Development and analysis of game-theoretical models of security systems agents interaction
DOI:
https://doi.org/10.15587/1729-4061.2020.201418Keywords:
game theory, cybersecurity, Stackelberg games, Nash games, game equilibrium, strategyAbstract
A game-theoretic approach is presented, which claims to be a universal method for solving most problems in the field of cybersecurity. As arguments to confirm the superiority of game theory, mathematical validity and provability of the optimality of decisions made, unlike the widely used heuristics, the possibility of developing reliable protection based on analytical results, ensuring a timely response to cyberattacks in conditions of limited resources, as well as distributed nature of decision making are highlighted.
The definitions of the basic concepts used in security tasks based on game-theoretic models are introduced.
The features of the application of game theory methods in the field of cybersecurity are listed and the limitations of research in this area are formulated, namely: a restriction on game strategies, simultaneous moves of players in the behavior patterns of security system agents, uncertainty in the time the players take the move, uncertainty in the final goal of the enemy, unpredictability of further player moves, lack of players’ assessment of enemy resources. as well as its ultimate goals, the inability to timely assess the current state of the game.
The game-theoretic models are aligned with the listed security problems, and the main solutions obtained as a result of using the corresponding models are also determined.
Many methods of game theory have been formed, for each of which a relationship is determined between the game model, its scope, simulation result and security services that the method under consideration supports.
The limitations of the classical representation of game theory models are determined, the need to overcome which follows from the requirements for providing basic security services. Such limitations include: the ability of the defender to detect attacks, the certainty of the probabilities of a change of state before the start of the game, the synchronism of the players’ moves, the inability to scale the model due to the size and complexity of the system under consideration.
Models of the main tasks of the interaction of antagonistic agents of security systems have been developed. The resulting models made it possible to obtain solutions to two of the most common tasks in the field of cybersecurity, namely, the interaction of the system administrator and the attacker in organizing the protection of information resources. The tasks are solved for various conditions – the game matrix contains cost estimates of resources and the matrix reflects the probability of threat realization. Pure and mixed strategies are defined for various initial conditions, which allows to exclude from the consideration strategies that are not included in the solution.
A synergistic approach to the use of game-theoretic modeling was formed taking into account the behavior of agents of security systems, based on an analysis of the diversity and characteristics of game-theoretic models, their inherent limitations and scopeReferences
- Attiah, A., Chatterjee, M., Zou, C. C. (2018). A Game Theoretic Approach to Model Cyber Attack and Defense Strategies. 2018 IEEE International Conference on Communications (ICC). doi: https://doi.org/10.1109/icc.2018.8422719
- Alpcan, T., Baser, T. An intrusion detection game with limited observations. Available at: https://www.tansu.alpcan.org/oldhomepage/papers/isdg06.pdf
- Security measurement. White Paper. Available at: http://www.psmsc.com/Downloads/TechnologyPapers/SecurityWhitePaper_v3.0.pdf
- He, W., Xia, C., Wang, H., Zhang, C., Ji, Y. (2008). A Game Theoretical Attack-Defense Model Oriented to Network Security Risk Assessment. 2008 International Conference on Computer Science and Software Engineering. doi: https://doi.org/10.1109/csse.2008.1651
- Yazar, Z. (2002). A Qualitative Risk Analysis and Management Tool - CRAMM. SANS.
