Skip to main content
SpringerLink
Log in

A multiresolution approach for optimal defense against random attacks

  • Regular Contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

Whether it be one security expert covering more systems or reducing total man-hours, there has always been a push to do more with less. Intuitively, we realize different systems need different levels of security. To aid in this effort, we develop multiresolution attacker/defender games by combining two game theoretic approaches: resource assignment and optimal response. We use the resource assignment game to determine the level of detail necessary to build the game needed to respond optimally to attacks. To aid in the selection of a resource assignment game and an optimal response game, we present considerations and survey numerous works. Further resource savings are possible when the optimal response games share features. Even though effort sharing between systems ought to be addressed during the resource-allocation game, we present both a linear effort sharing model and a method for solving post hoc. An illustrative example demonstrates the potential savings from our technique.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1

Similar content being viewed by others

Notes

  1. For a complete list see http://www.issn.org/services/online-services/access-to-the-ltwa/.

  2. \(Q\) allows us to solve for \(u_i\) despite each \(u_i\) depending on all other \(u_j\).

  3. See http://pmesii.dm2research.com/wiki/index.php/Main_Page.

  4. An \(\varepsilon \)-Nash equilibrium occurs when the attacker’s assumed prior distribution of the defender’s responses are sufficiently close to the defender’s actual choice of defense actions.

  5. Again any pair can used together, but the more similar the frameworks between the resource-allocation problem and the optimal response problem, the more consistent the assumptions.

  6. Further discussion of how resources ought to be spent on each component of the game is left open for future research.

  7. These are only typical conditions and not requirements.

  8. When \(\underline{\underline{A}}\) has no negative entries, the only way to compensate for an asset getting too much effort would be to give another project insufficient effort.

  9. By lexicographic we mean the first objective is minimized, then the second objective is minimized with the additional constraint that the first objective remains at its optimal value.

  10. To minimize the square of the deficiencies, use a quadratic program to minimize \(e^{\intercal } e\).

  11. The player risk attitude should be inherited from the resource-allocation game.

References

  1. Azaiez, M., Bier, V.M.: Optimal resource allocation for security in reliability systems. Eur. J. Oper. Res. 181(2), 773–786 (2007). doi:10.1016/j.ejor.2006.03.057. http://www.sciencedirect.com/science/article/pii/S0377221706004747

  2. Bier, V.: Game-theoretic and reliability methods in counterterrorism and security. In: Wilson, G.A., Wilson, D.G., Olwell, D.H. (eds.) Statistical Methods in Counterterrorism, pp. 23–40. Springer, New York (2006)

    Chapter  Google Scholar 

  3. Bier, V., Oliveros, S., Samuelson, L.: Choosing what to protect: strategic defensive allocation against an unknown attacker. J. Public Econ. Theory 9(4), 563–587 (2007). doi:10.1111/j.1467-9779.2007.00320.x

    Article  Google Scholar 

  4. Bier, V.M., Nagaraj, A., Abhichandani, V.: Protection of simple series and parallel systems with components of different values. Reliab. Eng. Syst. Saf. 87(3), 315–323 (2005). doi:10.1016/j.ress.2004.06.003. http://www.sciencedirect.com/science/article/pii/S0951832004001309

  5. Brown, D., Efendiev, Y., Hoang, V.: An efficient hierarchical multiscale finite element method for stokes equations in slowly varying media. Multiscale Model. Simul. 11(1), 30–58 (2013). doi:10.1137/110858525

    Article  MATH  MathSciNet  Google Scholar 

  6. Carin, L., Cybenko, G., Hughes, J.: Cybersecurity strategies: the queries methodology. Computer 41(8), 20–26 (2008). doi:10.1109/MC.2008.295

    Article  Google Scholar 

  7. Drewry, D.T., Reynolds, P.F., Emanuel, W.R.: An optimization-based multi-resolution simulation methodology.In: Winter Simulation Conference. San Diego, California, USA (2002)

  8. Garland, M.: Multiresolution modeling: survey & future opportunities. In: Seidel, H.P., Coquillart, S. (eds.) 1999 STAR Proc. Eurographics, pp. 111–131. Eurographics Association, Milano, Italy (1999)

