Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 A Game Theoretic Approach for Active Defense Peng Liu Lab. for Info. and Sys. Security University of Maryland, Baltimore County Baltimore, MD 21250 OASIS,

Published byAbner Hensley Modified over 9 years ago

Similar presentations

Presentation on theme: "1 A Game Theoretic Approach for Active Defense Peng Liu Lab. for Info. and Sys. Security University of Maryland, Baltimore County Baltimore, MD 21250 OASIS,"— Presentation transcript:

1 1 A Game Theoretic Approach for Active Defense Peng Liu Lab. for Info. and Sys. Security University of Maryland, Baltimore County Baltimore, MD 21250 OASIS, March 2002

2 2 Evolution of Defensive Computing Systems However, many existing defensive computing systems are passive!. Prevention - authentication, access control, inference control, information flows, encryption, keys, signatures,... Intrusion Detection - host-based, network-based, misuse detection, anomaly detection,... Survivability - assessment - repair - isolation -containment - replication - segmentation - masking - migration - quorums - voting - reconfiguration - …...

3 3 Many IDS are passive Static intrusion detection -- fixed IDS configuration Adaptive intrusion detection -- reactive but not active – adapting IDS configuration to the changing environment – most successful when new attacks follow the same trend Passive -- the defense lags behind the offense.

4 4 Many existing intrusion tolerant systems are passive An intrusion tolerant system Tuner Environment good accesses attacks Reactive adaptations work well when the environment gradually changes following the same trend When the environment suddenly changes, the adaptation latency can be significant, during which the system is not stable and can perform very poorly

5 5 ITDB is passive Authorized but malicious transactions Mediator & Damage Container isolation suspicious transactions database merge Intrusion Detector assess repair Repair manager discard alarms trails Tuner alarms malicious transactions

6 6 Active Defense Systems An intrusion tolerant system Tuner Environment good accesses An attacking system battle

7 7 A game theoretic approach for active defense An intrusion tolerant system Game An attacking system Player 1 time Player 2 Attack strategy Defense strategy The game should have multiple phases The simplest case should be repeated games Payoff-2 (D, A)Payoff-1 (D, A) strategy space strategy space

8 8 A simple game Rational players: maximum payoffs with minimum risks Rational prediction -- Nash equilibrium -- (confess, confess) – player 1’s predicted strategy is player 1’s best response to the predicted strategy of player 2, and vice versa – no single player wants to deviate from his or her predicted strategy Prisoner 2 DenyConfess Deny Confess Prisoner 1 -1, -1-9, 0 0, -9 -6, -6 high risk Nash equilibrium

9 9 A motivating example Merchant Acquiring Bank Fraud Detection Account information Issuing Bank credit card transactions fraud detection – a profile for each card (customer) – distance (transaction, profile) indicates the anomaly – raising several levels of alarms based on the distance using a set of thresholds challenge -- how to – minimize the fraud loss – minimize the denial-of-service

10 10 Anomaly Detection System Specification

11 11 A game for active fraud defense (1) Fraud Detection System Customer Good guy Bad guy θ 1-θ ProbabilityTypesPayoff believes Bayesian 2-player active defense game u good u bad u ads = (1- θ)u ads,good + θ u ads, bad

12 12 A game for active fraud defense (2) Assumption: the profile of each customer is simply specified by the transaction amount

13 13 Attack Prediction Game

14 14 A naïve approach Assumption: the attacker knows Pi The Nash Equilibrium is: – when b=0 the FDS’s stategy is: TH=0 the good guy’s strategy is: amount=Pi the bad guy’s strategy is: amount =Pi – when b>0 there is no (pure strategy) Nash equilibrium since the FDS wants to outguess the bad guy and vice versa However, Pi is usually not completely known to the bad guy!

15 15 A probabilistic approach Assumption: the attacker only knows a distribution of Pi, e.g., a normal distribution The Nash Equilibrium (TH*, Ag*, Ab*) must satisfy: here However, when b is very small: 0 CL Pi Ab* 2TH

16 16 Adding more uncertainty Motivation: in many cases, the FDS is uncertain about the attacker’s strategy Assumption: the attacker’s strategy is randomly distributed over an attack window [X, X+B] where B is fixed The results are: 0 CL Pi XX+B Question: which X is best for the bad guy?

17 17 Preliminary results (1)

18 18 Preliminary results (2)

19 19 Preliminary results (3)

20 20 Preliminary results (4)

21 21 The impact on false alarm rate and detection rate The false alarm rate is dependent on the behavior of the good guy – If the good guy takes Nash strategies, the false alarm rate is 0 The detection rate can be predicted using the Nash Equilibrium Since in many practical defense systems there is incomplete information to compute the Nash Equilibrium, the false alarm rate is usually not zero, and the detection rate can only be approximately predicted

22 22 Suggestions to card holders Have multiple cards Each card has converged usage

23 23 Broader Attack Prediction Applications New types of attacks Known types of attacks Valuable games Not valuable games New attacks Attack Space

24 24 Example 1: new attacks There is a game for each new attack, however, – the attacker knows a lot about it but the defender knows very little – the attacker knows a lot about the Nash equilibrium, but the defender does not know – the attacker will not inform the defender what he or she knows As a result, the attacker can exploit the nature of asymmetric information sharing to win more! The defender can start to play the game only after the new attack happens

25 25 Example 2: code red Web server PatchNone Code Red None Attacker 0, -110, -10 0, -1 0, 0 Nash equilibrium PatchNone Code Red None -5, -15, -10 0, -1 0, 0 High probability of being captured Low probability of being captured

26 26 Potential impact Nash equilibrium are rational predictions for attacks Nash equilibrium can guide better defensive system design

27 27 Questions? Thank you!