- Aigbokhaevbolo, O. (2011). Application of Game Theory to Business Strategy in Undeveloped Countries: A Case for Nigeria. Journal of Social Sciences, 27 (1), 1–5. doi: https://doi.org/10.1080/09718923.2011.11892900
- Manshaei, M. H., Zhu, Q., Alpcan, T., Bacşar, T., Hubaux, J.-P. (2013). Game theory meets network security and privacy. ACM Computing Surveys, 45 (3), 1–39. doi: https://doi.org/10.1145/2480741.2480742
- Akinwumi, D. A., Iwasokun, G. B., Alese, B. K., Oluwadare, S. A. (2018). A review of game theory approach to cyber security risk management. Nigerian Journal of Technology, 36 (4), 1271. doi: https://doi.org/10.4314/njt.v36i4.38
- Kesselman, A., Leonardi, S. (2012). Game-theoretic analysis of Internet switching with selfish users. Theoretical Computer Science, 452, 107–116. doi: https://doi.org/10.1016/j.tcs.2012.05.029
- Akella, A., Seshan, S., Karp, R., Shenker, S., Papadimitriou, C. (2002). Selfish behavior and stability of the internet: a game-theoretic analysis of TCP. Proceedings of the 2002 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications - SIGCOMM ’02. doi: https://doi.org/10.1145/633025.633037
- Alpcan, T., Basar, T., Dey, S. (2004). A power control game based on outage probabilities for multicell wireless data networks. Proceedings of the 2004 American Control Conference. doi: https://doi.org/10.23919/acc.2004.1386817
- Bencsth, B., Buttyn, L., Vajda, I. (2003). A game based analysis of the client puzzle approach to defend against dos attacks. In Soft- COM 2003 11th International conference on software, telecommunications and computer networks, 763–767.
- Michiardi, P., Molva, R. (2002). Core: A Collaborative Reputation Mechanism to Enforce Node Cooperation in Mobile Ad Hoc Networks. IFIP Advances in Information and Communication Technology, 107–121. doi: https://doi.org/10.1007/978-0-387-35612-9_9
- Murali Kodialam, Lakshman, T. V. (2003). Detecting network intrusions via sampling: a game theoretic approach. IEEE INFOCOM 2003. Twenty-Second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428). doi: https://doi.org/10.1109/infcom.2003.1209210
- Patcha, A., Park, J.-M. (2004). A game theoretic approach to modeling intrusion detection in mobile ad hoc networks. Proceedings from the Fifth Annual IEEE SMC Information Assurance Workshop, 2004. doi: https://doi.org/10.1109/iaw.2004.1437828
- Alazzawe, A., Nawaz, A., Bayaraktar, M. M. (2006). Game theory and intrusion detection systems.
- Hamilton, S. N., Miller, W. L., Ott, A., Saydjari, O. S. (2002). Challenges in applying game theory to the domain of information warfare. Proceedings of the 4th Information survivability workshop (ISW-2001/2002).
- Hamilton, S. N., Miller, W. L., Ott, A., Saydjari, O. S. (2002). The role of game theory in information warfare. Proceedings of the 4th information survivability workshop (ISW- 2001/2002).
- Liu, P., Zang, W., Yu, M. (2005). Incentive-based modeling and inference of attacker intent, objectives, and strategies. ACM Transactions on Information and System Security, 8 (1), 78–118. doi: https://doi.org/10.1145/1053283.1053288
- Nguyen, K. C., Alpcan, T., Basar, T. (2009). Stochastic games for security in networks with interdependent nodes. 2009 International Conference on Game Theory for Networks. doi: https://doi.org/10.1109/gamenets.2009.5137463
- Nguyen, K. C., Alpcan, T., Basar, T. (2009). Security Games with Incomplete Information. 2009 IEEE International Conference on Communications. doi: https://doi.org/10.1109/icc.2009.5199443
- Chen, Z. (2007). Modeling and defending against internet worm attacks. Georgia Institute of Technology.
- Hryshchuk, R. V. (2013). Dyferentsialno-ihrovi modeli ta metody modeliuvannia protsesiv kibernapadu. Kyiv, 411.