    Google Scholar 

  9. George, A.L., Smoke, R.: Deterrence in American Foreign Policy: Theory and practice, Chap. 1. Columbia University Press, New York (1974)

    Google Scholar 

  10. Golany, B., Kress, M., Penn, M., Rothblum, U.G.: Network optimization models for resource allocation in developing military countermeasures. Oper. Res. 60(1), 48–63 (2012). doi:10.1287/opre.1110.1002

    Article  MATH  MathSciNet  Google Scholar 

  11. Golany, B., Kress, M., Penn, M., Rothblum, U.G.: Resource allocation in an asymmetric technology race with temporary advantages. Nav. Res. Logist. (NRL) 59(2), 128–145 (2012). doi:10.1002/nav.21477

    Article  MATH  MathSciNet  Google Scholar 

  12. Goswami, P., Erol, F., Mukhi, R., Pajarola, R., Gobbetti, E.: An efficient multi-resolution framework for high quality interactive rendering of massive point clouds using multi-way kd-trees. Vis. Comput. 29(1), 69–83 (2013). doi:10.1007/s00371-012-0675-2

    Article  Google Scholar 

  13. Hausken, K.: Probabilistic risk analysis and game theory. Risk Anal. 22(1), 17–27 (2002). doi:10.1111/0272-4332.t01-1-00002

    Article  Google Scholar 

  14. Hausken, K.: Strategic defense and attack for series and parallel reliability systems: simultaneous moves by defender and attacker. Tech. Rep. 6, University of Stavanger, N-4036 Stavanger, Norway (2007)

  15. Hausken, K.: Strategic defense and attack for reliability systems. Reliab. Eng. Syst. Saf. 93(11), 1740–1750 (2008). doi:10.1016/j.ress.2007.11.002. http://www.sciencedirect.com/science/article/pii/S0951832007002578

  16. Hausken, K.: Strategic defense and attack for series and parallel reliability systems. Eur. J. Oper. Res. 186(2), 856–881 (2008). doi:10.1016/j.ejor.2007.02.013. http://www.sciencedirect.com/science/article/pii/S0377221707002214

  17. Hausken, K.: Strategic defense and attack of complex networks. Int. J. Perform. Eng. 5(1), 13–30 (2009)

    MathSciNet  Google Scholar 

  18. Hausken, K.: Defense and attack of complex and dependent systems. Reliab. Eng. Syst. Saf. 95(1), 29–42 (2010). doi:10.1016/j.ress.2009.07.006. http://www.sciencedirect.com/science/article/pii/S0951832009001914

  19. Hausken, K.: Defense and attack of two-component multi-state systems. Int. J. Perform. Eng. 7(3), 205–216 (2011)

    MathSciNet  Google Scholar 

  20. Hausken, K.: Protecting complex infrastructures against multiple strategic attackers. Int. J. Syst. Sci. 42, 11–29 (2011)

  21. Hausken, K.: Strategic defense and attack of series systems when agents move sequentially. IIE Trans. 43(7), 483–504 (2011). doi:10.1080/0740817X.2010.541178

    Article  Google Scholar 

  22. Hausken, K., Bier, V.M.: Defending against multiple different attackers. Eur. J. Oper. Res. 211(2), 370–384 (2011)

    Article  MATH  MathSciNet  Google Scholar 

  23. Hausken, K., Bier, V.M., Azaiez, M.N.: Defending against terrorism, natural disaster, and all hazards. In: Bier, V.M., Azaiez, M.N. (eds.) Game Theor. Risk Anal. of Secur. Threats, Int. Ser. Oper. Res. & Manag. Sci. chap. 4, vol. 128, pp. 1–33. Springer, New York (2009). doi:10.1007/978-0-387-87767-94

  24. Hausken, K., Levitin, G.: Efficiency of even separation of parallel elements with variable contest intensity. Risk Anal. 28(5), 1477–1486 (2008). doi:10.1111/j.1539-6924.2008.01090.x

    Article  Google Scholar 

  25. Hausken, K., Levitin, G.: Minmax defense strategy for complex multi-state systems. Reliab. Eng. Syst. Saf. 94(2), 577–587 (2009). doi:10.1016/j.ress.2008.06.005. http://www.sciencedirect.com/science/article/pii/S0951832008001841

