اشترك بالحزمة الذهبية واحصل على وصول غير محدود شمرا أكاديميا
تسجيل مستخدم جديدSingle Controller Stochastic Games for Optimized Moving Target Defense
80
0
0.0
(
0
)
نشر من قبل
AbdelRahman Eldosouky
تاريخ النشر
2016
مجال البحث
الهندسة المعلوماتية
والبحث باللغة
English
اسأل ChatGPT حول البحث
ﻻ يوجد ملخص باللغة العربية
Moving target defense (MTD) techniques that enable a system to randomize its configuration to thwart prospective attacks are an effective security solution for tomorrows wireless networks. However, there is a lack of analytical techniques that enable one to quantify the benefits and tradeoffs of MTDs. In this paper, a novel approach for implementing MTD techniques that can be used to randomize cryptographic techniques and keys in wireless networks is proposed. In particular, the problem is formulated as a stochastic game in which a base station (BS), acting as a defender seeks to strategically change its cryptographic techniques and keys in an effort to deter an attacker that is trying to eavesdrop on the data. The game is shown to exhibit a single-controller property in which only one player, the defender, controls the state of the game. For this game, the existence and properties of the Nash equilibrium are studied, in the presence of a defense cost for using MTD. Then, a practical algorithm for deriving the equilibrium MTD strategies is derived. Simulation results show that the proposed game-theoretic MTD framework can significantly improve the overall utility of the defender, while enabling effective randomization over cryptographic techniques.
قيم البحث
اقرأ أيضاً
Two intimately related new classes of games are introduced and studied: entropy games (EGs) and matrix multiplication games (MMGs). An EG is played on a finite arena by two-and-a-half players: Despot, Tribune and the non-deterministic People. Despot
wants to make the set of possible Peoples behaviors as small as possible, while Tribune wants to make it as large as possible.An MMG is played by two players that alternately write matrices from some predefined finite sets. One wants to maximize the growth rate of the product, and the other to minimize it. We show that in general MMGs are undecidable in quite a strong sense.On the positive side, EGs correspond to a subclass of MMGs, and we prove that such MMGs and EGs are determined, and that the optimal strategies are simple. The complexity of solving such games is in NP&coNP.
Reactive defense mechanisms, such as intrusion detection systems, have made significant efforts to secure a system or network for the last several decades. However, the nature of reactive security mechanisms has limitations because potential attacker
s cannot be prevented in advance. We are facing a reality with the proliferation of persistent, advanced, intelligent attacks while defenders are often way behind attackers in taking appropriate actions to thwart potential attackers. The concept of moving target defense (MTD) has emerged as a proactive defense mechanism aiming to prevent attacks. In this work, we conducted a comprehensive, in-depth survey to discuss the following aspects of MTD: key roles, design principles, classifications, common attacks, key methodologies, important algorithms, metrics, evaluation methods, and application domains. We discuss the pros and cons of all aspects of MTD surveyed in this work. Lastly, we highlight insights and lessons learned from this study and suggest future work directions. The aim of this paper is to provide the overall trends of MTD research in terms of critical aspects of defense systems for researchers who seek for developing proactive, adaptive MTD mechanisms.
Services on the public Internet are frequently scanned, then subject to brute-force and denial-of-service attacks. We would like to run such services stealthily, available to friends but hidden from adversaries. In this work, we propose a moving targ
et defense named Chhoyhopper that utilizes the vast IPv6 address space to conceal publicly available services. The client and server to hop to different IPv6 addresses in a pattern based on a shared, pre-distributed secret and the time-of-day. By hopping over a /64 prefix, services cannot be found by active scanners, and passively observed information is useless after two minutes. We demonstrate our system with SSH, and show that it can be extended to other applications.
Simple stochastic games are turn-based 2.5-player zero-sum graph games with a reachability objective. The problem is to compute the winning probability as well as the optimal strategies of both players. In this paper, we compare the three known class
es of algorithms -- value iteration, strategy iteration and quadratic programming -- both theoretically and practically. Further, we suggest several improvements for all algorithms, including the first approach based on quadratic programming that avoids transforming the stochastic game to a stopping one. Our extensive experiments show that these improvements can lead to significant speed-ups. We implemented all algorithms in PRISM-games 3.0, thereby providing the first implementation of quadratic programming for solving simple stochastic games.
We study a stochastic game where one player tries to find a strategy such that the state process reaches a target of controlled-loss-type, no matter which action is chosen by the other player. We provide, in a general setup, a relaxed geometric dynam
ic programming principle for this problem and derive, for the case of a controlled SDE, the corresponding dynamic programming equation in the sense of viscosity solutions. As an example, we consider a problem of partial hedging under Knightian uncertainty.
سجل دخول لتتمكن من نشر تعليقات
التعليقات
جاري جلب التعليقات
سجل دخول لتتمكن من متابعة معايير البحث التي قمت باختيارها