- Bursztein, E., & Goubault-Larrecq, J. (2007). A Logical Framework for Evaluating Network Resilience Against Faults and Attacks. Advances in Computer Science – ASIAN 2007. Computer and Network Security, 212–227. doi: https://doi.org/10.1007/978-3-540-76929-3_20
- Sun, W., Kong, X., He, D., You, X. (2008). Information Security Problem Research Based on Game Theory. 2008 International Symposium on Electronic Commerce and Security. doi: https://doi.org/10.1109/isecs.2008.147
- Sun, W., Kong, X., He, D., You, X. (2008). Information Security Investment Game with Penalty Parameter. 2008 3rd International Conference on Innovative Computing Information and Control. doi: https://doi.org/10.1109/icicic.2008.319
- Hansman, S., Hunt, R. (2005). A taxonomy of network and computer attacks. Computers & Security, 24 (1), 31–43. doi: https://doi.org/10.1016/j.cose.2004.06.011
- Charles, A. K., Pissinou, N. (2010). Mitigating selfish misbehavior in multi-hop networks using stochastic game theory. IEEE Local Computer Network Conference. doi: https://doi.org/10.1109/lcn.2010.5735709
- Charles, A. K., Pissinou, N., Busovaca, A., Makki, K. (2010). Belief-free equilibrium of packet forwarding game in ad hoc networks under imperfect monitoring. International Performance Computing and Communications Conference. doi: https://doi.org/10.1109/pccc.2010.5682295
- Xiaohui Liang, Xu Li, Tom H. Luan, Rongxing Lu, Xiaodong Lin, and Xuemin Shen. 2012. Morality-driven data forwarding with privacy preservation in mobile social networks. IEEE Tran. Vehic. Technol. 61, 7 (Sep. 2012), 3209-3222.
- Ara, M., Reboredo, H., Ghanem, S. A. M., Rodrigues, M. R. D. (2012). A zero-sum power allocation game in the parallel Gaussian wiretap channel with an unfriendly jammer. 2012 IEEE International Conference on Communication Systems (ICCS). doi: https://doi.org/10.1109/iccs.2012.6406109
- Spyridopoulos, T., Karanikas, G., Tryfonas, T., Oikonomou, G. (2013). A game theoretic defence framework against DoS/DDoS cyber attacks. Computers & Security, 38, 39–50. doi: https://doi.org/10.1016/j.cose.2013.03.014
- Kamhoua, C. A., Kwiat, L., Kwiat, K. A., Park, J. S., Zhao, M., Rodriguez, M. (2014). Game Theoretic Modeling of Security and Interdependency in a Public Cloud. 2014 IEEE 7th International Conference on Cloud Computing. doi: https://doi.org/10.1109/cloud.2014.75
- Minghui Zhu, Martinez, S. (2011). Stackelberg-game analysis of correlated attacks in cyber-physical systems. Proceedings of the 2011 American Control Conference. doi: https://doi.org/10.1109/acc.2011.5991463
- Djebaili, B., Kiennert, C., Leneutre, J., Chen, L. (2014). Data Integrity and Availability Verification Game in Untrusted Cloud Storage. Decision and Game Theory for Security, 287–306. doi: https://doi.org/10.1007/978-3-319-12601-2_16
- Akkarajitsakul, K., Hossain, E., Niyato, D. (2013). Cooperative Packet Delivery in Hybrid Wireless Mobile Networks: A Coalitional Game Approach. IEEE Transactions on Mobile Computing, 12 (5), 840–854. doi: https://doi.org/10.1109/tmc.2012.46
- Saad, W., Zhu Han, Basar, T., Debbah, M., Hjorungnes, A. (2009). Physical layer security: Coalitional games for distributed cooperation. 2009 7th International Symposium on Modeling and Optimization in Mobile, Ad Hoc, and Wireless Networks. doi: https://doi.org/10.1109/wiopt.2009.5291619
- Zhu, Q., Basar, T. (2011). Robust and resilient control design for cyber-physical systems with an application to power systems. IEEE Conference on Decision and Control and European Control Conference. doi: https://doi.org/10.1109/cdc.2011.6161031
- Johnson, B., Schöttle, P., Böhme, R. (2012). Where to Hide the Bits? Decision and Game Theory for Security, 1–17. doi: https://doi.org/10.1007/978-3-642-34266-0_1
- Jin, X., Pissinou, N., Pumpichet, S., Kamhoua, C. A., Kwiat, K. (2013). Modeling cooperative, selfish and malicious behaviors for Trajectory Privacy Preservation using Bayesian game theory. 38th Annual IEEE Conference on Local Computer Networks. doi: https://doi.org/10.1109/lcn.2013.6761339
