International Conference on Decision and Game Theory for Security

Decision and Game Theory for Security pp 228-249 | Cite as

Approximate Solutions for Attack Graph Games with Imperfect Information

  • Karel Durkota
  • Viliam Lisý
  • Branislav Bošanský
  • Christopher Kiekintveld
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9406)

Abstract

We study the problem of network security hardening, in which a network administrator decides what security measures to use to best improve the security of the network. Specifically, we focus on deploying decoy services or hosts called honeypots. We model the problem as a general-sum extensive-form game with imperfect information and seek a solution in the form of Stackelberg Equilibrium. The defender seeks the optimal randomized honeypot deployment in a specific computer network, while the attacker chooses the best response as a contingency attack policy from a library of possible attacks compactly represented by attack graphs. Computing an exact Stackelberg Equilibrium using standard mixed-integer linear programming has a limited scalability in this game. We propose a set of approximate solution methods and analyze the trade-off between the computation time and the quality of the strategies calculated.

References

  1. 1.
    Ammann, P., Wijesekera, D., Kaushik, S.: Scalable, graph-based network vulnerability analysis. In: Proceedings of CCS, pp. 217–224 (2002)Google Scholar
  2. 2.
    Bacic, E., Froh, M., Henderson, G.: Mulval extensions for dynamic asset protection. Technical report, DTIC Document (2006)Google Scholar
  3. 3.
    Benisch, M., Davis, G.B., Sandholm, T.: Algorithms for closed under rational behavior (curb) sets. J. Artif. Int. Res. 38(1), 513–534 (2010)MathSciNetMATHGoogle Scholar
  4. 4.
    Bernheim, B.D.: Rationalizable strategic behavior. Econometrica 52, 1007–1028 (1984)MathSciNetCrossRefMATHGoogle Scholar
  5. 5.
    Boddy, M.S., Gohde, J., Haigh, T., Harp, S.A.: Course of action generation for cyber security using classical planning. In: Proceedings of ICAPS, pp. 12–21 (2005)Google Scholar
  6. 6.
    Bošanský, B., Kiekintveld, C., Lisý, V., Pěchouček, M.: An exact double-oracle algorithm for zero-sum extensive-form games with imperfect information. J. Artif. Int. Res. 51, 829–866 (2014)MATHGoogle Scholar
  7. 7.
    Bošanský, B., Čermak, J.: Sequence-form algorithm for computing stackelberg equilibria in extensive-form games. In: Proceedings of AAAI Conference on AI, pp. 805–811 (2015)Google Scholar
  8. 8.
    Carroll, T.E., Grosu, D.: A game theoretic investigation of deception in network security. Secur. Commun. Netw. 4(10), 1162–1172 (2011)CrossRefGoogle Scholar
  9. 9.
    Cassandra, A., Littman, M.L., Zhang, N.L.: Incremental pruning: a simple, fast, exact method for partially observable markov decision processes. In: Proceedings of UAI, pp. 54–61. Morgan Kaufmann Publishers Inc. (1997)Google Scholar
  10. 10.
    Conitzer, V., Korzhyk, D.: Commitment to correlated strategies. In: Proceedings of AAAI, pp. 632–637 (2011)Google Scholar
  11. 11.
    Conitzer, V., Sandholm, T.: Computing the optimal strategy to commit to. In: Proceedings of ACM EC, pp. 82–90. ACM (2006)Google Scholar
  12. 12.
    Durkota, K., Lisý, V., Bošanský, B., Kiekintveld, C.: Optimal network security hardening using attack graph games. In: Proceedings of IJCAI, pp. 7–14 (2015)Google Scholar
  13. 13.
    Grimes, R.A., Nepomnjashiy, A., Tunnissen, J.: Honeypots for windows (2005)Google Scholar
  14. 14.
    Homer, J., Zhang, S., Ou, X., Schmidt, D., Du, Y., Rajagopalan, S.R., Singhal, A.: Aggregating vulnerability metrics in enterprise networks using attack graphs. J. Comput. Secur. 21(4), 561–597 (2013)Google Scholar
  15. 15.
    Ingols, K., Lippmann, R., Piwowarski, K.: Practical attack graph generation for network defense. In: Proceedings of ACSAC, pp. 121–130 (2006)Google Scholar
  16. 16.
