Advisor: Yeong-Sung Lin Presented by I-Ju Shih 2011/10/25 1 Research Direction Introduction.

Slides:



Advertisements
Similar presentations
The Basics of Game Theory
Advertisements

Research Direction Introduction Advisor: Frank, Yeong-Sung Lin Presented by Hui-Yu, Chung.
Collaboration Mechanisms in SOA based MANETs. Introduction Collaboration implies the cooperation between the nodes to support the proper functioning of.
3. Basic Topics in Game Theory. Strategic Behavior in Business and Econ Outline 3.1 What is a Game ? The elements of a Game The Rules of the.
What is Game Theory? It is part of the theory of purposeful behavior commonly known as rational choice theory. It specifically focuses on situations with.
Chapter 14 Infinite Horizon 1.Markov Games 2.Markov Solutions 3.Infinite Horizon Repeated Games 4.Trigger Strategy Solutions 5.Investing in Strategic Capital.
An Introduction to... Evolutionary Game Theory
© 2015 McGraw-Hill Education. All rights reserved. Chapter 15 Game Theory.
Game Theory: Inside Oligopoly
Game Theory Eduardo Costa. Contents What is game theory? Representation of games Types of games Applications of game theory Interesting Examples.
Game Theory Game theory is an attempt to model the way decisions are made in competitive situations. It has obvious applications in economics. But it.
Advisor: Yeong-Sung Lin Presented by I-Ju Shih 2011/9/13 Modeling secrecy and deception in a multiple- period attacker–defender signaling game 1.
Game-Theoretic Approaches to Critical Infrastructure Protection Workshop on Statistics and Counterterrorism November 20, 2004 Vicki Bier University of.
Advisor: Yeong-Sung Lin Presented by I-Ju Shih 2011/3/07 Defending simple series and parallel systems with imperfect false targets R. Peng, G. Levitin,
Using Game Theoretic Approach to Analyze Security Issues In Ad Hoc Networks Term Presentation Name: Li Xiaoqi, Gigi Supervisor: Michael R. Lyu Department:
Dinker Batra CLUSTERING Categories of Clusters. Dinker Batra Introduction A computer cluster is a group of linked computers, working together closely.
Sogang University ICC Lab Using Game Theory to Analyze Wireless Ad Hoc networks.
Network Security An Economics Perspective IS250 Spring 2010 John Chuang.
Robust Allocation of a Defensive Budget Considering an Attacker’s Private Information Mohammad E. Nikoofal and Jun Zhuang Presenter: Yi-Cin Lin Advisor:
Lecture 1 - Introduction 1.  Introduction to Game Theory  Basic Game Theory Examples  Strategic Games  More Game Theory Examples  Equilibrium  Mixed.
1 Introduction APEC 8205: Applied Game Theory. 2 Objectives Distinguishing Characteristics of a Game Common Elements of a Game Distinction Between Cooperative.
Games as Systems Administrative Stuff Exercise today Meet at Erik Stemme
Towards Modelling Information Security with Key-Challenge Petri Nets Teijo Venäläinen
Is scientific knowledge useful for decision making? CRICS 5 La Habana, April 2001.
Game theoretic models for detecting network intrusions OPLab 1.
4. Dynamic reliability models Objectives Be able to find reliability of series, parallel, stand-by and shared load parallel systems, when the reliabilities.
Social Networking and On-Line Communities: Classification and Research Trends Maria Ioannidou, Eugenia Raptotasiou, Ioannis Anagnostopoulos.
5. Alternative Approaches. Strategic Bahavior in Business and Econ 1. Introduction 2. Individual Decision Making 3. Basic Topics in Game Theory 4. The.
SAN FRANCISCO DRUG INTERDICTION SIGACT Analysis and Network Interdiction By: Adam Haupt and Austin Wang.
University of Cagliari, Faculty of Economics, Business Strategy and Policy A course within the II level degree in Managerial Economics year II,
A Learning-Based Approach to Reactive Security * Ben Rubinstein Microsoft Research Silicon Valley With: Adam Barth 1, Mukund Sundararajan 2, John Mitchell.
Maximization of Network Survivability against Intelligent and Malicious Attacks (Cont’d) Presented by Erion Lin.
Network Survivability Against Region Failure Signal Processing, Communications and Computing (ICSPCC), 2011 IEEE International Conference on Ran Li, Xiaoliang.