Download ppt "1 A Game Theoretic Approach for Active Defense Peng Liu Lab. for Info. and Sys. Security University of Maryland, Baltimore County Baltimore, MD 21250 OASIS,"

Similar presentations

This Segment: Computational game theory Lecture 1: Game representations, solution concepts and complexity Tuomas Sandholm Computer Science Department Carnegie.

This Segment: Computational game theory Lecture 1: Game representations, solution concepts and complexity Tuomas Sandholm Computer Science Department Carnegie.
Sensor-Based Abnormal Human-Activity Detection Authors: Jie Yin, Qiang Yang, and Jeffrey Junfeng Pan Presenter: Raghu Rangan.

Sensor-Based Abnormal Human-Activity Detection Authors: Jie Yin, Qiang Yang, and Jeffrey Junfeng Pan Presenter: Raghu Rangan.
© 2009 Institute of Information Management National Chiao Tung University Game theory The study of multiperson decisions Four types of games Static games.

© 2009 Institute of Information Management National Chiao Tung University Game theory The study of multiperson decisions Four types of games Static games.
DARPA OASIS PI Meeting – Santa Fe – July 24-27, 2001Slide 1 Aegis Research Corporation Not for Public Release Survivability Validation Framework for Intrusion.

DARPA OASIS PI Meeting – Santa Fe – July 24-27, 2001Slide 1 Aegis Research Corporation Not for Public Release Survivability Validation Framework for Intrusion.
Chapter 6 Game Theory © 2006 Thomson Learning/South-Western.

Chapter 6 Game Theory © 2006 Thomson Learning/South-Western.
Calibrated Learning and Correlated Equilibrium By: Dean Foster and Rakesh Vohra Presented by: Jason Sorensen.

Calibrated Learning and Correlated Equilibrium By: Dean Foster and Rakesh Vohra Presented by: Jason Sorensen.
MIT and James Orlin © 2003 1 Game Theory 2-person 0-sum (or constant sum) game theory 2-person game theory (e.g., prisoner’s dilemma)

MIT and James Orlin © Game Theory 2-person 0-sum (or constant sum) game theory 2-person game theory (e.g., prisoner’s dilemma)
Game Theory 1. Game Theory and Mechanism Design Game theory to analyze strategic behavior: Given a strategic environment (a “game”), and an assumption.

Game Theory 1. Game Theory and Mechanism Design Game theory to analyze strategic behavior: Given a strategic environment (a “game”), and an assumption.
DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 1 Aegis Research Corporation Intrusion Tolerance Using Masking, Redundancy and Dispersion DARPA.

DARPA ITS PI Meeting – Honolulu – July 17-21, 2000Slide 1 Aegis Research Corporation Intrusion Tolerance Using Masking, Redundancy and Dispersion DARPA.
Using Game Theoretic Approach to Analyze Security Issues In Ad Hoc Networks Term Presentation Name: Li Xiaoqi, Gigi Supervisor: Michael R. Lyu Department:

Using Game Theoretic Approach to Analyze Security Issues In Ad Hoc Networks Term Presentation Name: Li Xiaoqi, Gigi Supervisor: Michael R. Lyu Department:
Economics 202: Intermediate Microeconomic Theory 1.HW #6 on website. Due Thursday. 2.No new reading for Thursday, should be done with Ch 8, up to page.

Economics 202: Intermediate Microeconomic Theory 1.HW #6 on website. Due Thursday. 2.No new reading for Thursday, should be done with Ch 8, up to page.
Chapter 6 © 2006 Thomson Learning/South-Western Game Theory.

Chapter 6 © 2006 Thomson Learning/South-Western Game Theory.
Algoritmi per Sistemi Distribuiti Strategici

Algoritmi per Sistemi Distribuiti Strategici
A Game-theoretic Approach to the Design of Self-Protection and Self-Healing Mechanisms in Autonomic Computing Systems Birendra Mishra Anderson School of.

A Game-theoretic Approach to the Design of Self-Protection and Self-Healing Mechanisms in Autonomic Computing Systems Birendra Mishra Anderson School of.
Cyber Threat Analysis  Intrusions are actions that attempt to bypass security mechanisms of computer systems  Intrusions are caused by:  Attackers accessing.

Cyber Threat Analysis  Intrusions are actions that attempt to bypass security mechanisms of computer systems  Intrusions are caused by:  Attackers accessing.
EECS 598-2 Presentation Web Tap: Intelligent Intrusion Detection Kevin Borders.

EECS Presentation Web Tap: Intelligent Intrusion Detection Kevin Borders.
5/1/2006Sireesha/IDS1 Intrusion Detection Systems (A preliminary study) Sireesha Dasaraju CS526 - Advanced Internet Systems UCCS.

5/1/2006Sireesha/IDS1 Intrusion Detection Systems (A preliminary study) Sireesha Dasaraju CS526 - Advanced Internet Systems UCCS.
Game theory The study of multiperson decisions Four types of games

Game theory The study of multiperson decisions Four types of games
This work is supported by the National Science Foundation under Grant Number DUE-0302909. Any opinions, findings and conclusions or recommendations expressed.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.
1 Intrusion Detection CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 4, 2004.

1 Intrusion Detection CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 4, 2004.

Similar presentations

Ads by Google