Risk Models and Controlled Mitigation of IT Security R. Ann Miura-Ko Stanford University February 27, 2009.

Slides:

Advertisements

Similar presentations

A Local Mean Field Analysis of Security Investments in Networks Marc Lelarge (INRIA-ENS) Jean Bolot (SPRINT) NetEcon 2008.

Advertisements

The Weighted Proportional Resource Allocation Milan Vojnović Microsoft Research Joint work with Thành Nguyen Microsoft Research Asia, Beijing, April, 2011.

Network Security: an Economic Perspective Marc Lelarge (INRIA-ENS) currently visiting STANFORD TRUST seminar, Berkeley 2011.

Characterizing distribution rules for cost sharing games Raga Gopalakrishnan Caltech Joint work with Jason R. Marden & Adam Wierman.

1 Strategic choice of financing systems in regulated and interconnected industries Anna BassaniniJerome Pouyet Rome & IDEICREST-LEI & CERAS-ENPC

Ethics, Privacy and Information Security

SAFE Blueprint and the Security Ecosystem. 2 Chapter Topics  SAFE Blueprint Overview  Achieving the Balance  Defining Customer Expectations  Design.

Markov Game Analysis for Attack and Defense of Power Networks Chris Y. T. Ma, David K. Y. Yau, Xin Lou, and Nageswara S. V. Rao.

Regret Minimization and the Price of Total Anarchy Paper by A. Blum, M. Hajiaghayi, K. Ligett, A.Roth Presented by Michael Wunder.

Coalition Formation and Price of Anarchy in Cournot Oligopolies Joint work with: Nicole Immorlica (Northwestern University) Georgios Piliouras (Georgia.

Sogang University ICC Lab Using Game Theory to Analyze Wireless Ad Hoc networks.

Algorithmic and Economic Aspects of Networks Nicole Immorlica.

Analysis of the Increase and Decrease Algorithms for Congestion Avoidance in Computer Networks Dah-Ming Chiu and Raj Jain Presented by Yao Zhao.

“ Analysis of the Increase and Decrease Algorithms for Congestion Avoidance in Computer Networks ”

Software Security Threats Threats have been an issue since computers began to be used widely by the general public.

Lecture 1 - Introduction 1.  Introduction to Game Theory  Basic Game Theory Examples  Strategic Games  More Game Theory Examples  Equilibrium  Mixed.

A Game Theoretic Approach to Provide Incentive and Service Differentiation in P2P Networks John C.S. Lui The Chinese University of Hong Kong Joint work.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

The Economics of Water Efficiency: A Review Amman, September 30 / October 4, 2005 Andrea Billi, Giovanni Canitano, Angelo Quarto UNIVERSITY OF ROME “LA.

A Scalable Network Resource Allocation Mechanism With Bounded Efficiency Loss IEEE Journal on Selected Areas in Communications, 2006 Johari, R., Tsitsiklis,

A Game Theoretic Approach to Provide Incentive and Service Differentiation in P2P Networks Richard Ma, Sam Lee, John Lui (CUHK) David Yau (Purdue)

Lecture 11 Reliability and Security in IT infrastructure.

Game Dynamics Out of Sync Michael Schapira (Yale University and UC Berkeley) Joint work with Aaron D. Jaggard and Rebecca N. Wright.

Economics of Malware: Epidemic Risk Model, Network Externalities and Incentives. Marc Lelarge (INRIA-ENS) WEIS, University College London, June 2009.

Telenet for Business Mobile & Security? Brice Mees Security Services Operations Manager.

Managerial Economics Prof. M. El-Sakka CBA. Kuwait University Managerial Economics in a Global Economy Chapter 1 B.

Presenter: Jen-Hua Chi Advisor: Frank, Yeong-Sung Lin

© 2009 IDBI Intech, Inc. All rights reserved.IDBI Intech Confidential 1 Information (Data) Security & Risk Mitigation.

