Network Security A Decision and Game-Theoretic Approach



Similar documents
Intrusion Detection: Game Theory, Stochastic Processes and Data Mining

6.254 : Game Theory with Engineering Applications Lecture 1: Introduction

A Game Theoretical Framework on Intrusion Detection in Heterogeneous Networks Lin Chen, Member, IEEE, and Jean Leneutre

Towards a compliance audit of SLAs for data replication in Cloud storage

Enhancing Wireless Security with Physical Layer Network Cooperation

Techniques for Supporting Prediction of Security Breaches in. Critical Cloud Infrastructures Using Bayesian Network and. Markov Decision Process

Control Systems with Actuator Saturation

Revenue Management and Survival Analysis in the Automobile Industry

A Game Theoretical Framework for Adversarial Learning

Forecasting and Hedging in the Foreign Exchange Markets

Network Security Validation Using Game Theory

Detection. Perspective. Network Anomaly. Bhattacharyya. Jugal. A Machine Learning »C) Dhruba Kumar. Kumar KaKta. CRC Press J Taylor & Francis Croup

Modeling Internet Security Investments Tackling Topological Information Uncertainty

Game Theory Meets Network Security and Privacy

Software Performance and Scalability

COPYRIGHTED MATERIAL. Contents. List of Figures. Acknowledgments

Univariate and Multivariate Methods PEARSON. Addison Wesley

Intrusion Detection via Machine Learning for SCADA System Protection

Advanced Signal Processing and Digital Noise Reduction

About the Authors Preface Acknowledgements List of Acronyms

Cloud Computing. and Scheduling. Data-Intensive Computing. Frederic Magoules, Jie Pan, and Fei Teng SILKQH. CRC Press. Taylor & Francis Group

The Master s Degree with Thesis Course Descriptions in Industrial Engineering

TUSKEGEE CYBER SECURITY PATH FORWARD

How will the programme be delivered (e.g. inter-institutional, summerschools, lectures, placement, rotations, on-line etc.):

Computational Learning Theory Spring Semester, 2003/4. Lecture 1: March 2

Companies often face nonstationary demand due to product life cycles and seasonality, and nonstationary

Message-passing sequential detection of multiple change points in networks

Dong-Ping Song. Optimal Control and Optimization. of Stochastic. Supply Chain Systems. 4^ Springer

Dynamic Modeling, Predictive Control and Performance Monitoring

NEURAL NETWORKS A Comprehensive Foundation

Probability and Statistics

Intrusion Detection. Jeffrey J.P. Tsai. Imperial College Press. A Machine Learning Approach. Zhenwei Yu. University of Illinois, Chicago, USA

Role of Anomaly IDS in Network

GAMES FOR BUSINESS AND ECONOMICS

A Game-Theoretic Model and Algorithm for Load Balancing in Distributed Systems

Bayesian Machine Learning (ML): Modeling And Inference in Big Data. Zhuhua Cai Google, Rice University

Intrusion Detection Systems

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.

Intrusion Forecasting Framework for Early Warning System against Cyber Attack

Applied mathematics and mathematical statistics

G= (I, S, U), (1) where G is a particular game, I is a finite set of players, S = {S i }, (2)

Learning outcomes. Knowledge and understanding. Competence and skills

UNCLASSIFIED/FOR OFFICIAL USE ONLY. Department of Homeland Security (DHS) Continuous Diagnostics & Mitigation (CDM) CDM Program Briefing

APPLIED MISSING DATA ANALYSIS

Data Mining for Network Intrusion Detection

Network Mission Assurance

Statistics Graduate Courses

Microsoft s cybersecurity commitment

International Journal of Computer Science Trends and Technology (IJCST) Volume 3 Issue 3, May-June 2015

Integration Misuse and Anomaly Detection Techniques on Distributed Sensors

Kalman Filter Applied to a Active Queue Management Problem

Contents. Intrusion Detection Systems (IDS) Intrusion Detection. Why Intrusion Detection? What is Intrusion Detection?