Protection vs. false targets in series systems Reliability Engineering and System Safety(2009) Kjell Hausken, Gregory Levitin Advisor: Frank,Yeong-Sung.
Optimal Voting Strategy Against Rational Attackers th International Conference on Risks and Security of Internet and Systems (CRiSIS) Presenter:
Robustness of complex networks with the local protection strategy against cascading failures Jianwei Wang Adviser: Frank,Yeong-Sung Lin Present by Wayne.
Decapitation of networks with and without weights and direction : The economics of iterated attack and defense Advisor : Professor Frank Y. S. Lin Presented.
Adviser: Frank, Yeong - Sung Lin Present by Jason Chang 1.
 Load balancing is the process of distributing a workload evenly throughout a group or cluster of computers to maximize throughput.  This means that.
Research Direction Introduction Advisor: Professor Frank Y.S. Lin Present by Hubert J.W. Wang.
Optimal Resource Allocation for Protecting System Availability against Random Cyber Attack International Conference Computer Research and Development(ICCRD),
University of Cagliari, Faculty of Economics, a.a Business Strategy and Policy A course within the II level degree in Managerial Economics year.
REDUNDANCY VS. PROTECTION VS. FALSE TARGETS FOR SYSTEMS UNDER ATTACK Gregory Levitin, Senior Member, IEEE, and Kjell Hausken IEEE Transactions on Reliability.
Advisor: Yeong-Sung Lin Presented by I-Ju Shih 2011/11/29 1 Defender Message Strategies to Maximize Network Survivability for Multi-Stage Defense Resource.
An Introduction to Game Theory Math 480: Mathematics Seminar Dr. Sylvester.
Research Direction Advisor: Frank,Yeong-Sung Lin Presented by Jia-Ling Pan 2010/10/211NTUIM OPLAB.
Grid Defense Against Malicious Cascading Failure Paulo Shakarian, Hansheng Lei Dept. Electrical Engineering and Computer Science, Network Science Center,
An Effective Method to Improve the Resistance to Frangibility in Scale-free Networks Kaihua Xu HuaZhong Normal University.
Advisor: Yeong-Sung Lin Presented by I-Ju Shih Defending against multiple different attackers Kjell Hausken, Vicki M. Bier 2011/3/14 1.
Resource Distribution in Multiple Attacks Against a Single Target Author: Gregory Levitin,Kjell Hausken Risk Analysis, Vol. 30, No. 8, 2010.
ECO290E: Game Theory Lecture 3 Why and How is Nash Equilibrium Reached?
Research Direction Introduction
Advisor: Frank,Yeong-Sung Lin 碩一 冠廷 1.  1.Introduction  2.The attack model 2.1. Even resource distribution between two attacks 2.2. Uneven resource.
Research Direction Introduction Advisor : Frank, Y.S. Lin Presented by Yu Pu Wu.
Research Direction Introduction Advisor: Frank, Yeong-Sung Lin Presented by Hui-Yu, Chung 2011/11/22.
Presented by Yu-Shun Wang Advisor: Frank, Yeong-Sung Lin Near Optimal Defense Strategies to Minimize Attackers’ Success Probabilities for networks of Honeypots.
Advisor: Yeong-Sung Lin Presented by I-Ju Shih 2011/11/29 1 Research Direction Introduction.
Advanced Subjects in GT Outline of the tutorials Static Games of Complete Information Introduction to games Normal-form (strategic-form) representation.
O PTIMAL R EPLACEMENT AND P ROTECTION S TRATEGY FOR P ARALLEL S YSTEMS R UI P ENG, G REGORY L EVITIN, M IN X IE AND S ZU H UI N G Adviser: Frank, Yeong-Sung.
Presented by Edith Ngai MPhil Term 3 Presentation
Game Theory in Wireless and Communication Networks: Theory, Models, and Applications Lecture 2 Bayesian Games Zhu Han, Dusit Niyato, Walid Saad, Tamer.
Network Optimization Research Laboratory
Advisor: Yeong-Sung Lin Presented by Chi-Hsiang Chan
Considering Multi-objective Resource Allocation Strategies under Attack-Defense Roles and Collaborative Attacks 考慮攻防雙角色與協同攻擊情況下之多目標資源分配策略 Advisor: Frank,Yeong-Sung.
Game Theory in Wireless and Communication Networks: Theory, Models, and Applications Lecture 10 Stochastic Game Zhu Han, Dusit Niyato, Walid Saad, and.
Presented by Yu-Shun Wang
EASTERN MEDITERRANEAN UNIVERSITY DEPARTMENT OF INDUSTRIAL ENGINEERING IENG314 OPERATIONS RESEARCH II SAMIR SAMEER ABUYOUSSEF
Advisor: Frank,Yeong-Sung Lin 碩一 冠廷
Optimal defence of single object with imperfect false targets
Blockchain Mining Games
Presentation transcript:

