Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Bücher
Zeitschriften
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
ATZ-Fachkongress

Chassis.tech plus 2024


4 Kongresse in einer Veranstaltung

Treffen Sie in München die Fachleute von Chassis, Lenkung, Bremsen sowie Reifen/Räder.
Erweiterte Suche
Anmelden
nach oben
Erschienen in:
A Game-Theoretic Approach to IP Address Randomization in Decoy-Based Cyber Defense Kapitel lesen Erstes Kapitel lesen

2015 | OriginalPaper | Buchkapitel

Approximate Solutions for Attack Graph Games with Imperfect Information

verfasst von : Karel Durkota, Viliam Lisý, Branislav Bošanský, Christopher Kiekintveld

Erschienen in: Decision and Game Theory for Security

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

We study the problem of network security hardening, in which a network administrator decides what security measures to use to best improve the security of the network. Specifically, we focus on deploying decoy services or hosts called honeypots. We model the problem as a general-sum extensive-form game with imperfect information and seek a solution in the form of Stackelberg Equilibrium. The defender seeks the optimal randomized honeypot deployment in a specific computer network, while the attacker chooses the best response as a contingency attack policy from a library of possible attacks compactly represented by attack graphs. Computing an exact Stackelberg Equilibrium using standard mixed-integer linear programming has a limited scalability in this game. We propose a set of approximate solution methods and analyze the trade-off between the computation time and the quality of the strategies calculated.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Vorheriges Kapitel Determining a Discrete Set of Site-Constrained Privacy Options for Users in Social Networks Through Stackelberg Games
Nächstes Kapitel When the Winning Move is Not to Play: Games of Deterrence in Cyber Security
Fußnoten
Literatur
1.
Ammann, P., Wijesekera, D., Kaushik, S.: Scalable, graph-based network vulnerability analysis. In: Proceedings of CCS, pp. 217–224 (2002)
2.
Bacic, E., Froh, M., Henderson, G.: Mulval extensions for dynamic asset protection. Technical report, DTIC Document (2006)
3.
Benisch, M., Davis, G.B., Sandholm, T.: Algorithms for closed under rational behavior (curb) sets. J. Artif. Int. Res. 38(1), 513–534 (2010)MathSciNetMATH
4.
5.
Boddy, M.S., Gohde, J., Haigh, T., Harp, S.A.: Course of action generation for cyber security using classical planning. In: Proceedings of ICAPS, pp. 12–21 (2005)
6.
Bošanský, B., Kiekintveld, C., Lisý, V., Pěchouček, M.: An exact double-oracle algorithm for zero-sum extensive-form games with imperfect information. J. Artif. Int. Res. 51, 829–866 (2014)MATH
7.
Bošanský, B., Čermak, J.: Sequence-form algorithm for computing stackelberg equilibria in extensive-form games. In: Proceedings of AAAI Conference on AI, pp. 805–811 (2015)
8.
Carroll, T.E., Grosu, D.: A game theoretic investigation of deception in network security. Secur. Commun. Netw. 4(10), 1162–1172 (2011)CrossRef
9.
Cassandra, A., Littman, M.L., Zhang, N.L.: Incremental pruning: a simple, fast, exact method for partially observable markov decision processes. In: Proceedings of UAI, pp. 54–61. Morgan Kaufmann Publishers Inc. (1997)
10.
Conitzer, V., Korzhyk, D.: Commitment to correlated strategies. In: Proceedings of AAAI, pp. 632–637 (2011)
11.
Conitzer, V., Sandholm, T.: Computing the optimal strategy to commit to. In: Proceedings of ACM EC, pp. 82–90. ACM (2006)
12.
Durkota, K., Lisý, V., Bošanský, B., Kiekintveld, C.: Optimal network security hardening using attack graph games. In: Proceedings of IJCAI, pp. 7–14 (2015)
13.
Grimes, R.A., Nepomnjashiy, A., Tunnissen, J.: Honeypots for windows (2005)
14.
