Abstract
Intrusion Detection Systems (IDS) are security tools that aim to detect tentative of virus propagation between two interconnected devices. As the propagation of a virus or malware is dynamic and can be strategically controlled by the attacker, we model the problem of optimally determining IDS position in a network as a partially observable zero-sum stochastic Minimum-Threat path game (POSMPG). The goal of the attacker is to infect a maximum number of nodes at a given instant, and then a state-extended stochastic game framework is proposed in order to get optimality equations. We are then able to determine optimal solutions of the POSMPG and to apply our result to an adversarial control of virus propagation on a network.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
The reward of player 2 is assumed positive in [20].
- 2.
In the case of epidemic for example, \(\varphi \left( z\right) \) is the number of infected nodes in state z.
- 3.
One can take \(S^{\gamma }_{N} = S \times \mathbbm {N}\).
References
Ansari, A., Dadgar, M., Hamzeh, A., Schlötterer, J., Granitzer, M.: Competitive influence maximization: integrating budget allocation and seed selection. https://www.researchgate.net/profile/Masoud-Dadgar-2/publication/338228670_Competitive_Influence_Maximization_Integrating_Budget_Allocation_and_Seed_Selection/links/5e177f904585159aa4c2d628/Competitive-Influence-Maximization-Integrating-Budget-Allocation-and-Seed-Selection.pdf
Antonakakis, M., et al.: Understanding the Mirai botnet. In: 26th USENIX Security Symposium, pp. 1093–1110 (2017). https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/antonakakis
Chakrabarti, D., Wang, Y., Wang, C., Leskovec, J., Faloutsos, C.: Epidemic thresholds in real networks. ACM Trans. Inf. Syst. Secur. 10(4), 1–26 (2008). https://doi.org/10.1145/1284680.1284681
Chen, L., Wang, Z., Li, F., Guo, Y., Geng, K.: A stackelberg security game for adversarial outbreak detection in the internet of things. Sensors 20, 804 (2020). https://doi.org/10.3390/s20030804
Chen, Z., Gao, L., Kwiat, K.: Modeling the spread of active worms. In: IEEE INFOCOM, vol. 3, pp. 1890–1900. IEEE (2003)
Cohen, R., Havlin, S., Ben-Avraham, D.: Efficient immunization strategies for computer networks and populations. Phys. Rev. Lett. 91, 247901 (2013)
Garg, N., Grosu, D.: Deception in honeynets: a game-theoretic analysis. In: 2007 IEEE SMC Information Assurance and Security Workshop, pp. 107–113 (2007)
Horák, K.: Scalable algorithms for solving stochastic games with limited partial observability. Ph.D. thesis, Czech Technical University in Prague (2019)
Horák, K., Bosansky, B., Tomášek, P., Kiekintveld, C., Kamhoua, C.: Optimizing honeypot strategies against dynamic lateral movement using partially observable stochastic games. Comput. Secur. 87, 101579 (2019). https://doi.org/10.1016/j.cose.2019.101579
Horák, K., Bošanský, B., Pĕchouček, M.: Heuristic search value iteration for one-sided partially observable stochastic games. In: International Joint Conference on Artificial Intelligence, vol. 31, pp. 558–564 (2017). ISBN 978-1-57735-780-3
Huang, Y., Zhu, Q.: Game-theoretic frameworks for epidemic spreading and human decision-making: a review. Dyn. Games Appl. 1–42 (2022)
Kephart, J., White, S.: Directed-graph epidemiological models of computer viruses. In: Proceedings of IEEE Symposium Research Security and Privacy (1991)
Kiss, I.Z., Miller, J.C., Simon, P.L., et al.: Mathematics of Epidemics on Networks, vol. 598. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-50806-1
Kolias, C., Kambourakis, G., Stavrou, A., Voas, J.: DDoS in the IoT: Mirai and other botnets. Computer 50(7), 80–84 (2017)
Kumar, B., Bhuyan, B.: Using game theory to model DoS attack and defence. Sādhanā 44(12), 1–12 (2019). https://doi.org/10.1007/s12046-019-1228-4
Puterman, M.L.: Markov Decision Processes: Discrete Stochastic Dynamic Programming. Wiley, Hoboken (2014)
Raghavan, T.: Stochastic games-an overview. In: Stochastic Games and Related Topics, pp. 1–9 (1991)
Schneider, C., Mihaljev, T., Havlin, S., Herrmann, H.: Suppressing epidemics with a limited amount of immunization units. Phys. Rev. E 84, 061911 (2011). https://doi.org/10.1103/PhysRevE.84.061911
Shapley, L.S.: Stochastic games. Proc. Natl. Acad. Sci. 39, 1095–1100 (1953)
Tomášek, P., Horák, K., Aradhye, A., Bošanskỳ, B., Chatterjee, K.: Solving partially observable stochastic shortest-path games (2021). https://www.ijcai.org/proceedings/2021/0575.pdf
Trajanovski, S., Hayel, Y., Altman, E., Wang, H., Mieghem, P.: Decentralized protection strategies against sis epidemics in networks. IEEE Trans. Control Netw. Syst. 2, 406–419 (2015). https://doi.org/10.1109/TCNS.2015.2426755
Trajanovski, S., Kuipers, F., Hayel, Y., Altman, E., Mieghem, P.: Designing virus-resistant, high-performance networks: a game-formation approach. IEEE Trans. Control Netw. Syst. 5(4), 1682–1692 (2017). https://doi.org/10.1109/TCNS.2017.2747840
Tsemogne, O., Hayel, Y., Kamhoua, C., Deugoue, G.: Partially observable stochastic games for cyber deception against network epidemic. In: 11th International Conference GameSec (2020)
Tsemogne, O., Hayel, Y., Kamhoua, C., Deugoué, G.: Game-theoretic modeling of cyber deception against epidemic botnets in internet of things. IEEE Internet Things J. 9(4), 2678–2687 (2021)
Tsemogne, O., Hayel, Y., Kamhoua, C., Deugoue, G.: A partially observable stochastic zero-sum game for a network epidemic control problem. Dyn. Games Appl. 12(1), 82–109 (2022)
Van Mieghem, P., Omic, J., Kooij, R.: Virus spread in networks. IEEE/ACM Trans. Netw. 17(1), 1–14 (2009)
Acknowledgments
Research was sponsored by the U.S. Army Research Office and was accomplished under Cooperative Agreement Number W911NF-22-2-0175 and Grant Number W911NF-21-1-0326. The views and conclusions contained in this document are those of the authors and should not be interpreted as representing the official policies, either expressed or implied, of the U.S. Army Research Laboratory or the U.S. Government. The U.S. Government is authorized to reproduce and distribute reprints for Government purposes notwithstanding any copyright notation herein.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Tsemogne, O., Hayel, Y., Kamhoua, C., Deugoué, G. (2023). Optimizing Intrusion Detection Systems Placement Against Network Virus Spreading Using a Partially Observable Stochastic Minimum-Threat Path Game. In: Fang, F., Xu, H., Hayel, Y. (eds) Decision and Game Theory for Security. GameSec 2022. Lecture Notes in Computer Science, vol 13727. Springer, Cham. https://doi.org/10.1007/978-3-031-26369-9_14
Download citation
DOI: https://doi.org/10.1007/978-3-031-26369-9_14
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-26368-2
Online ISBN: 978-3-031-26369-9
eBook Packages: Computer ScienceComputer Science (R0)