  26. Hausken, K., Levitin, G.: Protection vs. false targets in series systems. Reliab. Eng. Syst. Saf. 94(5), 973–981 (2009). doi:10.1016/j.ress.2008.11.003. http://www.sciencedirect.com/science/article/pii/S0951832008002664

  27. Hausken, K., Levitin, G.: Protection vs. separation in parallel non-homogeneous systems. Int. J. Reliab. Qual. Perform. 1(1), 54–65 (2009)

    MathSciNet  Google Scholar 

  28. Hausken, K., Levitin, G.: Defence of homogeneous parallel multi-state systems subject to two sequential attacks. Proc. Inst. Mech. Eng. Part O J. Risk Reliab. 224(3), 171–183 (2010)

    MathSciNet  Google Scholar 

  29. Hausken, K., Levitin, G.: Review of systems defense and attack models. Int. J. Perform. Eng. 8(4), 355–366 (2012)

    Google Scholar 

  30. Hausken, K., Zhuang, J.: Defending against a terrorist who accumulates resources. Mil. Oper. Res. 16(1), 21–39 (2011). doi:10.5711/1082598316121. http://www.ingentaconnect.com/content/mors/mor/2011/00000016/00000001/art00003

  31. Hausken, K., Zhuang, J.: Governments’ and terrorists’ defense and attack in a t-period game. Decis. Anal. 8(1), 46–70 (2011). doi:10.1287/deca.1100.0194

    Article  MathSciNet  Google Scholar 

  32. Hausken, K., Zhuang, J.: The timing and deterrence of terrorist attacks due to exogenous dynamics. J. Oper. Res. Soc. 63(6), 725–726 (2012). doi:10.1057/jors.2011.79

    Article  Google Scholar 

  33. Hsu, S.P., Arapostathis, A.: Competitive markov decision processes with partial observation. In: 2004 IEEE Int. Conf. Syst. Man & Cybern., vol. 1, pp. 236–241. The Hague, The Netherlands (2004). doi:10.1109/ICSMC.2004.1398303

  34. Irnich, S., Desaulniers, G.: Shortest path problems with resource constraints. In: Desaulniers, G., Desrosiers, J., Solomon, M. (eds.) Column Generation, pp. 33–65. Springer, US (2005). doi:10.1007/0-387-25486-22

    Chapter  Google Scholar 

  35. Jia, H., Skaperdas, S., Vaidya, S.: Contest functions: theoretical foundations and issues in estimation. Int. J. Ind. Organ. 31(3), 211–222 (2013). doi:10.1016/j.ijindorg.2012.06.007. http://www.sciencedirect.com/science/article/pii/S0167718712000811

  36. Kobbelt, L., Campagna, S., Vorsatz, J., Seidel, H.P.: Interactive multi-resolution modeling on arbitrary meshes. In: Proc. the 25th Annual Conf. on Comput. Graph. and Interact. tech., SIGGRAPH ’98, pp. 105–114. ACM, New York (1998). doi:10.1145/280814.280831

  37. Levitin, G.: Optimal defense strategy against intentional attacks. IEEE Trans. Reliab. 56(1), 148–157 (2007). doi:10.1109/TR.2006.884599

    Article  MathSciNet  Google Scholar 

  38. Levitin, G.: False targets in defence strategies against intentional attacks. Int. J. Perform. Eng. 5(5), 433–446 (2009)

    Google Scholar 

  39. Levitin, G.: Optimal distribution of constrained resources in bi-contest detection-impact game. Int. J. Perform. Eng. 5(1), 45–54 (2009)

    MathSciNet  Google Scholar 

  40. Levitin, G.: Optimizing defense strategies for complex multi-state systems. In: Bier, V.M., Azaiez, M.N. (eds.) Game Theoretic Risk Analysis of Security Threats, International Series in Operations Research & Management Science, vol. 128, pp. 1–32. Springer, US (2009). doi:10.1007/978-0-387-87767-93

    Google Scholar 

  41. Levitin, G., Ben-Haim, H.: Importance of protections against intentional attacks. Reliab. Eng. Syst. Saf. 93(4), 639–646 (2008). doi:10.1016/j.ress.2007.03.016. http://www.sciencedirect.com/science/article/pii/S0951832007001160

