tailieunhanh - Game strategies in network security

The security architecture should be developed by both the network design and the IT security teams. It is typically integrated into the existing enterprise network and is dependent on the IT services that are offered through the network infrastructure. The access and security requirements of each IT service should be defined before the network is divided into modules with clearly identified trust levels. Each module can be treated separately and assigned a different security model. The goal is to have layers of security so that a “successful” intruder’s access is constrained to a limited part of the network. Just as the bulkhead design in a. | Int J Inf Secur 2005 Digital Object Identifier DOI s10207-004-0060-x Game strategies in network security Kong-wei Lye1 Jeannette M. Wing2 1 Department of Electrical and Computer Engineering e-mail kwlye@ 2 Computer Science Department Carnegie Mellon University 5000 Forbes Avenue Pittsburgh PA 15213-3890 USA e-mail wing@ Published online 3 February 2005 - Springer-Verlag 2005 Abstract. This paper presents a game-theoretic method for analyzing the security of computer networks. We view the interactions between an attacker and the administrator as a two-player stochastic game and construct a model for the game. Using a nonlinear program we compute Nash equilibria or best-response strategies for the players attacker and administrator . We then explain why the strategies are realistic and how administrators can use these results to enhance the security of their network. Keywords Stochastic games - Nonlinear programming - Network security 1 Introduction Government agencies banks retailers schools and a growing number of goods and service providers today all use the Internet as an integral way of conducting their daily business. Individuals good or bad can also easily connect to the Internet. Due to the ubiquity of the Internet computer security has now become more important than ever to organizations such as governments banks businesses and universities. Security specialists have long been interested in knowing what an intruder can do to a computer network and what can be done to prevent or counteract attacks. In this paper we describe how game theory can be used to find strategies for both an attacker and the administrator. We consider the interactions between them as a general-sum stochastic game. Example case study To create an example for our case study we interviewed one of our university network managers and put together the basis for several attack scenarios. We identified the types of attack actions involved estimated the likelihood .