nach oben

Autonomous Agents and Multi-Agent Systems

Erschienen in:

01.03.2015

Securing interdependent assets

verfasst von: Yevgeniy Vorobeychik, Joshua Letchford

Erschienen in: Autonomous Agents and Multi-Agent Systems | Ausgabe 2/2015

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Stackelberg security game models have become among the leading practical game theoretic approaches to security, having seen actual deployment in the LAX Airport, the United States Federal Air Marshals Service, and the United States Coast Guard, among others. However, most techniques for computing optimal security policies in Stackelberg games to date do not explicitly account for interdependencies among targets. We introduce a novel framework for computing optimal randomized security policies in networked (interdependent) domains. Our framework rests upon a Stackelberg security game model, within which we explicitly capture the indirect spread of damages due either to malicious attacks or unintended failures. We proceed to specify a particular simple, yet natural model of damage spread based on a graphical representation of asset interdependencies coupled with an independent failure cascade model. For the general model, we present an algorithm based on submodularity of the attacker’s decision problem, in combination with local search, to approximate optimal security resource allocation across the assets, and show experimentally that our algorithm is far more scalable than an alternative exact approach, yields nearly optimal results, and offers substantial improvement over a well-known heuristic alternative. We then show that in a particular important special case we can compute optimal security policies exactly and efficiently. We proceed to apply our framework to study comparative network resilience, unifying previously disparate strands of research in the area, and to offer insights into other aspects of the interdependent security problem.

Vorheriger Artikel Coordinated inductive learning using argumentation-based communication

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

The idea that the follower breaks ties in the leader’s favor may seem strange in the context of security games. However, note that the leader can make the follower strictly prefer the corresponding action by a slight change in his randomized policy.

Note that it is direct to replace these choices by arbitrary different constants

We assume here that both the defender and attacker share the same uncertainty about the network. An alternative model could consider an attacker that has more (or exact) information about the network. The resulting defender problem would become a Bayesian Stackelberg game.

There are a plethora of minor variations on this general heuristic, but the performance of the best tends to be similar to this baseline.

Albert, R., Jeong, H., & Barabasi, A. L. (2000). Error and attack tolerance of complex networks. Nature, 406, 378–382.CrossRef

Anderson, R. J. (2008). Security Engineering (2nd ed.). New York: Wiley.

August, T., & Tunca, T. I. (2011). Who should be responsible for software security? A comparative analysis of liability policies in network environments. Management Science, 57(5), 934–959.CrossRefMATH

Avenhaus, R., von Stengel, B., & Zamir, S. (2002). Inspection games. In S. Hart (Ed.), Handbook of game theory (pp. 1947–1987). Amsterdam: Elsevier Science Publishers.

Brown, G., Carlyle, M., Salmeron, J., & Wood, K. (2006). Defending critical infrastructure. Interfaces, 36(6), 530–544.CrossRef

Brown, G. G., Carlyle, W. M., Harney, R. C., Skroch, E. M., & Wood, R. K. (2009). Interdicting a nuclear-weapons project. Operations Research, 57(4), 866–877.CrossRefMATH

Cavusoglo, H., Mishra, B., & Raghunathan, S. (2004). A model for evaluating IT security investments. Communications of the ACM, 47(7), 87–92.CrossRef

Cavusoglu, H., & Raghunathan, S. (2004). Configuration of detection software: A comparison of decision and game theory approaches. Decision Analysis, 1(3), 131–148.CrossRef

Cavusoglu, H., Mishra, B., & Raghunathan, S. (2005). The value of intrusion detection systems in information technology security architecture. Informations Systems Research, 16(1), 28–46.CrossRef

10.

Cavusoglu, H., Cavusoglu, H., & Zhang, J. (2008). Security patch management: Share the burden or share the damage. Management Science, 54(4), 657–670.CrossRef

11.

Cavusoglu, H., Raghunathan, S., & Cavusoglu, H. (2009). Configuration of and interaction between information security technologies: The case of firewalls and intrusion detection systems. Informations Systems Research, 20(2), 198–217.CrossRef

12.

CERT (1999). Frequently asked questions about the melissa virus. CERT Program at Software Engineering Institute. Carnegie Mellon University. http://www.cert.org/tech_tips/Melissa_FAQ.html.

13.

Conitzer, V., & Korzhyk, D. (2011). Commitment to correlated strategies. In Twenty-fifth national conference on artificial intelligence (pp. 632–637).

14.

Conitzer, V., & Sandholm, T. (2006). Computing the optimal strategy to commit to. In Seventh ACM Conference on Electronic Commerce (pp. 82–90).

15.