Advisor: Yeong-Sung Lin Presented by I-Ju Shih 2011/10/25 1 Research Direction Introduction

Agenda 2011/10/25 2 Introduction Network Survivability Problem Description

Introduction 2011/10/25 3

Game theory 2011/10/25 4 Game theory is a way to analyze interaction among a group of rational agents who behave strategically. Game theory has been successfully applied in different areas as competition, biology, economics, political science, computer science, military strategy, and more.

Finitely repeated game 2011/10/25 5 In recent years, the game theory has been applied in lots of network security issues. In the real world, attackers and defenders frequently interact repeatedly over time. The interaction between attacker and defender could be viewed as an N-period game.

Non-cooperative game 2011/10/25 6 Games are classified into two major classes: cooperative games and non-cooperative games. In the context of information security, cyber attacker would not cooperate with network defender. X

Incomplete information 2011/10/25 7 In traditional non-cooperative games it is assumed that 1. The players are rational. 2. There are no enforceable agreements between players. 3. The players know all the data of the game. However, real-game situations may involve other types of uncertainty. The players may lack complete information about other players or themselves.

Sequential game 2011/10/25 8 Most past literature has focused on sequential games in which the defender moves first, since network defender will be able to deter cyber attacker or shift attack to unimportant target.

High availability 2011/10/25 9 Users want their systems, for example hospitals, airplanes or computers, to be ready to serve them at all times. High availability (HA) is a system design approach and associated service implementation that ensures a prearranged level of operational performance will be met during a contractual measurement period.

High availability 2011/10/25 10 High availability (HA) clusters operate by harnessing redundant computers in groups or clusters that provide continued service when system components fail. High availability (HA) clusters can sometimes be categorized into one of the following models: Active/active Active/passive High availability (HA) cluster implementations attempt to build redundancy into a cluster to eliminate single point of failure.

Network Survivability 2011/10/25 11

ADOD (Average Degree of Disconnectivity) 2011/10/25 12 DOD (Degree of Disconnectivity) Contest success function

DOD 2011/10/25 13 The DOD (Degree of Disconnectivity) metric could be used to measure the damage degree of network. Definition

DOD 2011/10/25 14 OD pairs = route 1, 2 1, 3 1, 2, 4 (1, 3, 4) 2, 4, 3 (2, 1, 3) 2, 4 3, 4

DOD 2011/10/25 15 OD pairs = DOD = 3/ routenumber of broken node 1, 21 1, 31 1, 2, 4 (1, 3, 4)1 2, 4, 3 (2, 1, 3)0 2, 40 3, 40

DOD 2011/10/25 16 OD pairs = DOD = 6/ routenumber of broken node 1, 22 1, 31 1, 2, 4 (1, 3, 4)1 2, 4, 3 (2, 1, 3)1 2, 41 3, 40

DOD 2011/10/25 17 OD pairs = DOD = 10/ routenumber of broken node 1, 22 1, 32 1, 2, 4 (1, 3, 4)2 2, 4, 3 (2, 1, 3)2 2, 41 3, 41

DOD 2011/10/25 18 OD pairs = DOD = 14/ routenumber of broken node 1, 22 1, 32 1, 2, 4 (1, 3, 4)3 2, 4, 3 (2, 1, 3)3 2, 42 3, 42

DOD 2011/10/25 19 The larger number of the DOD value, the more damage degree of network would be.

