International Conference on Decision and Game Theory for Security

Decision and Game Theory for Security pp 228-249

Approximate Solutions for Attack Graph Games with Imperfect Information

  • Karel Durkota
  • Viliam Lisý
  • Branislav Bošanský
  • Christopher Kiekintveld
Conference paper

DOI: 10.1007/978-3-319-25594-1_13

Part of the Lecture Notes in Computer Science book series (LNCS, volume 9406)
Cite this paper as:
Durkota K., Lisý V., Bošanský B., Kiekintveld C. (2015) Approximate Solutions for Attack Graph Games with Imperfect Information. In: Khouzani M., Panaousis E., Theodorakopoulos G. (eds) Decision and Game Theory for Security. Lecture Notes in Computer Science, vol 9406. Springer, Cham

Abstract

We study the problem of network security hardening, in which a network administrator decides what security measures to use to best improve the security of the network. Specifically, we focus on deploying decoy services or hosts called honeypots. We model the problem as a general-sum extensive-form game with imperfect information and seek a solution in the form of Stackelberg Equilibrium. The defender seeks the optimal randomized honeypot deployment in a specific computer network, while the attacker chooses the best response as a contingency attack policy from a library of possible attacks compactly represented by attack graphs. Computing an exact Stackelberg Equilibrium using standard mixed-integer linear programming has a limited scalability in this game. We propose a set of approximate solution methods and analyze the trade-off between the computation time and the quality of the strategies calculated.

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Karel Durkota
    • 1
  • Viliam Lisý
    • 1
    • 2
  • Branislav Bošanský
    • 3
  • Christopher Kiekintveld
    • 4
  1. 1.Department of Computer Science, Agent Technology CenterCzech Technical University in PraguePragueCzech Republic
  2. 2.Department of Computing ScienceUniversity of AlbertaEdmontonCanada
  3. 3.Department of Computer ScienceAarhus UniversityAarhusDenmark
  4. 4.Computer Science DepartmentUniversity of Texas at El PasoEl PasoUSA

Personalised recommendations