Cormican, K. J., Morton, D. P., & Wood, R. K. (1998). Stochastic network interdiction. Operations Research, 46(2), 184–197.CrossRefMATH

16.

Cremonini, M., & Nizovtsev, D. (2006). Understanding and influencing attackers’ decisions: Implications for security investment strategies. In Workshop on the Economics of Information Security.

17.

Dodds, P. S., & Watts, D. J. (2005). A generalized model of social and biological contagion. Journal of Theoretical Biology, 232, 587–604.CrossRefMathSciNet

18.

Domingos, P. (1999). Metacost: A general method for making classifiers cost-sensitive. In ACM International Conference on Knowledge Discovery and Data Mining.

19.

Duggan, D. P., Thomas, S. R., Veitch, C. K. K., & Woodard, L. (2007). Categorizing threat: Building and using a generic threat matrix. Tech. rep., Sandia National Laboratories, sAND2007-5791.

20.

Energy Sector Control Systems Working Group (2011). Roadmap to achieve energy delivery systems cybersecurity. Energetics Inc. https://www.controlsystemsroadmap.net/ieRoadmap%20Documents/roadmap.pdf.

21.

Gallos, L. K., Liljeros, F., Argyrakis, P., Bunde, A., & Havlin, S. (2007). Improving immunization strategies. Physical Review E, 75(045), 104.

22.

Grossklags, J., Christin, N., & Chuang, J. (2008). Secure or insure? A game-theoretic analysis of information security games. In Seventeenth international world wide web conference (pp. 209–218).

23.

Jain, M., Kardes, E., Kiekintveld, C., Tambe, M., & Ordonez, F. (2010a). Security games with arbitrary schedules: A branch and price approach. In Twenty-fourth national conference on artificial intelligence.

24.

Jain, M., Tsai, J., Pita, J., Kiekintveld, C., Rathi, S., Tambe, M., et al. (2010b). Software assistants for randomized patrol planning for the lax airport police and the federal air marshal service. Interfaces, 40, 267–290.CrossRef

25.

Jain, M., Korzhyk, D., Vanek, O., Conitzer, V., Pechoucek, M., & Tambe, M. (2011). A double oracle algorithm for zero-sum security games on graphs. In Tenth international conference on autonomous agents and multiagent systems.

26.

Kempe, D., Kleinberg, J. M., & Éva, T. (2003). Maximizing the spread of influence in a social network. In Ninth ACM SIGKDD international conference on knowledge discovery and data mining (pp. 137–146).

27.

Kiekintveld, C., Jain, M., Tsai, J., Pita, J., Ordóñez, F., & Tambe, M. (2009). Computing optimal randomized resource allocations for massive security games. In Proceedings of the eighth international conference on autonomous agents and multiagent systems.

28.

Korzhyk, D., Conitzer, V., & Parr, R. (2010). Complexity of computing optimal stackelberg strategies in security resource allocation games. In In AAAI-10.

29.

Krutz, R., & Vines, R. D. (2001). The CISSP Prep Guide. New York: Wiley Computer Publishing.

30.

Kunreuther, H., & Heal, G. (2003). Interdependent security. Journal of Risk Uncertainty, 26(2–3), 231–249.CrossRefMATH

31.

Lee, W., Miller, M., Stolfo, S., Jallad, K., Park, C., Zadok, E., et al. (2002). Toward cost-sensitive modeling for intrusion detection. Journal of Computer Security, 10(1/2), 5–22.

32.

Letchford, J., & Conitzer, V. (2010). Computing optimal strategies to commit to in extensive-form games. In Eleventh ACM conference on electronic commerce. ACM, New York, NY, USA, EC ’10, pp. 83–92.

33.

Letchford, J., & Vorobeychik, Y. (2012). Computing optimal security strategies for interdependent assets. In Twenty-eighth conference on uncertainty in artificial intelligence.

34.

Miller, J. C., & Hyman, J. M. (2007). Effective vaccination strategies for realistic social networks. Physica A, 386, 780–785.CrossRef

35.

MITRE (2012). Common attack pattern enumeration and classification. http://capec.mitre.org/.

36.

Mounzer, J., Alpcan, T., & Bambos, N. (2010). Integrated security risk management for IT-intensive organizations. In Sixth international conference on information assurance and security (pp. 329–334).

37.

Nehme, M. V. (2009). Two-person games for stochastic network interdiction: Models, methods, and complexities. PhD thesis, The University of Texas at Austin.

38.

Nemhauser, G., Wolsey, L., & Fisher, M. (1978). An analysis of the approximations for maximizing submodular set functions. Mathematical Programming, 14, 265–294.CrossRefMATHMathSciNet

39.

Newman, M. (2010). Networks: An Introduction. Oxford: Oxford University Press.CrossRef

40.