Homer, J., Zhang, S., Ou, X., Schmidt, D., Du, Y., Rajagopalan, S.R., Singhal, A.: Aggregating vulnerability metrics in enterprise networks using attack graphs. J. Comput. Secur. 21(4), 561–597 (2013)
15.
Ingols, K., Lippmann, R., Piwowarski, K.: Practical attack graph generation for network defense. In: Proceedings of ACSAC, pp. 121–130 (2006)
16.
Koller, D., Megiddo, N., Von Stengel, B.: Efficient computation of equilibria for extensive two-person games. Games Econ. Behav. 14(2), 247–259 (1996)CrossRefMATH
17.
Korzhyk, D., Yin, Z., Kiekintveld, C., Conitzer, V., Tambe, M.: Stackelberg vs. nash in security games: An extended investigation of interchangeability, equivalence, and uniqueness. J. Artif. Int. Res. 41(2), 297–327 (2011)MathSciNetMATH
18.
Letchford, J., Conitzer, V.: Computing optimal strategies to commit to in extensive-form games. In: Proceedings of ACM EC, pp. 83–92 (2010)
19.
Letchford, J., Vorobeychik, Y.: Optimal interdiction of attack plans. In: Proceedings of AAMAS, pp. 199–206 (2013)
20.
Littman, M.L.: The witness algorithm: Solving partially observable markov decision processes. Technical report, Providence, RI, USA (1994)
21.
Lucangeli Obes, J., Sarraute, C., Richarte, G.: Attack planning in the real world. In: Working notes of SecArt 2010 at AAAI, pp. 10–17 (2010)
22.
Mell, P., Scarfone, K., Romanosky, S.: Common vulnerability scoring system. Secur. Priv. 4, 85–89 (2006)CrossRef
23.
Noel, S., Jajodia, S.: Managing attack graph complexity through visual hierarchical aggregation. In: Proceedings of ACM VizSEC/DMSEC, pp. 109–118. ACM (2004)
24.
Noel, S., Jajodia, S.: Optimal ids sensor placement and alert prioritization using attack graphs. J. Netw. Syst. Manage. 16, 259–275 (2008)CrossRef
25.
Noel, S., Jajodia, S., Wang, L., Singhal, A.: Measuring security risk of networks using attack graphs. Int. J. Next-Gener. Comput. 1(1), 135–147 (2010)
26.
Ou, X., Boyer, W.F., McQueen, M.A.: A scalable approach to attack graph generation. In: Proceedings of ACM CCS, pp. 336–345. ACM (2006)
27.
Ou, X., Govindavajhala, S., Appel, A.W.: Mulval: a logic-based network security analyzer. In: Proceedings of USENIX SSYM. pp. 113–128. USENIX Association, Berkeley (2005)
28.
Píbil, R., Lisý, V., Kiekintveld, C., Bošanský, B., Pěchouček, M.: Game theoretic model of strategic honeypot selection in computer networks. In: Grossklags, J., Walrand, J. (eds.) GameSec 2012. LNCS, vol. 7638, pp. 201–220. Springer, Heidelberg (2012) CrossRef
29.
Provos, N.: A virtual honeypot framework. In: Proceedings of USENIX SSYM, pp. 1–14. Berkeley, CA, USA (2004)
30.
Qassrawi, M.T., Hongli, Z.: Deception methodology in virtual honeypots. In: Proceedings of NSWCTC, vol. 2, pp. 462–467. IEEE (2010)
31.
Sawilla, R.E., Ou, X.: Identifying critical attack assets in dependency attack graphs. In: Jajodia, S., Lopez, J. (eds.) ESORICS 2008. LNCS, vol. 5283, pp. 18–34. Springer, Heidelberg (2008) CrossRef
32.
Sheyner, O., Haines, J., Jha, S., Lippmann, R., Wing, J.M.: Automated generation and analysis of attack graphs. In: IEEE Symposium Security and Privacy, pp. 273–284. IEEE (2002)
33.
Tambe, M.: Security and Game Theory: Algorithms, Deployed Systems, Lessons Learned, 1st edn. Cambridge University Press, New York (2011) CrossRef
34.
Von Stengel, B., Forges, F.: Extensive form correlated equilibrium: definition and computational complexity. Math. Oper. Res. 33(4), 1002–1022 (2008)MathSciNetCrossRefMATH
Metadaten
Titel
Approximate Solutions for Attack Graph Games with Imperfect Information
verfasst von
Karel Durkota
Viliam Lisý
Branislav Bošanský
Christopher Kiekintveld
Copyright-Jahr
2015
Buch
Decision and Game Theory for Security

Print ISBN: 978-3-319-25593-4

Electronic ISBN: 978-3-319-25594-1

Copyright-Jahr: 2015

DOI
https://doi.org/10.1007/978-3-319-25594-1_13

Premium Partner

    Bildnachweise