life science data mining

STA 4273H: Statistical Machine Learning

Introduction to Engineering System Dynamics

State of Vermont. Intrusion Detection and Prevention Policy. Date: Approved by: Tom Pelham Policy Number:

IEEE JAVA TITLES

About the Author. The Role of Artificial Intelligence in Software Engineering. Brief History of AI. Introduction 2/27/2013

Taxonomy of Intrusion Detection System

A TWO LEVEL ARCHITECTURE USING CONSENSUS METHOD FOR GLOBAL DECISION MAKING AGAINST DDoS ATTACKS

Practical Intrusion Analysis

ANALYTICS IN BIG DATA ERA

Security Optimization of Dynamic Networks with Probabilistic Graph Modeling and Linear Programming

Online Hidden Markov Model Parameter Estimation and Minimax Robust Quickest Change Detection in Uncertain Stochastic Processes

Of Threats and Costs: A Game-Theoretic Approach to Security Risk Management

Wireless Sensor Networks Chapter 14: Security in WSNs

Security Optimization of Dynamic Networks with Probabilistic Graph Modeling and Linear Programming

AN INTRODUCTION TO GAME THEORY

Model Combination. 24 Novembre 2009

Risk Management for IT Security: When Theory Meets Practice

List of Ph.D. Courses

CESG Certification of Cyber Security Training Courses

How To Prevent Network Attacks

Towards a Unifying Security Framework for Cyber- Physical Systems

Game Theory Meets Information Security Management

Transcription:

Network Security A Decision and Game-Theoretic Approach Tansu Alpcan Deutsche Telekom Laboratories, Technical University of Berlin, Germany and Tamer Ba ar University of Illinois at Urbana-Champaign, USA Щ CAMBRIDGE UNIVERSITY PRESS

Contents Preface Acknowledgments Artwork Notation page xii xv xvi xvii Part I Introduction Introduction 3 1.1 Network security 4 1.2 The approach 8 1.3 Motivating examples 13 1.3.1 Security games 13 1.3.2 Security risk-management 15 1.3.3 Optimal malware epidemic response 16 1.4 Discussion and further reading 18 Network security concepts 20 2.1 Networks and security threats 21 2.1.1 Networks and the World Wide Web 21 2.1.2 Security threats 23 2.2 Attackers, defenders, and their motives 27 2.2.1 Attackers 27 2.2.2 Defenders 28 2.3 Defense mechanisms 29 2.4 Security tradeoffs and risk-management 32 2.4.1 Security tradeoffs 32 2.4.2 Security risk-management 34 2.5 Discussion and further reading 34

viii Contents Part II Security games 37 3 Deterministic security games 39 3.1 Security game model 40 3.2 Intrusion detection games 43 3.2.1 Matrix games 43 3.2.2 Games with dynamic information 45 3.3 Sensitivity analysis 47 3.4 Modeling malicious behavior in social networks 48 3.5 Security games for vehicular networks 51 3.5.1 Vehicular network model 51 3.5.2 Attack and defense model 52 3.5.3 Game formulation and numerical analysis 53 3.6 Security games in wireless networks 56 3.6.1 Random access security games 57 3.6.2 Interference limited multiple access security games 63 3.7 Revocation games 66 3.7.1 Revocation game model 67 3.7.2 Sequential revocation games 68 3.7.3 Static revocation games 71 3.8 Discussion and further reading 72 4 Stochastic security games 74 4.1 Markov security games 75 4.1.1 Markov game model 76 4.1.2 Solving Markov games 77 4.2 Stochastic intrusion detection game 80 4.3 Security of interconnected systems 83 4.3.1 Analysis of an illustrative example 84 4.3.2 Linear influence models 86 4.4 Malware filter placement game 90 4.4.1 Stochastic game formulation 92 4.4.2 Simulations 93 4.5 Discussion and further reading 95 5 Security games with information limitations 98 5.1 Bayesian security games 99 5.1.1 Bayesian intrusion detection game 99 5.1.2 Bayesian games for wireless security 106 5.2 Security games with observation and decision errors 109 5.2.1 Game model and fictitious play 110 5.2.2 Fictitious play with observation errors 112 5.2.3 Fictitious play with decision errors 120

