Abstract
Security-sensitive computerised communication systems are of increasing importance, however checking that they function correctly can be non-trivial. We propose automated verification techniques for the formal analysis of quantitative properties of such systems. Since communication networks typically require the collaboration of their participants to work effectively, we adopt a game-theoretic approach. Utility functions for each player, such as the degree of security offered and the communication costs incurred, are formally specified using quantitative temporal logics. Then, building upon probabilistic verification techniques for parametric Markov chains, we develop methods to identify Nash equilibria representing stable strategies for the participants. We implement our methods as an extension of the PRISM model checker, and illustrate their applicability by studying anonymity-cost trade-offs in the Crowds anonymity protocol.
The author thanks David Parker for many suggestions, help and insightful discussions. This work is supported in part by EPSRC (EP/K038575/1), and was partially performed when the author was at University of Birmingham.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Prototype tool and case studies. http://www.prismmodelchecker.org/files/qest19/
Carter, M.: Foundations of Mathematical Economics. MIT Press, Cambridge (2001)
Chatterjee, K., Majumdar, R., Jurdzinski, M.: On nash equilibria in stochastic games. In: CSL, pp. 26–40 (2004)
Datta, R.S.: Using computer algebra to find nash equilibria. In: ISSAC, pp. 74–79. ACM, New York (2003)
Datta, R.S.: Finding all nash equilibria of a finite game using polynomial algebra. Econ. Theory 42(1), 55–96 (2009)
Hahn, E.M., Hermanns, H., Zhang, L.: Probabilistic reachability for parametric Markov models. STTT 13(1), 3–19 (2011)
Hansson, H., Jonsson, B.: A logic for reasoning about time and reliability. Formal Aspects Comput. 6(5), 512–535 (1994)
Herings, P.J., Peeters, R.J.A.P.: A globally convergent algorithm to compute all nash equilibria for n-person games. Ann. OR 137(1), 349–368 (2005)
Kwiatkowska, M., Norman, G., Parker, D.: Stochastic model checking. In: Bernardo, M., Hillston, J. (eds.) SFM 2007. LNCS, vol. 4486, pp. 220–270. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-72522-0_6
Kwiatkowska, M., Norman, G., Parker, D.: PRISM 4.0: verification of probabilistic real-time systems. In: Gopalakrishnan, G., Qadeer, S. (eds.) CAV 2011. LNCS, vol. 6806, pp. 585–591. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-22110-1_47
Li, T.: Solving polynomial systems. Math. Intelligencer 8(3), 33–39 (1987)
Mhamdi, T., Hasan, O., Tahar, S.: Evaluation of anonymity and confidentiality protocols using theorem proving. Formal Methods Syst. Des. 47(3), 265–286 (2015)
Morgan, A.: Solving Polynominal Systems Using Continuation for Engineering and Scientific Problems. Society for Industrial and Applied Mathematics, Philadelphia (2009)
Nash, J.: Equilibrium points in n-person games. Proc. Nat. Acad. Sci. 36(1), 48–49 (1950)
Osborne, M.J.: An Introduction to Game Theory. Oxford University Press, Oxford (2009)
Reiter, M.K., Rubin, A.D.: Crowds: anonymity for web transactions. ACM Trans. Inf. Sys. Secur. 1, 66–92 (1998)
Shmatikov, V.: Probabilistic analysis of anonymity. In: CSFW, pp. 119–128. IEEE Computer Society Press (2002)
Shmatikov, V.: Probabilistic model checking of an anonymity system. J. Comput. Secur. 12(3/4), 355–377 (2004)
Ummels, M., Wojtczak, D.: The complexity of nash equilibria in stochastic multiplayer games. Logic. Methods Comput. Sci. 7(3) (2011)
Venkitasubramaniam, P., Tong, L.: A game-theoretic approach to anonymous networking. IEEE/ACM Trans. Netw. 20(3), 892–905 (2012)
Verschelde, J.: Algorithm 795: PHCpack: a general-purpose solver for polynomial systems by homotopy continuation. ACM Trans. Math. Softw. 25(2), 251–276 (1999)
Yang, M., Sassone, V., Hamadou, S.: A game-theoretic analysis of cooperation in anonymity networks. In: POST, pp. 269–289 (2012)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Appendices
Appendix A: Sensitivity Study of the Reward Structures
Appendix B: The PRISM Model of Crowds Protocol
-
(1)
Cost structures for honest players \(i=1,2\): assigns a cost of 1 and 2 to all transitions labelled with ‘\(s_1\)’ and ‘\(r_1\)’ to player 1 respectively; and assigns a cost of 2 and 3 to all transitions labelled with ‘\(s_2\)’ and ‘\(r_2\)’ to player 2 respectively.
-
(2)
Property specification for honest players: the utility function of player i is defined as the probability of good behaviours/costs. We say a run is good if it reaches the destination without violating the anonymity properties.
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Mu, C. (2019). Automated Game-Theoretic Verification of Security Systems. In: Parker, D., Wolf, V. (eds) Quantitative Evaluation of Systems. QEST 2019. Lecture Notes in Computer Science(), vol 11785. Springer, Cham. https://doi.org/10.1007/978-3-030-30281-8_14
Download citation
DOI: https://doi.org/10.1007/978-3-030-30281-8_14
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-30280-1
Online ISBN: 978-3-030-30281-8
eBook Packages: Computer ScienceComputer Science (R0)