1 IS 8950 Managing Network Infrastructure and Operations.

“Assuring Reliable and Secure IT Services”. IT Redundancy: Its Value How much reliability to buy? Customer Service impacted as a result of 15 minutes.

Network Economics: two examples Marc Lelarge (INRIA-ENS) SIGMETRICS, London June 14, 2012.

Security Trifecta – Overview of Vulnerabilities in the Racing Industry Gus Fritschie December 11, 2013.

Security Issues, Ethics, & Emerging Technologies in Education

Let the Pirates Patch? An Economic Analysis of Software Security Patch Restrictions Terrence August *Joint work with Tunay I. Tunca.

1 The Price of Defense M. Mavronicolas , V. Papadopoulou , L. Michael ¥, A. Philippou , P. Spirakis § University of Cyprus, Cyprus  University of Patras.

Interaction of Overlay Networks: Properties and Implications Joe W.J. Jiang Dah-Ming Chiu John C.S. Lui The Chinese University of Hong Kong.

1 Economic Concepts For Strategy Besanko, Dranove, and Shanley Primer Chapter.

Introduction to IT investment decision-making Pertemuan 1-2 Matakuliah: A Strategi Investasi IT Tahun: 2009.

1 Multi-radio Channel Allocation in Competitive Wireless Networks Mark Felegyhazi, Mario Čagalj, Jean-Pierre Hubaux EPFL, Switzerland IBC’06, Lisbon, Portugal.

Assuring Reliable and Secure IT Services Chapter 6.

Alpcan, T., and T. Basar (2004) “A game theoretic analysis of intrusion detection in access control systems” Proceedings of 43 rd IEEE Conference on Decision.

MAIN RESULT: We assume utility exhibits strategic complementarities. We show: Membership in larger k-core implies higher actions in equilibrium Higher.

Critique of Hotelling Hotelling’s “Principle of Minimum Differentiation” was flawed No pure strategy exists if firms are close together. With quadratic.

“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.

INFORMATION SECURITY AND CONTROL. SECURITY: l Deter l Detect l Minimize l Investigate l Recover.

Monopolistic Competition & Oligopoly. Unit Objectives Describe the characteristics of monopolistic competition and oligopoly Discover how monopolistic.

Monopolistic Competition & Oligopoly

Securing Information Systems

Information Systems Security

Non-additive Security Games

Lecture 5. Security Threats

“Analysis of the Increase and Decrease Algorithms for Congestion Avoidance in Computer Networks” Lecture Note 7.

Answer the questions to reveal the blocks and guess the picture.

E-Commerce Theories & Practices

CHAPTER 4 Information Security.

Securing Information Systems

For modeling conflict and cooperation Schwartz/Teneketzis

Oligopoly Characteristics of an oligopoly market Few producers offering differentiated products High barriers to entry Interdependent.

Multiagent Systems Game Theory © Manfred Huber 2018.

“Analysis of the Increase and Decrease Algorithms for Congestion Avoidance in Computer Networks”

2016 International Conference on Grey Systems and Uncertainty Analysis

CLIENT/SERVER COMPUTING ENVIRONMENT

Lecture 3: Secure Network Architecture

Networking for Home and Small Businesses – Chapter 8

Net301 LECTURE 11 11/23/2015 Lect13 NET301.

Networking for Home and Small Businesses – Chapter 8

Networking for Home and Small Businesses – Chapter 8

Richard Ma, Sam Lee, John Lui (CUHK) David Yau (Purdue)

Normal Form (Matrix) Games

Presentation transcript:

Risk Models and Controlled Mitigation of IT Security R. Ann Miura-Ko Stanford University February 27, 2009

Malicious Attackers Denial of Service Viruses and Worms Data sniffing / spoofing Unauthorized Access Malware / Trojans Port scanning Defenders Attackers and Defenders Policies Firewalls Intrusion Detection Anti-Virus Software Authentication / Authorization Encryption Backup / Redundancy

Thesis Overview Mathematical modeling of IT Risk encompasses a large and relatively uncharted territory Modeled selected anchor points within the space focused on different levels of decision making: Inter-Organization and Industry level Investments Enterprise level resource allocation Physical layer control How do organizations invest their limited resources given the relationships they have with one another? Given an IT budget, how should a manager spend those resources over time? How do you design the physical infrastructure to meet reliability and security requirements?