    Koller, D., Megiddo, N., Von Stengel, B.: Efficient computation of equilibria for extensive two-person games. Games Econ. Behav. 14(2), 247–259 (1996)CrossRefMATHGoogle Scholar
  17. 17.
    Korzhyk, D., Yin, Z., Kiekintveld, C., Conitzer, V., Tambe, M.: Stackelberg vs. nash in security games: An extended investigation of interchangeability, equivalence, and uniqueness. J. Artif. Int. Res. 41(2), 297–327 (2011)MathSciNetMATHGoogle Scholar
  18. 18.
    Letchford, J., Conitzer, V.: Computing optimal strategies to commit to in extensive-form games. In: Proceedings of ACM EC, pp. 83–92 (2010)Google Scholar
  19. 19.
    Letchford, J., Vorobeychik, Y.: Optimal interdiction of attack plans. In: Proceedings of AAMAS, pp. 199–206 (2013)Google Scholar
  20. 20.
    Littman, M.L.: The witness algorithm: Solving partially observable markov decision processes. Technical report, Providence, RI, USA (1994)Google Scholar
  21. 21.
    Lucangeli Obes, J., Sarraute, C., Richarte, G.: Attack planning in the real world. In: Working notes of SecArt 2010 at AAAI, pp. 10–17 (2010)Google Scholar
  22. 22.
    Mell, P., Scarfone, K., Romanosky, S.: Common vulnerability scoring system. Secur. Priv. 4, 85–89 (2006)CrossRefGoogle Scholar
  23. 23.
    Noel, S., Jajodia, S.: Managing attack graph complexity through visual hierarchical aggregation. In: Proceedings of ACM VizSEC/DMSEC, pp. 109–118. ACM (2004)Google Scholar
  24. 24.
    Noel, S., Jajodia, S.: Optimal ids sensor placement and alert prioritization using attack graphs. J. Netw. Syst. Manage. 16, 259–275 (2008)CrossRefGoogle Scholar
  25. 25.
    Noel, S., Jajodia, S., Wang, L., Singhal, A.: Measuring security risk of networks using attack graphs. Int. J. Next-Gener. Comput. 1(1), 135–147 (2010)Google Scholar
  26. 26.
    Ou, X., Boyer, W.F., McQueen, M.A.: A scalable approach to attack graph generation. In: Proceedings of ACM CCS, pp. 336–345. ACM (2006)Google Scholar
  27. 27.
    Ou, X., Govindavajhala, S., Appel, A.W.: Mulval: a logic-based network security analyzer. In: Proceedings of USENIX SSYM. pp. 113–128. USENIX Association, Berkeley (2005)Google Scholar
  28. 28.
    Píbil, R., Lisý, V., Kiekintveld, C., Bošanský, B., Pěchouček, M.: Game theoretic model of strategic honeypot selection in computer networks. In: Grossklags, J., Walrand, J. (eds.) GameSec 2012. LNCS, vol. 7638, pp. 201–220. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  29. 29.
    Provos, N.: A virtual honeypot framework. In: Proceedings of USENIX SSYM, pp. 1–14. Berkeley, CA, USA (2004)Google Scholar
  30. 30.
    Qassrawi, M.T., Hongli, Z.: Deception methodology in virtual honeypots. In: Proceedings of NSWCTC, vol. 2, pp. 462–467. IEEE (2010)Google Scholar
  31. 31.
    Sawilla, R.E., Ou, X.: Identifying critical attack assets in dependency attack graphs. In: Jajodia, S., Lopez, J. (eds.) ESORICS 2008. LNCS, vol. 5283, pp. 18–34. Springer, Heidelberg (2008) CrossRefGoogle Scholar
  32. 32.
    Sheyner, O., Haines, J., Jha, S., Lippmann, R., Wing, J.M.: Automated generation and analysis of attack graphs. In: IEEE Symposium Security and Privacy, pp. 273–284. IEEE (2002)Google Scholar
  33. 33.
    Tambe, M.: Security and Game Theory: Algorithms, Deployed Systems, Lessons Learned, 1st edn. Cambridge University Press, New York (2011) CrossRefGoogle Scholar
  34. 34.
    Von Stengel, B., Forges, F.: Extensive form correlated equilibrium: definition and computational complexity. Math. Oper. Res. 33(4), 1002–1022 (2008)MathSciNetCrossRefMATHGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Karel Durkota
    • 1
  • Viliam Lisý
    • 1
    • 2
  • Branislav Bošanský
    • 3
  • Christopher Kiekintveld
    • 4
  1. 1.Department of Computer Science, Agent Technology CenterCzech Technical University in PraguePragueCzech Republic
  2. 2.Department of Computing ScienceUniversity of AlbertaEdmontonCanada
  3. 3.Department of Computer ScienceAarhus UniversityAarhusDenmark
  4. 4.Computer Science DepartmentUniversity of Texas at El PasoEl PasoUSA

Personalised recommendations