Game theory for network security

IEEE Communications Surveys and Tutorials

Volumn 15, Issue 1, 2013, Pages 472-486

  Liang, Xiannuan ^a   Xiao, Yang ^a  

^a Department of Computer Science   (United States)

Author keywords

Attack defense; Game theory; Network security; Security assessment

Indexed keywords

APPLICATION SCENARIO; ATTACK-DEFENSE; COOPERATIVE GAME; FUTURE RESEARCH DIRECTIONS; GAME MODELS; GAME-THEORETIC; INFORMATION ACCESS; NETWORK ATTACK; NETWORK RESOURCE; NETWORK SECURITY PROBLEMS; NONCOOPERATIVE GAME; SECURITY ASSESSMENT; SECURITY ISSUES; SECURITY MEASUREMENT; STATE OF THE ART;

COMPUTER CRIME; GAME THEORY; INFORMATION RETRIEVAL;

NETWORK SECURITY;

EID: 84873690107     PISSN: None     EISSN: 1553877X     Source Type: Journal    
DOI: 10.1109/SURV.2012.062612.00056     Document Type: Article

References (80)

1. "Security focus," security focus bugtraq vulnerability notification database, 2009. Available: http://www.securityfocus.com/archive.
2. "US-CERT," United States Computer Emergency Readiness Team, 2009. Available: http://www.us-cert.gov.
3. Y. Zhang, Y. Xiao, K. Ghaboosi, J. Zhang, and H. Deng, "A Survey of Cyber Crimes," (Wiley Journal of) Security and Communication Networks, Vol. 5, No. 4, pp. 422-437, Apr. 2012.
4. R. Bace and P. Mell. Intrusion detection systems. NIST Special Publication on Intrusion Detection Systems. Available:http://www.snort.org/docs/ nist-ids.pdf.
5. T. Alpcan and T. Baser, "A game theoretic analysis of intrusion detection in access control systems," Proc. 43rd IEEE Conference on Decision and Control, Vol. 2, pp. 1568-1573,2004. (Pubitemid 40291179)
6. M. Bloem, T. Alpcan, and T. Basar, "Intrusion response as a resource allocation problem,". IEEE Conference on Descision and Control, pp. 6283-6288, 2006. (Pubitemid 351283649)
7. M. Li, I. Koutsopoulos, and R. Poovendran, "Optimal jamming attacks and network defense policies in wireless sensor networks," In Proc. IEEE International Conference on Computer Communications (INFOCOM), pp. 1307 - 1315, 2007. (Pubitemid 47334355)
8. T. Alpcan and T. Baser, "An intrusion detection game with limited observations," Proc. 12th Int. Symp. on Dynamic Games and Applications, 2006. Available: http://www.tansu.alpcan.org/papers/isdg06.pdf.
9. S. N. Hamilton, W. L. Miller, A. Ott, and O. S. Saydjari, "The role of game theory in information warfare," Proc. 4th information survivability workshop (ISW-2001/2002), 2002. Available: http://www.cert.org/research/isw/ isw2001/papers/index.html.
10. Security measurement- white paper, http://www.psmsc.com/Downloads/ TechnologyPapers/SecurityWhitePaper v3.0.pdf.
11. W. He, C. Xia, H. Wang, C. Zheng, and Y. Ji, "A game theoretical attack-defense model oriented to network security risk assessment," 2008 International Conference on Computer Science and Software Engineering, pp. 498 - 504, 2008.
12. G. Owen, Game Theory. Academic Press, 3rd edition, 2001.
13. R. Gibbons, Game Theory for Applied Economists. Princeton University Press, 1992.
14. M. J. Obsborne and A. Rubinstein, A course in game theory. MIT Press, 1994.
15. D. Zamboni, "Using internal sensors for computer intrusion detection," Ph.D. dissertation, Purdue University, August 2001.
16. A. Patcha and J. Park, "A game theoretic approach to modeling intrusion detection in mobile ad hoc networks," Proc. 2004 IEEE workshop on Information Assurance and Security, pp. 280 - 284, 2004. (Pubitemid 40442803)
17. J. Jormakka and J. V. E. Molsa, "Modelling information warfare as a game," Journal of Information Warfare, Vol. 4(2), pp. 12-25, 2005.
18. Y. Liu, C. Comaniciu, and H. Man, "A bayesian game approach for intrusion detection in wireless ad hoc networks," In Proc. 2006 workshop on Game theory for communications and networks, 2006.