Motivating Example: Web Authentication Same / similar username and password for multiple sites Security not equally important to all sites Shared risk for all

Literature Background Interdependent Security ▫ IT Security Leads to Externalities: Camp (2004) ▫ Tipping Point for Investments: Kunreuther and Heal (2003) ▫ Free Riding: Varian (2004) Network Game Theory ▫ Network Games: Galeotti et al. (2006) ▫ Linear Influence Network Games: Balleste and Calvo- Armengol (2007)

Model Fundamentals Companies make investments in security Companies have complex interdependencies ▫ Complementarities and competition ▫ Leads to positive and negative interactions Who invests and how much? Can we improve this equilibrium? What does the model say about policy?

Network Model Network = Directed Graph ▫ Nodes = Decision making agents ▫ Links = influence / interaction ▫ Weights = degree of influence

Incentive Model Each agent, i, selects investment, x i Security of i determined by total effective investment: Benefit received by agent i: Cost of investment: Net benefit:

How will agents react? Single stage game of complete information All agents maximize their utility function: b i is where the marginal cost = marginal benefit for agent i ViVi xixi slope = c i bibi If neighbor’s contribution > b i, x i =0 If neighbor’s contribution < b i, x i = difference

What is an equilibrium? Nash Equilibrium ▫ Stable point (vector of investments) at which no agent has incentive to change their current strategy ▫ This happens when: ▫ Leverage Linear Complementarity literature

Existence and Uniqueness Proposition 1: If W is strictly diagonally dominant,, then there exists a unique Nash Equilibrium for the proposed game Proof: Follows from standard LCP results which states that any P matrix (one with positive principal minors) will have a unique solution to the optimization problem. We simply show that a W matrix is a P matrix.

Convergence Proposition 2: If W is strictly diagonally dominant,, then asynchronous best response dynamics converges to the unique Nash Equilibrium from any starting point x(0)>0. The best response dynamics are described by: Proof: Follows from standard LCP results which provides a synchronous algorithm. Using the Asynchronous Convergence Theorem (Bertsekas), we can establish that the ABRD also converges

Contribution of player i if all players are isolated Contribution of player i in networked environment Investment made by i with no neighbors Impact of neighbors’ investments Free Riding One measure of contribution relative to what they need, free riding index: Another measure of relative contribution allows for network effects to be taken into account, fair share index:

Web Authentication Example Utility function:

Improving the Equilibrium Theorem 1: Suppose x i > 0 and x j > 0 for some i≠j. Then, there exists continuous trajectories, W(t) = (w kl (t)) and x ∗ (t) = (x k (t)) with t ∈ [0, T ] such that: 1. x ∗ (0) = x ∗, W(0) = W 2. x ∗ (t) is the (unique) equilibrium under W(t) ∀ t 3. x i (t) and x j (t) are strictly decreasing in t 4. x k (t) is constant for all k ∉ {i, j} and all t 5. W(t) is component-wise differentiable and increasing in t (weakly, in magnitude)

Improving the Equilibrium Proof sketch of Theorem 1: ▫ Observe: if the effective investments over the purple links are not changed, the investments in Group B will not change Group A Group B ▫ Pick 2 nodes: i,j ▫ For k ∉ {i.j}

Improvements to Equilibrium A linear increase in the strength of the links results in a nonlinear decrease in investments between nodes 1 and 2

Qualitative Implications For web authentication: ▫ Should high risk organizations subsidize the IT budgets of low risk organizations (e.g. Citibank works with non-profits to aid their authentication efforts)? ▫ Should government label websites by risk factor so users know which sites they can safely group together with a single password?