- Liu, Y., Feng, D., Lian, Y., Chen, K., Zhang, Y. (2013). Optimal Defense Strategies for DDoS Defender Using Bayesian Game Model. Lecture Notes in Computer Science, 44–59. doi: https://doi.org/10.1007/978-3-642-38033-4_4
- Kamhoua, C. A., Kwiat, K. A., Park, J. S. (2012). Surviving in Cyberspace: A Game Theoretic Approach. Journal of Communications, 7 (6). doi: https://doi.org/10.4304/jcm.7.6.436-450
- Ji, Z., Yu, W., Liu, K. J. R. (2010). A Belief Evaluation Framework in Autonomous MANETs under Noisy and Imperfect Observation: Vulnerability Analysis and Cooperation Enforcement. IEEE Transactions on Mobile Computing, 9 (9), 1242–1254. doi: https://doi.org/10.1109/tmc.2010.87
- Shen, D., Chen, G., Blasch, E., Tadda, G. (2007). Adaptive Markov Game Theoretic Data Fusion Approach for Cyber Network Defense. MILCOM 2007 - IEEE Military Communications Conference. doi: https://doi.org/10.1109/milcom.2007.4454758
- Ma, C. Y. T., Yau, D. K. Y., Rao, N. S. V. (2013). Scalable Solutions of Markov Games for Smart-Grid Infrastructure Protection. IEEE Transactions on Smart Grid, 4 (1), 47–55. doi: https://doi.org/10.1109/tsg.2012.2223243
- Shivshankar, S., Jamalipour, A. (2015). An Evolutionary Game Theory-Based Approach to Cooperation in VANETs Under Different Network Conditions. IEEE Transactions on Vehicular Technology, 64 (5), 2015–2022. doi: https://doi.org/10.1109/tvt.2014.2334655
- Kamhoua, C. A., Pissinou, N., Makki, K. (2011). Game Theoretic Modeling and Evolution of Trust in Autonomous Multi-Hop Networks: Application to Network Security and Privacy. 2011 IEEE International Conference on Communications (ICC). doi: https://doi.org/10.1109/icc.2011.5962511
- He, F., Zhuang, J., Rao, N. S. V. (2012). Game-theoretic analysis of attack and defense in cyber-physical network infrastructures. Proceedings of the 2012 Industrial and Systems Engineering Research Conference.
- He, F., Zhuang, J., Rao, N. S. V., Ma, C. Y. T., Yau, D. K. Y. (2013). Game-theoretic resilience analysis of Cyber-Physical Systems. 2013 IEEE 1st International Conference on Cyber-Physical Systems, Networks, and Applications (CPSNA). doi: https://doi.org/10.1109/cpsna.2013.6614252
- Ma, C. Y. T., Rao, N. S. V., Yau, D. K. Y. (2011). A game theoretic study of attack and defense in cyber-physical systems. 2011 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS). doi: https://doi.org/10.1109/infcomw.2011.5928904
- Gupta, A., Langbort, C., Basar, T. (2010). Optimal control in the presence of an intelligent jammer with limited actions. 49th IEEE Conference on Decision and Control (CDC). doi: https://doi.org/10.1109/cdc.2010.5717544
- Shoukry, Y., Araujo, J., Tabuada, P., Srivastava, M., Johansson, K. H. (2013). Minimax control for cyber-physical systems under network packet scheduling attacks. Proceedings of the 2nd ACM International Conference on High Confidence Networked Systems - HiCoNS’13. doi: https://doi.org/10.1145/2461446.2461460
- Ma, C. Y. T., Yau, D. K. Y., Lou, X., Rao, N. S. V. (2013). Markov Game Analysis for Attack-Defense of Power Networks Under Possible Misinformation. IEEE Transactions on Power Systems, 28 (2), 1676–1686. doi: https://doi.org/10.1109/tpwrs.2012.2226480
- Zonouz, S., Haghani, P. (2013). Cyber-physical security metric inference in smart grid critical infrastructures based on system administrators' responsive behavior. Computers & Security, 39, 190–200. doi: https://doi.org/10.1016/j.cose.2013.07.003
- Goryashko, A. (2014). Game theory: from analysis to synthesis (survey of the markets design results). Cloud of Science, 1 (1), 112–154.
- Shing, M.-L., Shing, C.-C., Chen, K. L., Lee, H. (2011). A Game Theory Approach in Information Security Risk Study. 2010 International Conference on E-business, Management and Economics IPEDR, 3, 201–203.