Ogut, H., Menon, N., & Raghunathan, S. (2005). Cyber insurance and IT security investments: Impact of interdependent risk. In Workshop on the economics of information security.

41.

Ogut, H., Cavusoglu, H., & Raghunathan, S. (2008). Intrusion-detection policies for IT security breaches. Informs Journal on Computing, 20(1), 112–123.CrossRef

42.

Of Oregon Route Views Project U (2013). Online data and reports. http://www.routeviews.org.

43.

Paruchuri, P., Pearce, J.P., Marecki, J., Tambe, M., Ordóñez, F., & Kraus, S. (2008). Playing games with security: An efficient exact algorithm for Bayesian Stackelberg games. In Proceedings of the seventh international conference on autonomous agents and multiagent systems (pp. 895–902).

44.

Pastor-Satorras, R., & Vespignani, A. (2002). Immunization of complex networks. Physcal Review E, 65(036), 104.

45.

Pita, J., Jain, M., Ordóñez, F., Portway, C., Tambe, M., Western, C., et al. (2009). Using game theory for los angeles airport security. AI Magazine, 30(1), 43–57.

46.

Provost, F., & Fawcett, T. (1997). Analysis and visualization of classifier performance: Comparison under imprecise class and cost distributions. In KDD (pp. 43–48).

47.

Roberson, B. (2006). The colonel Blotto game. Economic Theory, 29, 1–24.CrossRefMATHMathSciNet

48.

Rosencrance, L. (2002). Melissa virus author sentenced. PC World. http://www.pcworld.com/article/97964/melissa_virus_author_sentenced.html.

49.

Shieh, E., Yang, R., Tambe, M., Baldwin, C., DiRenzo, J., Maule, B., & Meyer, G. (2012). PROTECT: A deployed game theoretic system to protect the ports of the United States. In Proceedings of the eleventh international conference on autonomous agents and multiagent systems (pp 13–20).

50.

Soramaki, K., Bech, M. L., Arnold, J., Glass, R. J., & Beyeler, W. (2007). The topology of interbank payment flows. Physica A, 379, 317–333.CrossRef

51.

Stamp, J. E., Laviolette, R. A., Phillips, L. R., & Richardson, B. T. (2009). Final report: Impacts analysis for cyber attack on electric power systems. Sandia National Laboratories Technical, Report, SAND2009-1673.

52.

von Stengel, B., & Zamir, S. (2010). Leadership games with convex strategy sets. Games and Economic Behavior, 69(2), 446–457.CrossRefMATHMathSciNet

53.

Tsai, J., Yin, Z., Kwak, J. Y., Kempe, D., Kiekintveld, C., & Tambe, M. (2010). Urban security: Game-theoretic resource allocation in networked physical domains. In Twenty-fourth national conference on artificial intelligence.

54.

Tsai, J., Nguyen, T. H., & Tambe, M. (2012). Security games for controlling contagion. In Twenty-sixth national conference in artificial intelligence, to appear.

55.

Ulvila, J. W., & Gaffney, J. E. (2004). A decision analysis method for evaluating computer intrusion detection systems. Decision Analysis, 1(1), 35–50.CrossRef

56.

Vorobeychik, Y., & Wellman, M. P. (2008). Stochastic search methods for Nash equilibrium approximation in simulation-based games. In Seventh international conference on autonomous agents and multiagent systems (pp. 1055–1062).

57.

Wood, R. K. (1993). Deterministic network interdiction. Mathematical Computer Modelling, 17(2), 1–18.CrossRefMATH

58.

Woodruff, D. L. (Ed.). (2003). Network interdiction and stochastic integer programming. Dordrecht: Kluwer Academic Publishers.MATH

59.

Yue, W. T., & Bagchi, A. (2003). Tuning the quality parameters of a firewall to maximize net benefit. In International workshop on distributed computing (pp 321–329).

60.

Zhuang, J., & Bier, V. (2007). Balancing terrorism and natural disasters–Defensive strategy with endogenous attacker effort. Operations Research, 55(5), 976–991.CrossRefMATHMathSciNet

Titel: Securing interdependent assets
verfasst von: Yevgeniy Vorobeychik
Joshua Letchford
Publikationsdatum: 01.03.2015
Verlag: Springer US
Erschienen in: Autonomous Agents and Multi-Agent Systems / Ausgabe 2/2015
Print ISSN: 1387-2532
Elektronische ISSN: 1573-7454
DOI: https://doi.org/10.1007/s10458-014-9258-0

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 2/2015

Coordinated inductive learning using argumentation-based communication

Agent vision in multi-agent based simulation systems

Market manipulation with outside incentives

Dynamically generated commitment protocols in open systems