Sajjan G. Shiva

A Survey of Game Theory as Applied to Network Security

Network security is a complex and challenging problem. The area of network defense mechanism design is receiving immense attention from the research community for more than two decades. However, the network security problem is far from completely solved. Researchers have been exploring the applicability of game theoretic approaches to address the network security issues and some of these approaches look promising. This paper surveys the existing game theoretic solutions which are designed to enhance network security and presents a taxonomy for classifying the proposed solutions. This taxonomy should provide the reader with a better understanding of game theoretic solutions to a variety of cyber security problems.

Game theory for cyber security

While there are significant advances in information technology and infrastructure which offer new opportunities, cyberspace is still far from completely secured. In many cases, the employed security solutions are ad hoc and lack a quantitative decision framework. While they are effective in solving the particular problems they are designed for, they generally fail to respond well in a dynamically changing scenario. To this end, we propose a holistic security approach in this paper. We find that game theory provides huge potential to place such an approach on a solid analytical setting. We consider the interaction between the attacks and the defense mechanisms as a game played between the attacker and the defender (system administrator). In particular, we propose a game theory inspired defense architecture in which a game model acts as the brain. We focus on one of our recently proposed game models, namely imperfect information stochastic game. Although this game model seems to be promising, it also faces new challenges which warrant future attention. We discuss our current ideas on extending this model to address such challenges.

On modeling and simulation of game theory-based defense mechanisms against DoS and DDoS attacks

As cyber attacks continue to grow in number, scope, and severity, the cyber security problem has become increasingly important and challenging to both academic researchers and industry practitioners. We explore the applicability of game theoretic approaches to the cyber security problem with focus on active bandwidth depletion attacks. We model the interaction between the attacker and the defender as a two-player non-zero-sum game in two attack scenarios: (i) one single attacking node for Denial of Service (DoS) and (ii) multiple attacking nodes for Distributed DoS (DDoS). The defenders challenge is to determine optimal firewall settings to block rogue traffics while allowing legitimate ones. Our analysis considers the worst-case scenario where the attacker also attempts to find the most effective sending rate or botnet size. In either case, we build both static and dynamic game models to compute the Nash equilibrium that represents the best strategy of the defender. We validate the effectiveness of our game theoretic defense mechanisms via extensive simulation-based experiments using NS-3.

Securing cloud infrastructure against co-resident DoS attacks using game theoretic defense mechanisms

Evolution in cloud services and infrastructure has been constantly reshaping the way we conduct business and provide services in our day to day lives. Tools and technologies created to improve such cloud services can also be used to impair them. By using generic tools like nmap, hping and wget, one can estimate the placement of virtual machines in a cloud infrastructure with a high likelihood. Moreover, such knowledge and tools can also be used by adversaries to further launch various kinds of attacks. In this paper we focus on one such specific kind of attack, namely a denial of service (DoS), where an attacker congests a bottleneck network channel shared among virtual machines (VMs) coresident on the same physical node in the cloud infrastructure. We evaluate the behavior of this shared network channel using Click modular router on DETER testbed. We illustrate that game theoretic concepts can be used to model this attack as a two-player game and recommend strategies for defending against such attacks.

Software Reuse: Research and Practice

It has been more than three decades since the idea of software reuse was proposed. Many success stories have been told, yet it is believed that software reuse is still in the development phase and has not reached its full potential. How far are we with software reuse research and practice? This paper is an attempt to answer this question

Game theory-based defense mechanisms against DDoS attacks on TCP/TCP-friendly flows

While there are significant advances in information technology and infrastructure which offer new opportunities, cyberspace is still far from completely secured. In many cases, the employed security solutions are ad hoc and lack a quantitative decision framework. To this end, game theory poses huge potential in building a defense architecture based on a solid analytical setting. In this paper, we explore the applicability of game theoretic approaches to the cyber security problem while keeping the focus on active bandwidth depletion attacks on TCP/TCP-friendly flows. We model the interaction between the attacker and the defender as a game in two attack scenarios: (i) one single attacking node for Denial of Service (DoS) and (ii) multiple attacking nodes for Distributed DoS (DDoS). The defenders challenge is to determine optimal firewall settings to block rogue traffic while allowing legitimate ones. Our analysis considers the worst-case scenario where the attacker also attempts to find the most effective sending rate or botnet size. In either case, we build a static game model to compute the Nash equilibrium that represents the best strategy for the defender. We validate the effectiveness of our game theoretic defense mechanisms via extensive simulation.

Computer hardware description languages—A tutorial

Just as software designers use high level languages (HLL) to express the algorithms in terms of language statements, digital hard-ware designers use hardware description languages (HDL) to describe the system they are designing. Although HDLs were originated as a medium of precise yet concise description of digital hardware, they have found a variety of applications such as generating user manuals, teaching logic design, acting as an input medium for an automatic design system, etc. This tutorial paper introduces HDLs as useful tools for hardware design and documentation. The capabilities and limitations of HDLs are discussed, along with the guidelines to select an HDL. The directions for future work and an extensive bibliography are provided.

Modular Description/Simulation/Synthesis using DDL

With the increased complexity of integrated circuits, a true top-down methodology is mandatory in their design. A construct that enables a modular description of a system design is added to DDL. The Translator, Simulator and Synthesis Software has been modified to retain this modularity throughout the design cycle. These enhancements allow a multi-level simulation and multi-technology synthesis of an integrated circuit.

Flip-Flops for Multiple-Valued Logic

A family of multiple-valued (MV) electronic memory elements, referred to herein as flip-flops, is presented along with a system of MV algebra upon which they are based. These MV flip-flops are compared to binary flip-flops. MV asynchronous set-clear flip-flops and synchronous set-clear, D-type, JK, and modulo N counter flip-flops are presented, their next-state equations are derived, and they are shown to have desirable properties for use in MV sequential circuits. Experimental results and schematic diagrams are presented for a level restoring three-valued logic gate, the clocked set-clear flip-flop, and an example synchronous sequential circuit.

Use of Attack Graphs in Security Systems

Attack graphs have been used to model the vulnerabilities of the systems and their potential exploits. The successful exploits leading to the partial/total failure of the systems are subject of keen security interest. Considerable effort has been expended in exhaustive modeling, analyses, detection, and mitigation of attacks. One prominent methodology involves constructing attack graphs of the pertinent system for analysis and response strategies. This not only gives the simplified representation of the system, but also allows prioritizing the security properties whose violations are of greater concern, for both detection and repair. We present a survey and critical study of state-of-the-art technologies in attack graph generation and use in security system. Based on our research, we identify the potential, challenges, and direction of the current research in using attack graphs.