Advisor: Frank,Yeong-Sung Lin 碩一 冠廷 Influence of attacker’s target recognition ability on defense strategy in homogeneous parallel systems Gregory Levitin , Kjell Hausken 2010 Advisor: Frank,Yeong-Sung Lin 碩一 冠廷

Agenda Introduction The efforts distribution and the vulnerability of a single element The defender protects a subset of the elements, the attacker attacks all elements The defender protects a subset of the elements, the attacker attacks a subset of the undetected elements Analysis of the models Conclusions

Agenda Introduction The efforts distribution and the vulnerability of a single element The defender protects a subset of the elements, the attacker attacks all elements The defender protects a subset of the elements, the attacker attacks a subset of the undetected elements Analysis of the models Conclusions

Introduction Defender distributes its resource： 1. deploying redundant elements 2. protection a subset of the deployed system elements Attacker distributes its resource： 1. detect the unprotected elements (destroyed with negligible effort) 2. (a) evenly among all of the undetected elements (b) among elements from a chosen subset of undetected elements.

Introduction This paper studies the influence of the unprotected element detection probability on the defender’s resource distribution between providing redundancy and protecting the elements in homogeneous parallel systems.

Nomenclature

Illustration (a) evenly among all of the undetected elements (b) among elements from a chosen subset of undetected elements.

Agenda Introduction The efforts distribution and the vulnerability of a single element The defender protects a subset of the elements, the attacker attacks all elements The defender protects a subset of the elements, the attacker attacks a subset of the undetected elements Analysis of the models Conclusions

The efforts distribution and the vulnerability of a single element The vulnerability of any element using the attacker– defender contest success function: x<=r/└F/g┘ (Ng>=F & r>=Nx )

The efforts distribution and the vulnerability of a single element The defender’s objective is to minimize the expected damage using the fixed resource r for deploying system elements and protecting them. The attacker’s objective is to maximize the expected damage using the fixed resource R for attacking the elements.

Agenda Introduction The efforts distribution and the vulnerability of a single element The defender protects a subset of the elements, the attacker attacks all elements The defender protects a subset of the elements, the attacker attacks a subset of the undetected elements Analysis of the models Conclusions

Illustration (a) evenly among all of the undetected elements

The defender protects a subset of the elements, the attacker attacks all elements To decrease the expected damage it may be optimal for the defender to protect M<=N elements. The defender’s effort per element increases to t=(r-Nx)/(Ma). The attacker： 1. Tries to detect the unprotected elements and destroys all the detected unprotected elements with negligible effort.

The defender protects a subset of the elements, the attacker attacks all elements 2. distributes its effort evenly among the remaining elements (protected ones and undetected unprotected ones) (N-h) Let q be the probability that an unprotected element is detected correctly.

The defender protects a subset of the elements, the attacker attacks all elements The probability that the attacker detects correctly h out of N-M unprotected elements is： Each one of the M protected elements is destroyed with probability ：

The defender protects a subset of the elements, the attacker attacks all elements The probability that k out of M protected elements are destroyed is The probability that exactly N-M+k elements are destroyed by the attack is

The defender protects a subset of the elements, the attacker attacks all elements The expected damage caused by the attack The defender chooses its two free choice variables N and M minimize the expected damage D. The attacker maximizes D. 若g(M-k) > F 表系統能順利運作，故產生的Damage=0; 若g(M-k) < F 表系統無法順利運作，故F-g(M-k)表damage 大小

The defender protects a subset of the elements, the attacker attacks all elements The optimal values M* and N* of M and N can be obtained

Agenda Introduction The efforts distribution and the vulnerability of a single element The defender protects a subset of the elements, the attacker attacks all elements The defender protects a subset of the elements, the attacker attacks a subset of the undetected elements Analysis of the models Conclusions

Illustration

The attacker attacks a subset of the undetected elements The probability Hs that exactly s elements are destroyed by the attack on Q elements randomly chosen from the set of undetected elements comprising M protected and N-h-M unprotected elements can be obtained as s=Q-f+k => k=s+f-Q (其中Q-f 為未被保護的元素)

The attacker attacks a subset of the undetected elements Damage caused by the attack Assume that for any h the attacker can choose the value of Q=Q*(h) that maximizes the expected damage 若g(N-h-s) > F 表系統能順利運作，故產生的Damage=0; 若g(N-h-s) < F 表系統無法順利運作，故F-g(M-k)表damage 大小

The attacker attacks a subset of the undetected elements

The attacker attacks a subset of the undetected elements The defender chooses N and M to minimize the expected damage D Assume：the attacker chooses for any h the optimal value of Q that maximizes the expected damage d(h,Q).

The attacker attacks a subset of the undetected elements

Agenda Introduction The efforts distribution and the vulnerability of a single element The defender protects a subset of the elements, the attacker attacks all elements The defender protects a subset of the elements, the attacker attacks a subset of the undetected elements Analysis of the models Conclusions

Analysis of the models The first analysis： 1. x=0.3 2. Ɛ=1 3. R=1 5. g=2 6. F=6 7. The attacker attacks all the elements. => N>=3 M*, N*,D as functions of q and m

Analysis of the models

Analysis of the models The second analysis： 1. x=0.6 2. Ɛ=1 3. R=1 5. g=2 6. F=6 7. The attacker attacks all the elements. => N>=3 M*, N*,D as functions of q and m.

Analysis of the models

Analysis of the models The third analysis： 1. x=0.9 2. Ɛ=1 3. R=1 5. g=2 6. F=6 7. The attacker attacks all the elements. => N>=3 M*, N*,D as functions of q and m.

Analysis of the models

Analysis of the models The fourth analysis： 1. x=0.3 2. Ɛ=1 3. R=1 5. g=2 6. F=6 7. The attacker attacks optimal number of elements. => N>=3 M*, N*,D,Q*(0) as functions of q and m.

Analysis of the models

Analysis of the models The fifth analysis： 1. x=0.6 2. Ɛ=1 3. R=1 5. g=2 6. F=6 7. The attacker attacks optimal number of elements. => N>=3 M*, N*,D,Q*(0) as functions of q and m.

Analysis of the models

Agenda Introduction The efforts distribution and the vulnerability of a single element The defender protects a subset of the elements, the attacker attacks all elements The defender protects a subset of the elements, the attacker attacks a subset of the undetected elements Analysis of the models Conclusions

Conclusions This paper considers optimal defense resource distribution between two main actions： 1. deployment of separated redundant system elements 2. protection

Conclusions Attacker distributes its resource： 1. detect the unprotected elements (destroyed with negligible effort) 2. (a) evenly among all of the undetected elements (b) among elements from a chosen subset of undetected elements.

Conclusions With low q the defender may deploy many elements without necessarily protecting all of them. The higher probability of correct detection for the attacker makes it more important for the defender to protect more elements.

Conclusions The expected damage is insensitive to q when the number of protected elements equals the number of deployed elements. Free choice of the number of attacked elements makes the defense strategy more sensitive to q. The decrease of the contest intensity makes the defense strategy insensitive to q because in this case the defender protects all the elements.

Thanks for your listening.