Contest success function (CSF) 2011/10/25 20 Skaperdas, S., Contest success functions. Economic Theory 7, 283–290. Definition T:the attacker’s budget t:the defender’s budget m:contest intensity S:attack success probability

ADOD example 2011/10/25 21 Node statesAttack success probability (S)DODS*DOD 1, 2, 3, 4(1-S 1 )*(1-S 2 )*(1-S 3 )*(1-S 4 )00 1, 2, 3, 4S 1 *(1-S 2 )*(1-S 3 )*(1-S 4 )3/63/6*S 1 *(1-S 2 )*(1- S 3 )*(1-S 4 ) … 1, 2, 3, 4S 1 *S 2 *S 3 *S 4 14/614/6*S 1 *S 2 *S 3 *S 4

ADOD (Average Degree of Disconnectivity) 2011/10/25 22 The larger number of the Average DOD value is, the more damage degree of the network would be.

Problem Description 2011/10/25 23

Defender versus Attacker 2011/10/25 24 DefenderAttacker Information1. Common knowledgeThe information is known to both. 2. Defender’s private information (ex. node’s valuation, node’s type, and network topology) The defender knew all of it. The attacker knew a part of it. 3. The defender’s other information (ex. system vulnerabilities) The defender did not know it before the game starts. The attacker knew a part of it.

Defender versus Attacker 2011/10/25 25 DefenderAttacker Budget1. Based on the importance of node Defense.Attack. 2. On each nodeReleasing message.Updating information. 3. Reallocated or recycledYes. But the defender needed extra cost. No. 4. RewardNo.Yes. If the attacker compromised a node, the node’s resource could be controlled by the attacker before the defender has not repaired it yet. 5. Repaired nodeYes.No. 6. Resource accumulationYes. But the resource needed to be discounted.

Defender versus Attacker 2011/10/25 26 DefenderAttacker Immune benefit Yes. The defender could update information about system vulnerabilities after attacks. No. RationalityFull or bounded rationality.

Objective 2011/10/25 27 The network survivability is measured by ADOD. The game has two players: an attacker (he, A) and a defender (she, D). Defender Objective - minimize the damage of the network (ADOD). Budget Constraint -  deploying the defense budget in nodes  repairing the compromised node  releasing message in nodes Attacker Objective - maximize the damage of the network (ADOD). Budget Constraint –  deploying the attack budget in nodes  updating information

Defender’s characteristics- Private information (Defender’s view) 2011/10/25 28 The defender has private information, including each node’s valuation, each node’s type and network topology.

2011/10/25 29 The defender has private information, including each node’s valuation, each node’s type and network topology. Defender’s characteristics- Private information (Attacker’s view)

Defender’s characteristics 2011/10/25 30 Effective resources: t m. Resource reallocation, recycling and accumulation. Each node’s type. Bounded rationality. High availability system.

Attacker’s characteristics 2011/10/25 31 Attacker’s private information: attacker’s budget and something defender did not know. Effective resources: T m. Resource growth: attacker could increase resources when the attacker compromised network nodes. Resource accumulation. Bounded rationality.

Defender’s action 2011/10/25 32 In each round, the defender moves first, determines strategy and chooses message which may be truth, deception or secrecy to each node.

Message releasing 2011/10/25 33 Message releasing can be classified into two types.  A node’s information could be divided into different parts to release message by the defender.  The defender could release a node’s defensive state as a message to the attacker.

Message releasing- type /10/25 34 The defender could choose a part of information from a node according to his strategy which released truthful message, deceptive message or secrecy.

