• Agents aren’t fully rational.• How to assess and quantify network security? (“ We are doomed if we don’t apply more security”/ “no need to worry, everythingis fine.”)
  16. 16. References:Paper:1- Game Theory for Network SecurityXiannuan Liang and Yang Xiao, Senior Member, IEEE20132- Game Theory Meets Network Security and Privacy• Mohammad Hossein Manshaeiy, Isfahan University of Technology (IUT), Iran• Quanyan Zhu, University of Illinois at Urbana-Champaign (UIUC), USA• Tansu Alpcanz, University of Melbourne, Australia• Tamer Basar, University of Illinois at Urbana-Champaign (UIUC), USA• Jean-Pierre Hubaux, Ecole Polytechnique Federale de Lausanne (EPFL), Switzerland 2011Links:For more on Game Theory and more game approaches: International Conference on Game Theory for Networks:
  17. 17. Thank you