  42. Levitin, G., Hausken, K.: Protection vs. redundancy in homogeneous parallel systems. Reliab. Eng. Syst. Saf. 93(10), 1444–1451 (2008). doi:10.1016/j.ress.2007.10.007. http://www.sciencedirect.com/science/article/pii/S0951832007002530

  43. Levitin, G., Hausken, K.: Intelligence and impact contests in systems with redundancy, false targets, and partial protection. Reliab. Eng. Syst. Saf. 94(12), 1927–1941 (2009). doi:10.1016/j.ress.2009.06.010. http://www.sciencedirect.com/science/article/pii/S0951832009001616

  44. Levitin, G., Hausken, K.: Parallel systems under two sequential attacks. Reliab. Eng. Syst. Saf. 94(3), 763–772 (2009). doi:10.1016/j.ress.2008.08.006. http://www.sciencedirect.com/science/article/pii/S0951832008002147

  45. Levitin, G., Hausken, K.: Separation in homogeneous systems with independent identical elements. Eur. J. Oper. Res. 203(3), 625–634 (2010). doi:10.1016/j.ejor.2009.08.016. http://www.sciencedirect.com/science/article/pii/S037722170900558X

  46. Luenberger, D.G., Ye, Y.: Linear and Nonlinear Programming, Int. Ser. Oper. Res. & Manag. Sci., vol. 116. Springer Science+Business Media, LLC, New York (2008)

    Google Scholar 

  47. Luo, Y., Al-Nashif, Y., Szidarovszky, F., Hariri, S.: Game tree based partially observable stochastic game model for intrusion defense systems (IDS). In: IIE Annual Conf. & EXPO (IERC 2009). Miami (2009)

  48. Luo, Y., Szidarovszky, F., Al-Nashif, Y., Hariri, S.: A game theory based risk and impact analysis method for intrusion defense systems. In: 2009 IEEE/ACS International Conference on Computer Systems and Applications (AICCSA), pp. 975–982. IEEE (2009)

  49. Luo, Y., Szidarovszky, F., Al-Nashif, Y., Hariri, S.: Game theory based network security. J. Inf. Secur. 1, 41–44 (2010)

    Article  Google Scholar 

  50. Luo, Y., Szidarovszky, F., Al-Nashif, Y., Hariri, S.: A fictitious play approach for multi-stage intrusion defense systems. Int. J. Inf. Secur. (2011, in press)

  51. Mansoor, P.: Linking doctrine to action: a new coin center-of-gravity analysis. Tech. rep, DTIC Document (2007)

  52. Park, D., Ramanan, D., Fowlkes, C.: Multiresolution models for object detection. In: Comput. Vis.-ECCV 2010, pp. 241–254. Springer, Berlin Heidelberg (2010)

  53. Peng, R., Levitin, G., Xie, M., Ng, S.: Defending simple series and parallel systems with imperfect false targets. Reliab. Eng. Syst. Saf. 95(6), 679–688 (2010). doi:10.1016/j.ress.2010.02.008. http://www.sciencedirect.com/science/article/pii/S0951832010000438

  54. Penrose, R., Todd, J.A.: On best approximate solutions of linear matrix equations. Math. Proc. Camb. Philos. Soc. 52, 17–19 (1956). doi:10.1017/S0305004100030929. http://journals.cambridge.org/article_S0305004100030929

  55. Raab, M., Steger, A.: “Balls into bins”—a simple and tight analysis. In: Luby, M., Rolim, J.D., Serna, M. (eds.) Randomization and Approximation Techniques in Computer Science. Lecture Notes in Computer Science, vol. 1518, pp. 159–170. Springer, Berlin Heidelberg (1998). doi:10.1007/3-540-49543-613

  56. Reynolds Jr, P.F., Natrajan, A., Srinivasan, S.: Consistency maintenance in multi-resolution simulations. ACM Trans. Model. Comput. Sim. 7(3), 368–392 (1997). doi:10.1145/259207.259235