Message releasing- type 1 example 2011/10/25 35 The defender chooses : 1. Truthful message if and only if message = actual information; 2. Secrecy if and only if message is secret; 3. Deceptive message if and only if message ≠ actual information. Defender 1.OS: Linux 2.FTP: Filezilla server 3.DB: MYSQL Cost: Deceptive message > Secrecy > Truthful message Message 1.OS: Linux 2.FTP: Filezilla server 3.DB: MYSQL Message 1.OS: Win 7 2.FTP: Filezilla server 3.DB: unknown

Message releasing- type 1 scenario (Defender's view in each round ) 2011/10/25 36 The defender chose the part of information to release truth message The defender chose the part of information to use deception Keep the node’s part of information secret

2011/10/25 37 The defender chose the part of information to release truth message The defender chose the part of information to use deception Keep the node’s part of information secret Message releasing- type 1 scenario (Defender's view in each round )

Message releasing- type /10/25 38 The defender released different message, which are truth, deception or secrecy, on each node as a mixed strategy.

Message releasing- type 2 scenario (Defender's view in each round ) 2011/10/25 39 The defender’s actual strategy: Defense resource on node i The defender’s message: Defense resource on node i Keep defender’s actual strategy secret

Message releasing- type 2 scenario (Defender's view in each round ) 2011/10/25 40 The defender’s actual strategy: Defense resource on node i The defender’s message: Defense resource on node i Keep defender’s actual strategy secret

Message releasing- type 2 scenario (Defender's view in each round ) 2011/10/25 41 The defender’s actual strategy: Defense resource on node i The defender’s message: Defense resource on node i Keep defender’s actual strategy secret

Message releasing- type 2 scenario (Defender's view in each round ) 2011/10/25 42 The defender’s actual strategy: Defense resource on node i The defender’s message: Defense resource on node i Keep defender’s actual strategy secret

Message releasing- type 2 scenario (Attacker's view in each round ) 2011/10/25 43 The defender’s actual strategy: Defense resource on node i The defender’s message: Defense resource on node i Keep defender’s actual strategy secret

The effect of deception/secrecy 2011/10/25 44 The effect of deception or secrecy would be discounted if the attacker knew defender’s partial private information.

The effect of deception/secrecy 2011/10/25 45 The effect of deception or secrecy would be zero if the attacker knew something that the defender did not know.

Immune benefit 2011/10/25 46 Although the attacker knows something that the defender did not know, the defender can update information after observing the result of each round’s contest. After the defender updated information, she had immune benefit which means that the attacker was unable to use identical attack.

Defender’s resources 2011/10/25 47 From the view of the defender, the budget could be reallocated or recycled but the discount factor is also considered. The defender could accumulate resources to decrease attack success probability to defend network nodes in next time.

Defender’s resources example – type 2 scenario 2011/10/25 48 The defender’s actual strategy: Defense resource on node i The defender’s message: Defense resource on node i Keep defender’s actual strategy secret Defender Recycled Reallocated

Attacker’s information 2011/10/25 49 The attacker knows only partial network topology. The attacker could update information after observing the result of each round’s contest and defender’s messages.

Attacker’s resources 2011/10/25 50 The attacker could accumulate experience to increase attack success probability to compromise network nodes in next time. The attacker could increase resources when the attacker compromised network nodes. i In the first round, the attacker put 3 units of attack budget to collect information of node i. In the second round, the attacker put 6 units of attack budget to attack node i. Total attack resource= 3*discount rate +6

Attacker’s resources example – type 2 scenario 2011/10/25 51 The defender’s actual strategy: Defense resource on node i The defender’s message: Defense resource on node i Keep defender’s actual strategy secret

Network topology 2011/10/25 52 Consider a complex system with n nodes in series- parallel. A node consists of M components which may be different components or the same. (M ≥ 1)

Network topology 2011/10/25 53 A node’s composition could be classified into two types.  A node with backup component  A k-out-of-m node

Network topology 2011/10/25 54 The relationship between nodes could be classified into three types.  Independent A node can function solely.

Network topology 2011/10/25 55 The relationship between nodes could be classified into three types.  Dependent When a node was destroyed, the node dependent on the destroyed node was also destroyed.

Network topology 2011/10/25 56 The relationship between nodes could be classified into three types.  Interdependent When a node was destroyed, the node interdependent on the destroyed node was also destroyed and vice versa.

2011/10/25 57

Thanks for your listening. 2011/10/25 58

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.