Modelling and Analysis of Network Security - a Probabilistic Value-passing CCS Approach

  • Qian ZhangEmail author
  • Ying Jiang
  • Liping Ding
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9543)


In this work, we propose a probabilistic value-passing CCS (Calculus of Communicating System) approach to model and analyze a typical network security scenario with one attacker and one defender. By minimizing this model with respect to probabilistic bisimulation and abstracting it through graph-theoretic methods, two algorithms based on backward induction are designed to compute Nash Equilibrium strategy and Social Optimal strategy respectively. For each algorithm, the correctness is proved and an implementation is realized. Finally, this approach is illustrated by a detailed case study.


Network security Nash equilibrium strategy Social optimal strategy Reactive model Probabilistic value passing CCS 



This work has been partly funded by the French-Chinese project Locali (NSFC 61161130530 and ANR-11-IS02-0002) and by the Chinese National Basic Research Program (973) Grant No. 2014CB34030.


  1. 1.
    Diestel, R.: Graph Theory, 3rd edn. Springer-Verlag, New York (2005)zbMATHGoogle Scholar
  2. 2.
    van Glabbeek, R., Smolka, S.A., Steffen, B., Tofts, C.M.: Reactive, generative, and stratified models of probabilistic processes. Inf. Comput. 121(1), 59–80 (1995)MathSciNetCrossRefzbMATHGoogle Scholar
  3. 3.
    Harsanyi, J.C.: Games with incomplete information played by bayesian players, i-iii. Manage. Sci. 14(3), 159–182 (1967)MathSciNetCrossRefzbMATHGoogle Scholar
  4. 4.
    Jean Tirole, E.M.: Markov perfect equilibrium. J. Econ. Theor. (2001)Google Scholar
  5. 5.
    Jormakka, J., Molsa, J.: Modelling information warfare as a game. J. Inf. Warfare 4(2), 12–25 (2005)Google Scholar
  6. 6.
    Nguyen, K.C., Alpcan, T., Basar, T.: Stochastic games for security in networks with interdependent nodes. In: Proceedings of International Conference on Game Theory for Networks (2009)Google Scholar
  7. 7.
    Liang, X., Xiao, Y.: Game theory for network security. IEEE Commun. Surv. amp Tutorials 15(1), 472–486 (2013)CrossRefGoogle Scholar
  8. 8.
    Lye, K., Wing, J.: Game strategies in network security. In: Proceedings of the Foundations of Computer Security (2005)Google Scholar
  9. 9.
    Nguyen, K., Alpcan, T., Basar, T.: Stochastic games with incomplete information. In: Proceedings of IEEE International Conference on Communications (ICC) (2009)Google Scholar
  10. 10.
    Osborne, M.J., Rubinstein, A.: A Course in Game Theory. MIT Press, Cambridge (1994)zbMATHGoogle Scholar
  11. 11.
    Patcha, A., Park, J.: A game theoretic apporach to modeling intrusion detection in mobile ad hoc networks. In: Proceedings of the 2004 IEEE workshop on Information Assurance and Security (2004)Google Scholar
  12. 12.
    Roy, S., Ellis, C.: A survey of game theory as applied to network security. In: \(43^{rd}\) Hawaii International Conference on System Sciences (2010)Google Scholar
  13. 13.
    Sangiorgi, D.: An Introduction to Bisimulation and Coinduction. Springer (2007)Google Scholar
  14. 14.
    Shapley, L.: Stochastic Games. Princeton University Press, Princeton (1953)zbMATHGoogle Scholar
  15. 15.
    Syverson, P.: A different look at secure distributed computation. In: Proceedings 10th IEEE Computer Security Foundations Workshop (1997)Google Scholar
  16. 16.
    Wal, J.V.D.: Stochastic Dynamic Programming. Mathematical Centre Tracts 139. Morgan Kaufmann, Amsterdam (1981)zbMATHGoogle Scholar
  17. 17.
    Xiaolin, C., Xiaobin, T., Yong, Z., Hongsheng, X.: A markov game theory-based risk assessment model for network information systems. In: International Conference on Computer Science and Software Engineering (2008)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  1. 1.Institute of Software, Chinese Academy of SciencesBeijingChina
  2. 2.State Key Laboratory of Computer ScienceBeijingChina
  3. 3.National Engineering Research Center for Fundamental SoftwareBeijingChina

Personalised recommendations