19. L. Chen and J. Leneutre, "A game theoreticcal framework on intrusion detection in heterogeneous networks," IEEE Trans. Inf. Forens. Security, Vol. 4, No. 2, pp. 165-178, June 2009.
20. M. Fallah, "A Puzzle-based defense strategy against flooding attacks using game theory," IEEE Transactions on Dependable and Secure Computing, Vol. 7, No. 1, pp. 5-19, 2010.
21. K. Lye and J. Wing, "Game strategies in network security," International Journal of Information Security, Vol. 4, No. 1-2, pp. 71-86, 2005. (Pubitemid 40347202)
22. C. Xiaolin, T. Xiaobin, Z. Yong, and X. Hongsheng, "A markov game theory-based risk assessment model for network information systems," International conference on computer science and software engineering, Vol. 3, pp. 57-61, 2008.
23. K. C. Nguyen, T. Alpcan, and T. Basar, "Security Games with Incomplete Information," Proc. 2009 IEEE International Conference on Communications (ICC 2009), Dresden, Germany, pp. 1-6, June 2009.
24. Z. Chen, "Modeling and defending against internet worm attacks," PhD Dissertation at Georgia Institute Of Technology, 2007.
25. L. Carin, G. Cybenko, and J. Hughes, "Cybersecurity strategies: the QuERIES methodology," IEEE Computer, Vol. 41, Issue 8, pp. 20-26, 2008.
26. K. Sallhammar, B. Helvik, and S. Knapskog, "On stochastic modeling for integrated security and dependability evaluation," Journal of Networks, Vol. 1, No. 5, pp. 31-42, September 2006.
27. A. Avizienis, J.-C. Laprie, B. Randell, and C. Landwehr, "Basic concepts and taxonomy of dependable and secure computing," IEEE Trans. Dependable Secure Computing, Vol. 1, Issue 1, pp. 11-33, January-March 2004. (Pubitemid 40134576)
28. John A. Buzacot, "Markov approach to finding failure times of repairable systems" IEEE Trans. Reliab., Vol. R-19, Issue 4, pp. 128- 134, November 1970.
29. K. Sallhammar, S. Knapskog, and B. Helvik, "Using stochastic game theory to compute the expected behavior of attackers," In Proc. 2005 International Symposiu on Applications and the Internet Workshops (Saint2005), pp. 102-105, 2005. (Pubitemid 46402089)
30. K. Sallhammar, B. Helvik, and S. Knapskog, "Towards a stochastic model for integrated security and dependability evaluation," In Proc. First International Conference on Availability, Reliability and Security (AReS), 2006. Available: http://www.sis.pitt.edu/?dtipper/3957/Paper11.pdf.
31. H. Wang, Y. Liang, and X. Liu, "Stochastic game theoretic method of quantification for network situational awareness," In Proc. 2008 International Conference on Internet Computing in Science and Engineering, pp. 312-316, 2008.
32. S. Roy, C. Ellis, S. Shiva, D. Dasgupta, V. Shandilya and O. Wu, "A survey of game theory as applied to network security," In Proc. 43rd Hawaii International Conference on System Science, pp. 1-10, 2010.
33. P. Liu, W. Zang, and M. Yu, "Incentive-based modeling and inference of attacker intent, objectives, and strategies," ACM Trans. Information and System Security (TISSEC), Vol. 8, Issue 1, pp. 78-118, 2005. (Pubitemid 40479430)
34. J. Filar and K. Vrieze, Competitive Markov decision processes. Springer, Berlin Heidelberg. New York, 1996.
35. L. Shapley, "Stochastic games," Proc. National Academy of Science USA, Vol. 39, Issue 10, pp, 1095-1100.
36. K. C. Nguyen, T. Alpcan, and T. Basar, "Stochastic games for security in networks with interdependent nodes," Proc. Intl. Conf. on Game Theory for Networks (GameNets), pp. 697-703, 2009.
37. K. Sallhammar, B. Helvik, and S. Knapskog, "A framework for predicting security and dependability measure in real-time," International Journal of Computer Science and Network Security, Vol. 7 No. 3, pp. 169-183, March 2007.
38. D. Fudenberg and J. Tirole, Game Theory. Cambridge. MA: MIT Press, 2002.
39. K. C. Nguyen, T. Alpcan, and T. Basar, "Security games with incomplete information," Proc. IEEE Intl. Conf. on Communications (ICC), pp. 1-6, 2009.
