상세정보
Export to Refworks부가기능
Game Theoretic Models and Behavioral Study for Cybersecurity
상세 프로파일
| 자료유형 | 학위논문 |
|---|---|
| 서명/저자사항 | Game Theoretic Models and Behavioral Study for Cybersecurity. |
| 개인저자 | Feng, Xiaotao. |
| 단체저자명 | University of California, Davis. Electrical and Computer Engineering. |
| 발행사항 | [S.l.]: University of California, Davis., 2019. |
| 발행사항 | Ann Arbor: ProQuest Dissertations & Theses, 2019. |
| 형태사항 | 112 p. |
| 기본자료 저록 | Dissertations Abstracts International 81-02B. Dissertation Abstract International |
| ISBN | 9781085590167 |
| 학위논문주기 | Thesis (Ph.D.)--University of California, Davis, 2019. |
| 일반주기 |
Source: Dissertations Abstracts International, Volume: 81-02, Section: B.
Advisor: Mohapatra, Prasant. |
| 이용제한사항 | This item must not be sold to any third party vendors. |
| 요약 | An important challenge in cybersecurity is to develop a rigorous understanding of Advanced Persistent Threats (APT), an emerging attacking paradigm that cannot be efficiently stopped using traditional cyber-defense techniques. These attacks are highly motivated and persistent and they often operate in a stealth way to avoid detection. Due to the incentive nature of the advanced attacker, game theory is a proper tool to reason about the strategic behavior for each participant. In this dissertation, we propose several novel models to analyze the interplay among the participants and present different ways for the defender to hold a more secure system.We start from considering a three-player game model by introducing a third party player, the insider, who can trade inside information to the attacker for a profit and in the mean time effect the attacker's efficiency, e.g., attacking cost, uncertainty about the system. According to either the defender is observable to the attacker, we firstly propose a symmetric model and then extend it to an asymmetric version due to different feedback structures. We characterize the subgame perfect equilibria of the game with the defender as the leader and the attacker and the insider as the followers, under two different information trading processes. We derive various insights from the game models, and discuss approaches for achieving more efficient defense in the face of both a stealthy attacker and an insider with double roles.Recognizing the traditional defense techniques that adopt a passive and static approach is insufficient in the face of APT, we further propose a Stackelberg game model for Moving Target Defense (MTD) against the advanced attacker where the defender periodically switches the state of an abstract resource to make it difficult for the attacker to identify the real configurations combination of the resource. Although various information feedback structures are allowed in our model, we mainly consider a worst-case from the defender's perspective where the attacker has strong power to know the previous configurations used by the defender. This assumption is especially reasonable in the context of APT. By formulating the defender's problem on optimizing the switch strategy as a Markov Decision Process (MDP), we prove that the optimal strategy has a simple structure and derive an efficient value iteration algorithm to solve the MDP.We further study the case where the action spaces of both the defender and the attacker can be modeled as a directed graph. When the graph is regular, we solve the optimal strategy in an explicit way and derive various insights about how the degree, graph size and switching cost affecting the strategy. These observations are further verified on random graphs empirically.Finally, we go one step beyond and show that MTD can be further improved when combined with information disclosure. We show that the defender may design a signaling scheme to exploit the uncertainty created by MTD to further affect the attacker's behavior for its own advantage. We obtain conditions under which signaling is useful, and show that strategic information disclosure can be a promising way to further reverse the information asymmetry and achieve more efficient active defense. |
| 일반주제명 | Computer science. |
| 언어 | 영어 |
| 바로가기 | 
: 이 자료의 원문은 한국교육학술정보원에서 제공합니다. |