    Article  MATH  Google Scholar 

  57. Samuelson, P.A.: The fundamental approximation theorem of portfolio analysis in terms of means, variances and higher moments. Rev. Econ. Stud. 37(4), 537–542 (1970). http://www.jstor.org/stable/2296483

  58. Sandler, T., Arce, M.D.G.: Counterterrorism a game-theoretic analysis. J. Confl. Resolut. 49(2), 183–200 (2005)

    Article  Google Scholar 

  59. Sandler, T., Siqueira, K.: Games and terrorism: recent developments. Sim. Gaming 40(2), 164–192 (2009). doi:10.1177/1046878108314772. http://sag.sagepub.com/content/40/2/164.abstract

  60. Sargent, T.J.: Macroeconomic Theory. Academic Press, New York (1979). ISBN:0-12-619750-4

  61. Shen, D., Chen, G., Blasch, E., Tadda, G.: Adaptive markov game theoretic data fusion approach for cyber network defense. In: Mil. Commun. Conf., 2007. MILCOM 2007. IEEE, pp. 1–7. Orlando (2007). doi:10.1109/MILCOM.2007.4454758

  62. Szidarovszky, F., Luo, Y.: Optimal protection against random attacks. Reliab. Eng. Syst. Saf. (2013). Submitted for publication

  63. Valenzuela, M., Rozenblit, J., Suantak, L.: Decision support using deterministic equivalents of probabilistic game trees. In: Proc. the 2012 19th IEEE Int. Conf. and Workshops Eng. Comput.-Based Syst. (ECBS), pp. 142–149. Novi Sad (2012). doi:10.1109/ECBS.2012.22

  64. Wang, L., Ren, S., Yue, K., Kwiaty, K.: Optimal resource allocation for protecting system availability against random cyber attacks. In: Proc. the 2011 3rd Int. Conf. Comput. Res. & Dev. (ICCRD), vol. 1, pp. 477–482. Shanghai (2011). doi:10.1109/ICCRD.2011.5764062

  65. Zeigler, B.P., Hu, J.H., Rozenblit, J.W.: Hierarchical, modular modelling in DEVS-scheme. In: 1989 Proc. the 21st Conf. on Winter Simul., WSC ’89, pp. 84–89. ACM, New York, Capital Hilton Hotel, Washington, DC (1989). doi:10.1145/76738.76749

  66. Zhang, Z., Ho, P.H.: Janus: A dual-purpose analytical model for understanding, characterizing and countermining multi-stage collusive attacks in enterprise networks. J. Netw. Comput. Appl. 32(3), 710–720 (2009)

    Article  Google Scholar 

  67. Zhuang, J., Bier, V.M.: Balancing terrorism and natural disasters–defensive strategy with endogenous attacker effort. Oper. Res. 55(5), 976–991 (2007)

    Article  MATH  MathSciNet  Google Scholar 

  68. Zhuang, J., Bier, V.M., Alagoz, O.: Modeling secrecy and deception in a multiple-period attacker/defender signaling game. Eur. J. Oper. Res. 203(2), 409–418 (2010). doi:10.1016/j.ejor.2009.07.028. http://www.sciencedirect.com/science/article/pii/S0377221709005384

  69. Zonouz, S., Khurana, H., Sanders, W., Yardley, T.: RRE: a game-theoretic intrusion response and recovery engine. In: 2009 DSN IEEE/IFIP International Conference on Dependable Systems Networks, pp. 439–448. Lisbon (2009). doi:10.1109/DSN.2009.5270307

Download references

Author information

Authors and Affiliations

  1. Electrical and Computer Engineering, University of Arizona, Tucson, AZ, USA

    Michael Valenzuela & Jerzy Rozenblit

  2. Systems and Industrial Engineering, University of Arizona, Tucson, AZ, USA

    Ferenc Szidarovszky

Authors
  1. Michael Valenzuela
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ferenc Szidarovszky
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jerzy Rozenblit
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Michael Valenzuela.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Valenzuela, M., Szidarovszky, F. & Rozenblit, J. A multiresolution approach for optimal defense against random attacks. Int. J. Inf. Secur. 14, 61–72 (2015). https://doi.org/10.1007/s10207-014-0245-x

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-014-0245-x

Keywords

Search

Navigation