Skip to main content
SpringerLink
Log in
Book cover

International Conference on Decision and Game Theory for Security

GameSec 2013: Decision and Game Theory for Security pp 206–225Cite as

Optimizing Active Cyber Defense

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8252))

Abstract

Active cyber defense is one important defensive method for combating cyber attacks. Unlike traditional defensive methods such as firewall-based filtering and anti-malware tools, active cyber defense is based on spreading “white” or “benign” worms to combat against the attackers’ malwares (i.e., malicious worms) that also spread over the network. In this paper, we initiate the study of optimal active cyber defense in the setting of strategic attackers and/or strategic defenders. Specifically, we investigate infinite-time horizon optimal control and fast optimal control for strategic defenders (who want to minimize their cost) against non-strategic attackers (who do not consider the issue of cost). We also investigate the Nash equilibria for strategic defenders and attackers. We discuss the cyber security meanings/implications of the theoretic results. Our study brings interesting open problems for future research.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Aitel, D.: Nematodes – beneficial worms (September 2005), http://www.immunityinc.com/downloads/nematodes.pdf

  2. Alpcan, T., Başar, T.: Network Security: A Decision and Game Theoretic Approach. Cambridge University Press (2011)

    Google Scholar 

  3. Bardi, M., Capuzzo-Dolcetta, I.: Optimal control and viscosity solutions of Hamilton-Jacobi-Bellman equations. Birkhauser (2008)

    Google Scholar 

  4. Bensoussan, A., Kantarcioglu, M., Hoe, S.R.: A game-theoretical approach for finding optimal strategies in a botnet defense model. In: Alpcan, T., Buttyán, L., Baras, J.S. (eds.) GameSec 2010. LNCS, vol. 6442, pp. 135–148. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  5. Castaneda, F., Sezer, E., Xu, J.: Worm vs. worm: preliminary study of an active counter-attack mechanism. In: Proc. ACM WORM 2004, pp. 83–93 (2004)

    Google Scholar 

  6. Chakrabarti, D., Wang, Y., Wang, C., Leskovec, J., Faloutsos, C.: Epidemic thresholds in real networks. ACM Trans. Inf. Syst. Secur. 10(4), 1–26 (2008)

    Article  Google Scholar 

  7. Collins, M.: A cost-based mechanism for evaluating the effectiveness of moving target defenses. In: Grossklags, J., Walrand, J. (eds.) GameSec 2012. LNCS, vol. 7638, pp. 221–233. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  8. Fultz, N., Grossklags, J.: Blue versus Red: Towards a Model of Distributed Security Attacks. In: Dingledine, R., Golle, P. (eds.) FC 2009. LNCS, vol. 5628, pp. 167–183. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  9. Ganesh, A., Massoulie, L., Towsley, D.: The effect of network topology on the spread of epidemics. In: Proc. of IEEE Infocom 2005 (2005)

    Google Scholar 

  10. Kephart, J., White, S.: Directed-graph epidemiological models of computer viruses. In: Proc. IEEE Symposium on Security and Privacy, pp. 343–361 (1991)

    Google Scholar 

  11. Kephart, J., White, S.: Measuring and modeling computer virus prevalence. In: Proc. IEEE Symposium on Security and Privacy, pp. 2–15 (1993)

    Google Scholar 

  12. Kermack, W., McKendrick, A.: A contribution to the mathematical theory of epidemics. Proc. of Roy. Soc. Lond. A 115, 700–721 (1927)

    Article  MATH  Google Scholar 

  13. Kesan, J., Hayes, C.: Mitigative counterstriking: Self-defense and deterrence in cyberspace. Harvard Journal of Law and Technology (forthcoming), SSRN: http://ssrn.com/abstract=1805163

  14. Khouzani, M., Sarkar, S., Altman, E.: A dynamic game solution to malware attack. In: Proc. IEEE INFOCOM, pp. 2138–2146 (2011)

    Google Scholar 

  15. Khouzani, M., Sarkar, S., Altman, E.: Saddle-point strategies in malware attack. IEEE Journal on Selected Areas in Communications 30(1), 31–43 (2012)

    Article  MathSciNet  Google Scholar 

  16. Lin, H.: Lifting the veil on cyber offense. IEEE Security & Privacy 7(4), 15–21 (2009)

    Article  Google Scholar 

  17. Manshaei, M., Zhu, Q., Alpcan, T., Basar, T., Hubaux, J.: Game theory meets network security and privacy. In: ACM Computing Survey (to appear)

    Google Scholar 

  18. Matthews, W.: U.s. said to need stronger, active cyber defenses (October 1, 2010), http://www.defensenews.com/story.php?i=4824730

  19. McKendrick, A.: Applications of mathematics to medical problems. Proc. of Edin. Math. Soceity 14, 98–130 (1926)

    Google Scholar 

  20. Naraine, R.: ‘friendly’ welchia worm wreaking havoc (August 19, 2003), http://www.internetnews.com/ent-news/article.php/3065761/Friendly-Welchia-Worm-Wreaking-Havoc.htm