- Petrenko, S., Simonov, S., Kislov, R. (2003). Informatsionnaya bezopasnost': ekonomicheskie aspekty. Jet Info, 10 (125).
- McKelvey, R., McLennan, A., Turocy, T. (2002). Gambit: Software Tools for Game Theory.
- Yevseiev, S., Rzayev, K., Mammadova, T., Samedov, F., Romashchenko, N. (2018). Classification of cyber cruise of informational resources of automated banking systems. Cybersecurity: Education, Science, Technique, 2 (2), 47–67. doi: https://doi.org/10.28925/2663-4023.2018.2.4767
- Fon Neyman, D., Morgenshtern, O. (1970). Teoriya igr i ekonomicheskoe povedenie. Moscow: Nauka, 983.
- Özgür, A., Erdem, H. (2016). A review of KDD99 dataset usage in intrusion detection and machine learning between 2010 and 2015. doi: https://doi.org/10.7287/peerj.preprints.1954v1
- Milov, O., Voitko, A., Husarova, I., Domaskin, O., Ivanchenko, Y., Ivanchenko, I. et. al. (2019). Development of methodology for modeling the interaction of antagonistic agents in cybersecurity systems. Eastern-European Journal of Enterprise Technologies, 2 (9 (98)), 56–66. doi: https://doi.org/10.15587/1729-4061.2019.164730
- Yevseiev, S., Aleksiyev, V., Balakireva, S., Peleshok, Y., Milov, O., Petrov, O. et. al. (2019). Development of a methodology for building an information security system in the corporate research and education system in the context of university autonomy. Eastern-European Journal of Enterprise Technologies, 3 (9 (99)), 49–63. doi: https://doi.org/10.15587/1729-4061.2019.169527
- Milov, O., Yevseiev, S., Ivanchenko, Y., Milevskyi, S., Nesterov, O., Puchkov, O. et. al. (2019). Development of the model of the antagonistic agents behavior under a cyber conflict. Eastern-European Journal of Enterprise Technologies, 4 (9 (100)), 6–19. doi: https://doi.org/10.15587/1729-4061.2019.175978
- Milov, O., Yevseiev, S., Aleksiyev, V., Berdnik, P., Voitko, O., Dyptan, V. et. al. (2019). Development of the interacting agents behavior scenario in the cyber security system. Eastern-European Journal of Enterprise Technologies, 5 (9 (101)), 46–57. doi: https://doi.org/10.15587/1729-4061.2019.181047
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2020 Serhii Yevseiev, Oleksandr Milov, Stanislav Milevskyi, Oleksandr Voitko, Maksym Kasianenko, Yevgen Melenti, Serhii Pohasii, Hrygorii Stepanov, Oleksandr Turinskyi, Serhii Faraon
This work is licensed under a Creative Commons Attribution 4.0 International License.
The consolidation and conditions for the transfer of copyright (identification of authorship) is carried out in the License Agreement. In particular, the authors reserve the right to the authorship of their manuscript and transfer the first publication of this work to the journal under the terms of the Creative Commons CC BY license. At the same time, they have the right to conclude on their own additional agreements concerning the non-exclusive distribution of the work in the form in which it was published by this journal, but provided that the link to the first publication of the article in this journal is preserved.
A license agreement is a document in which the author warrants that he/she owns all copyright for the work (manuscript, article, etc.).
The authors, signing the License Agreement with TECHNOLOGY CENTER PC, have all rights to the further use of their work, provided that they link to our edition in which the work was published.
According to the terms of the License Agreement, the Publisher TECHNOLOGY CENTER PC does not take away your copyrights and receives permission from the authors to use and dissemination of the publication through the world's scientific resources (own electronic resources, scientometric databases, repositories, libraries, etc.).
In the absence of a signed License Agreement or in the absence of this agreement of identifiers allowing to identify the identity of the author, the editors have no right to work with the manuscript.
It is important to remember that there is another type of agreement between authors and publishers – when copyright is transferred from the authors to the publisher. In this case, the authors lose ownership of their work and may not use it in any way.