40. X. You and Z. Shiyong, "A kind of network security behavior model based on game theory," Proc. Fourth International Conference on Parallel and Distributed Computing, Applications and Technologies, pp. 950-954, 2003.
41. H. Greenberg.,"How to analyse the results of linear program- part 3: infeasibility diagnoses," interfaces, Vol. 23, No. 6, pp. 120-139, 1993.
42. Y. Luo, F. Szidarovszky, Y. Al-Nashif, and S. Hariri, "Game Theory Based Network Security," Journal of Information Security, Vol. 1, pp. 41-44, 2010.
43. W. Saad, T. Alpcan, T. Basar and A. Hjørungnes, "Coalitional game theory for security risk management," In Proc. 5th Intl. Conf. on Internet Monitoring and Protection, pp. 35-40, 2010.
44. P. Bommannavar, T. Alpan and N. Bambos, "Security Risk Management via Dynamic Games with Learning," IEEE International Conference on Communications, pp. 1-6, 2011.
45. J. Grossklags, B. Johnson and N. Christin, "When information improves information security," In Proc. 2010 Financial Cryptography Conference (FC'10), 2010. Available: http://people.ischool.berkeley.edu/? johnsonb/Welcome files/When Information Improves 10.pdf.
46. J. Grossklags, N. Christin, and J. Chuang, "Secure or insure? A gametheoretic analysis of information security games," In Proc. 2008 World Wide Web Conference (WWW'08), pp. 209-218, 2008.
47. L. Jiang and V. Anantharam, "How bad are selfish Investments in network security?" IEEE/ACM Trans. Netw., Vol. 19, No. 2, pp. 549- 560, 2011.
48. Y. Sagduyu, R. Berry and A. Ephremides, "Jamming games in wireless networks with incomplete information," IEEE Commun. Mag., Vol. 49, Issue 8, pp. 112-118, 2011.
49. J. S. Shamma and G. Arslan, "Dynamic fictitious play, dynamic gradient play, and distributed convergence to Nash equilibria," IEEE Trans. Autom. Control, Vol. 50, No. 3, pp. 312-327, Mar. 2005. (Pubitemid 40448583)
50. E. Koutsoupias and C. H. Papadimitriou, "Worst-case equilibria," Annual Symposium on Theoretical Aspects of Computer Science, pp. 404-413, 1999.
51. H. Chen and B. Sun, "Editorial," International Journal of Security and Networks, Vol. 6 Nos. 2/3, 2011, pp. 65-66.
52. M. Barua, X. Liang, R. Lu, X. Shen, "ESPAC: Enabling Security and Patient-centric Access Control for eHealth in cloud computing, " International Journal of Security and Networks, Vol. 6 Nos. 2/3, 2011, pp. 67-76.
53. N. Jaggi, U. M. Reddy, and R. Bagai, "A Three Dimensional Sender Anonymity Metric," International Journal of Security and Networks, Vol. 6 Nos. 2/3, 2011, pp. 77-89.
54. M. J. Sharma and V. C. M. Leung, "Improved IP Multimedia Subsystem Authentication Mechanism for 3G-WLAN Networks," International Journal of Security and Networks, Vol. 6 Nos. 2/3, 2011, pp. 90-100.
55. N. Cheng, K. Govindan, and P. Mohapatra, "Rendezvous Based Trust Propagation to Enhance Distributed Network Security," International Journal of Security and Networks, Vol. 6 Nos. 2/3, 2011, pp. 101-111.
56. A. Fathy, T. ElBatt, and M. Youssef, "A Source Authentication Scheme Using Network Coding," International Journal of Security and Networks, Vol. 6 Nos. 2/3, 2011, pp. 112-122.
57. L. Liu, Y. Xiao, J. Zhang, A. Faulkner, and K. Weber, "Hidden Information in Microsoft Word," International Journal of Security and Networks, Vol. 6 Nos. 2/3, 2011, pp. 123-135.
58. S. S.M. Chow and S. Yiu, "Exclusion-Intersection Encryption," International Journal of Security and Networks, Vol. 6 Nos. 2/3, 2011, pp. 136-146.
59. D. Walker and S. Latifi, "Partial Iris Recognition as a Viable Biometric Scheme," International Journal of Security and Networks, Vol. 6 Nos. 2-3, 2011, pp. 147-152.
60. A. Desoky, "Edustega: An Education-Centric Steganography Methodology," International Journal of Security and Networks, Vol. 6 Nos. 2-3, 2011, pp. 153-173.
