Abstract
This paper presents a game-theoretic method for analyzing the security of computer networks. We view the interactions between an attacker and the administrator as a two-player stochastic game and construct a model for the game. Using a nonlinear program, we compute Nash equilibria or best-response strategies for the players (attacker and administrator). We then explain why the strategies are realistic and how administrators can use these results to enhance the security of their network.
Similar content being viewed by others
References
Bell MGH (2001) The measurement of reliability in stochastic transport networks. In: Proceedings, IEEE Intelligent Transportation Systems, pp 1183–1188
Browne R (2000) C4I defensive infrastructure for survivability against multi-mode attacks. In: Proceedings of the conference on 21st century military communications: architectures and technologies for information superiority, 1:417–424
Burke D (1999) Towards a game theory model of information warfare. Master’s thesis, Graduate School of Engineering and Management, Airforce Institute of Technology, Air University
Butler SA (2002) Security attribute evaluation method: a cost-benefit approach. In: Proceedings of the international conference on software engineering, Orlando, FL, May 2002
Butler SA (2003) Security attribute evaluation method. PhD thesis, Carnegie Mellon University, Computer Science Department, Pittsburgh
Crume J (2000) Inside Internet security. Addison-Wesley, Reading, MA
Filar J, Vrieze K (1996) Competitive Markov decision processes. Springer, Berlin Heidelberg New York
Fudenberg D, Tirole J (1991) Game Theory. MIT Press, Cambridge, MA
Hespanha JP, Bohacek S (2001) Preliminary results in routing games. In: Proceedings of the 2001 American Control conference, 3:1904–1909
Jha S, Sheyner O, Wing J (2002) Minimization and reliability analyses of attack graphs. Carnegie Mellon University Technical Report CS-02-109, February
McInerney J, Stubberud S, Anwar S, Hamilton S (2001) Friars: a feedback control system for information assurance using a markov decision process. In: Proceedings of the IEEE 35th annual international Carnahan conference on security technology, pp 223–228
Meadows C (2001) A cost-based framework for analysis of denial of service in networks. J Comput Secur 9(1–2):143–164
Sheyner O, Jha S, Wing J (2002) Automated generation and analysis of attack graphs. In: Proceedings of the IEEE symposium on security and privacy, Oakland, CA
Stoneburner G, Goguen A, Feringa A (2001) Risk management guide for information technology systems. National Institute of Standards and Technology Special Publication, 800(30)
Syverson PF (1997) A different look at secure distributed computation. In: Proceedings of the 10th workshop on computer security foundations, pp 109–115
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Lye, Kw., Wing, J. Game strategies in network security. IJIS 4, 71–86 (2005). https://doi.org/10.1007/s10207-004-0060-x
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10207-004-0060-x