Game-theoretic resource allocation for malicious packet detection in computer networks

Authors:
Ondřej Vaněk;Zhengyu Yin;Manish Jain;Branislav Bošanský;Milind Tambe;Michal Pěchouček
Affiliations:
Czech Technical University, Prague. Czech Republic;University of Southern California, Los Angeles, CA;University of Southern California, Los Angeles, CA;Czech Technical University, Prague. Czech Republic;University of Southern California, Los Angeles, CA;Czech Technical University, Prague. Czech Republic
Venue:
Proceedings of the 11th International Conference on Autonomous Agents and Multiagent Systems - Volume 2
Year:
2012

Citing 15
Cited 2

Bro: a system for detecting network intruders in real-time

Computer Networks: The International Journal of Computer and Telecommunications Networking
The NEOS Server

IEEE Computational Science & Engineering
Computing the optimal strategy to commit to

EC '06 Proceedings of the 7th ACM conference on Electronic commerce
Optimal approximation for the submodular welfare problem in the value oracle model

STOC '08 Proceedings of the fortieth annual ACM symposium on Theory of computing
Game theoretic models for detecting network intrusions

Computer Communications
Playing games for security: an efficient exact algorithm for solving Bayesian Stackelberg games

Proceedings of the 7th international joint conference on Autonomous agents and multiagent systems - Volume 2
Near-optimal observation selection using submodular functions

AAAI'07 Proceedings of the 22nd national conference on Artificial intelligence - Volume 2
A game theoretical framework on intrusion detection in heterogeneous networks

IEEE Transactions on Information Forensics and Security
Multi-step multi-sensor hider-seeker games

IJCAI'09 Proceedings of the 21st international jont conference on Artifical intelligence
Software Assistants for Randomized Patrol Planning for the LAX Airport Police and the Federal Air Marshal Service

Interfaces
Network Security: A Decision and Game-Theoretic Approach

Network Security: A Decision and Game-Theoretic Approach
GUARDS: game theoretic security allocation on a national scale

The 10th International Conference on Autonomous Agents and Multiagent Systems - Volume 1
A double oracle algorithm for zero-sum security games on graphs

The 10th International Conference on Autonomous Agents and Multiagent Systems - Volume 1
Security games with multiple attacker resources

IJCAI'11 Proceedings of the Twenty-Second international joint conference on Artificial Intelligence - Volume Volume One
Randomized sensing in adversarial environments

IJCAI'11 Proceedings of the Twenty-Second international joint conference on Artificial Intelligence - Volume Volume Three

Game theory for security: an important challenge for multiagent systems

EUMAS'11 Proceedings of the 9th European conference on Multi-Agent Systems
Security scheduling for real-world networks

Proceedings of the 2013 international conference on Autonomous agents and multi-agent systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

We study the problem of optimal resource allocation for packet selection and inspection to detect potential threats in large computer networks with multiple computers of differing importance. An attacker tries to harm these targets by sending malicious packets from multiple entry points of the network; the defender thus needs to optimally allocate her resources to maximize the probability of malicious packet detection under network latency constraints. We formulate the problem as a graph-based security game with multiple resources of heterogeneous capabilities and propose a mathematical program for finding optimal solutions. We also propose Grande, a novel polynomial time algorithm that uses an approximated utility function to circumvent the limited scalability caused by the attacker's large strategy space and the non-linearity of the aforementioned mathematical program. Grande computes solutions with bounded error and scales up to problems of realistic sizes.