5.2.4 Time-invariant and adaptive fictitious play 5.3 Discussion and further reading Part III Decision making for network security 6 Security risk-management 6.1 Quantitative risk-management 6.1.1 Risk in networked systems and organizations 6.1.2 A probabilistic risk framework 6.1.3 Dynamic risk mitigation and control 6.2 Security investment games 6.2.1 Influence network and game model 6.2.2 Equilibrium and convergence analysis 6.2.3 Incentives and game design 6.3 Cooperative games for security risk-management 6.3.1 Coalitional game model 6.3.2 Coalition formation under ideal cooperation 6.4 Discussion and further reading 7 Resource allocation for security 7.1 An optimization approach to malware filtering 7.1.1 Traffic centrality measures 7.1.2 Filtering problem formulations 7.2 A robust control framework for security response 7.2.1 Network traffic filtering model 7.2.2 Derivation of optimal controller and state estimator 7.3 Optimal and robust epidemic response 7.3.1 Epidemic models 7.3.2 Feedback response for malware removal 7.3.3 Multiple networks 7.4 Discussion and further reading 8 Usability, trust, and privacy 8.1 Security and usability 8.1.1 A system for security alert dissemination 8.1.2 Effective administrator response 8.2 Digital trust in online communities 8.2.1 Community trust game 8.2.2 Dynamics and convergence 8.2.3 Numerical analysis 8.3 Location privacy in mobile networks 8.3.1 A locati on privacy model

x Contents 8.3.2 Location privacy games 213 8.4 Discussion and further reading 215 Part IV Security attack and intrusion detection 217 9 Machine learning for intrusion and anomaly detection 219 9.1 Intrusion and anomaly detection 220 9.1.1 Intrusion detection and prevention systems 221 9.1.2 Open problems and challenges 224 9.2 Machine learning for security: an overview 225 9.2.1 Overview of machine-learning methods 226 9.2.2 Open problems and challenges 228 9.3 Distributed machine learning 230 9.3.1 SVM classification and decomposition 231 9.3.2 Parallel update algorithms 232 9.3.3 Active set method and a numerical example 238 9.3.4 Behavioral malware detection for mobile devices 241 9.4 Discussion and further reading 243 10 Hypothesis testing for attack detection 244 10.1 Hypothesis testing and network security 245 10.2 An overview of hypothesis testing 246 10.2.1 Вayesian hypothesis testing 247 10.2.2 Minimax hypothesis testing 247 10.2.3 Neyman-Pearson hypothesis testing 249 10.2.4 Other hypothesis testing schemes 250 10.3 Decentralized hypothesis testing with correlated observations 255 10.3.1 Decentralized hypothesis testing 255 10.3.2 Decision rules at the sensors and at the fusion center 257 10.3.3 Decentralized Bayesian hypothesis testing 259 10.3.4 Decentralized Neyman-Pearson hypothesis testing 264 10.4 The majority vote versus the likelihood ratio test 268 10.5 An algorithm to compute the optimal thresholds 270 10.6 Discussion and further reading 273 A Optimization, game theory, and optimal and robust control 274 A.l Introduction to optimization 274 A. 1.1 Sets, spaces, and norms 274 A. 1.2 Functionals, continuity, and convexity 275 A. 1.3 Optimization of functionals 276 A.2 Introduction to noncooperative game theory 281 A.2.1 General formulation for noncooperative games and equilibrium solutions 282

Contents xi A.2.2 Existence of Nash and saddle-point equilibria in finite games 284 A.2.3 Existence and uniqueness of Nash and saddle-point equilibria in continuous-kernel (infinite) games 285 A.2.4 Online computation of Nash equilibrium policies 287 A.3 Introduction to optimal and robust control theory 288 A.3.1 Dynamic programming for discrete-time systems 289 A.3.2 Dynamic programming for continuous-time systems 291 A.3.3 The minimum principle 294 A.3.4 H -optimal control 296 References Index 302 312

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information