61. N. Ampah, C. Akujuobi, S. Alam, and M. Sadiku, "An intrusion detection technique based on continuous binary communication channels," International Journal of Security and Networks, Vol. 6 Nos. 2-3, 2011, pp. 174-180.
62. T. Choi, H.B. Acharya, and M. G. Gouda, "Is that you? Authentication in a network without identities," International Journal of Security and Networks, Vol. 6 No. 4, 2011, pp. 181-190.
63. Q. Chai and G. Gong, "On the (in) security of two Joint Encryption and Error Correction schemes," International Journal of Security and Networks, Vol. 6, No. 4, 2011, pp. 191 - 200.
64. S. Tang and W. Li, "An epidemic model with adaptive virus spread control for Wireless Sensor Networks," International Journal of Security and Networks, Vol. 6, No. 4, 2011, pp. 201 - 210.
65. G. Luo and K.P. Subbalakshmi, "KL-sense secure image steganography," International Journal of Security and Networks, Vol. 6, No. 4, 2011, pp. 211 - 225.
66. W. Chang, J. Wu, and C. C. Tan, "Friendship-based location privacy in Mobile Social Networks," International Journal of Security and Networks, Vol. 6, No. 4, 2011, pp. 226 - 236.
67. X. Zhao, L. Li, and G. Xue, "Authenticating strangers in Online Social Networks," International Journal of Security and Networks, Vol. 6, No. 4, 2011, pp. 237 - 248.
68. B. Sun, F. Yu, K. Wu, Y. Xiao, V. C. M. Leung, "Enhancing Security using Mobility-Based Anomaly Detection in Cellular Mobile Networks," IEEE Trans. Veh. Technol., Vol. 55, No. 4, July 2006, pp.1385-1396. (Pubitemid 44111432)
69. B. Sun, L. Osborne, Y. Xiao, and S. Guizani, "Intrusion Detection Techniques in Mobile Ad Hoc and Wireless Sensor Networks," IEEE Wireless Commun. Mag., Special Issue on Security in Wireless Mobile Ad Hoc and Sensor Networks, Oct. 2007, pp. 56-63. (Pubitemid 350231654)
70. B. Sun, K. Wu, Y. Xiao, and R. Wang, "Integration of mobility and intrusion detection for wireless Ad Hoc networks," (Wiley) International Journal of Communication Systems, Vol. 20, No. 6, pp. 695-721, Jun. 2007. (Pubitemid 46959707)
71. B. Sun, Y. Xiao, and R. Wang, "Detection of Fraudulent Usage in Wireless Networks," IEEE Trans. Veh. Technol., Vol. 56, No.6, Nov. 2007, pp. 3912 - 3923. (Pubitemid 350201083)
72. B. Sun, Y. Xiao, and K. Wu, "Intrusion Detection in Cellular Mobile Networks," Wireless Network Security, Springer, 2007, ISBN-10 0-387- 28040-5, ISBN-13 978-0-387-28040-5, Chapter 8, pp. 183-210.
73. F. Hu, Y. Malkawi, S. Kumar, and Y. Xiao, "Vertical and Horizontal Synchronization Services with Outlier Detection in Underwater Sensor Networks," (Wiley) Wireless Communications and Mobile Computing (WCMC), John Wiley & Sons, Vol. 8, No. 9, Nov. 2008, pp. 1165 - 1181.
74. S. Ozdemir and Y. Xiao, "Outlier Detection Based Fault Tolerant Data Aggregation for Wireless Sensor Networks," Proc. 5th International Conference on Application of Information and Communication Technologies (AICT2011).
75. B. Sun, X. Jin, Y. Xiao, and R. Wang, "Enhancing Security using Mobility Profile for Wireless Networks," Proc. GLOBECOM 2006.
76. B. Sun, Y. Xiao, R. Wang, and S. Guizani, "Enhancing Security using Calling Activity for Wireless Networks," Proc. GLOBECOM 2006.
77. B. Sun, N. Chand, K. Wu, and Y. Xiao, "Change-Point Monitoring for Secure In-Network Aggregation in Wireless Sensor Networks," Proc. IEEE GLOBECOM 2007, pp. 936-940. (Pubitemid 351259168)
78. B. Sun, X. Jin, K. Wu, and Y. Xiao, "Integration of Secure In-Network Aggregation and System Monitoring for Wireless Sensor Networks," Proc. IEEE ICC 2007, pp. 1466- 1471. (Pubitemid 351145742)
79. X. Liang and Y. Xiao, "Bio-inspired True Coalition Formation on Intrusion Detection by Mobile Robots," Proc. CollaborateCom09.
80. X. Liang and Y Xiao, "Studying Bio-inspired Coalition Formation of Robots for Detecting Intrusions Using Game Theory," IEEE Trans. Syst. Man Cybern., Part B, Special Issue on Game Theory, Vol. 40, No. 3, June 2010, pp. 683-693.