  21. Omic, J., Orda, A., Van Mieghem, P.: Protecting against network infections: A game theoretic perspective. In: Infocom 2009, pp. 1485–1493 (2009)

    Google Scholar 

  22. Píbil, R., Lisý, V., Kiekintveld, C., Bošanský, B., Pěchouček, M.: Game theoretic model of strategic honeypot selection in computer networks. In: Grossklags, J., Walrand, J. (eds.) GameSec 2012. LNCS, vol. 7638, pp. 201–220. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  23. Schneier, B.: Benevolent worms (February 19, 2008), http://www.schneier.com/blog/archives/2008/02/benevolent_worm_1.html

  24. Shaughnessy, L.: The internet: Frontline of the next war? (November 7, 2011), http://www.cnn.com/2011/11/07/us/darpa/

  25. Theodorakopoulos, G., Boudec, J.-Y.L., Baras, J.S.: Selfish response to epidemic propagation. IEEE Trans. Aut. Contr. 58(2), 363–376 (2013)

    Article  Google Scholar 

  26. Van Mieghem, P., Omic, J., Kooij, R.: Virus spread in networks. IEEE/ACM Trans. Netw. 17(1), 1–14 (2009)

    Article  Google Scholar 

  27. Vojnovic, M., Ganesh, A.: On the race of worms, alerts, and patches. IEEE/ACM Trans. Netw. 16, 1066–1079 (2008)

    Article  Google Scholar 

  28. Wang, Y., Chakrabarti, D., Wang, C., Faloutsos, C.: Epidemic spreading in real networks: An eigenvalue viewpoint. In: Proc. IEEE SRDS 2003, pp. 25–34 (2003)

    Google Scholar 

  29. Weaver, N., Ellis, D.: White worms don’t work. login: The Usenix Magazine 31(6), 33–38 (2006)

    Google Scholar 

  30. Homeland Security News Wire. Active cyber-defense strategy best deterrent against cyber-attacks (June 28, 2011), http://www.homelandsecuritynewswire.com/active-cyber-defense-strategy-best-deterrent-against-cyber-attacks

  31. Wolf, J.: Update 2-u.s. says will boost its cyber arsenal (November 7, 2011), http://www.reuters.com/article/2011/11/07/cyber-usa-offensive-idUSN1E7A61YQ20111107

  32. Xu, S., Lu, W., Xu, L.: Push- and pull-based epidemic spreading in arbitrary networks: Thresholds and deeper insights. ACM Transactions on Autonomous and Adaptive Systems (ACM TAAS) 7(3), 32:1–32:26 (2012)

    Google Scholar 

  33. Xu, S., Lu, W., Xu, L., Zhan, Z.: Adaptive epidemic dynamics in networks: Thresholds and control. ACM Transactions on Autonomous and Adaptive Systems (ACM TAAS) (to appear)

    Google Scholar 

  34. Xu, S., Lu, W., Zhan, Z.: A stochastic model of multivirus dynamics. IEEE Trans. Dependable Sec. Comput. 9(1), 30–45 (2012)

    Article  Google Scholar 

  35. Xu, S., Lu, W., Li, H.: A stochastic model of active cyber defense dynamics. Internet Mathematics (to appear)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Mathematical Sciences, Fudan University, Shanghai, P.R. China, 200433

    Wenlian Lu & Xinlei Yi

  2. Department of Computer Science, University of Warwick, Coventry, CV4 7AL, UK

    Wenlian Lu

  3. Department of Computer Science, University of Texas at San Antonio, San Antonio, Texas, 78249, USA

    Shouhuai Xu

Authors
  1. Wenlian Lu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Shouhuai Xu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Xinlei Yi
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, Missouri University of Science and Technology, 500 West 15th Street, 325B Computer Science Building, 65409, Rolla, MO, USA

    Sajal K. Das

  2. Department of Computer Science, Purdue University, LWSN 2142J, 305 N. University Street, 47907, West Lafayette, IN, USA

    Cristina Nita-Rotaru

  3. Data Seurity and Privacs Lab, University of Texas at Dallas, 800 W. Campbell Road, MS EC31, 75080, Richardson, TX, USA

    Murat Kantarcioglu

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer International Publishing Switzerland

About this paper

Cite this paper

Lu, W., Xu, S., Yi, X. (2013). Optimizing Active Cyber Defense. In: Das, S.K., Nita-Rotaru, C., Kantarcioglu, M. (eds) Decision and Game Theory for Security. GameSec 2013. Lecture Notes in Computer Science, vol 8252. Springer, Cham. https://doi.org/10.1007/978-3-319-02786-9_13

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-02786-9_13

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-02785-2

  • Online ISBN: 978-3-319-02786-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation