Stochastic Game Theoretic Method of Quantification for Network Situational Awareness
Stochastic Game Theoretic Method of Quantification for Network Situational Awareness

H. Wang, Y. Liang, and X.Liu, Stochastic Game Theoretic Method of Quantification for Network Situational Awareness, 2008 International Conference on Internet Computing in Science and Engineering, DOI 10.1109/ICICSE.2008.55

Abstract

“Stochastic game theory is proposed to apply to the research on network situational awareness (NSA),and then a novel quantification method of NSA based on analysis of network service states is proposed. In this paper, network offense-defense game model including both the attacker and the defender in it is constructed; and game mathematical modeling of network situation is realized; the payoff of the both sides in the game is quantified according to the specific application, and the game situations is obtained by analyzing network service state. Finally, simulation experiments are done to validate the Nash equilibrium’s existing, at which point both of the sides get a balance between their payoffs and by which the current stable network security state is reflected, finally the quantification of NSA is achieved.”

Introduction

“The Internet and web technologies have provided great facilities in accessing information and communicating for people who use it. However, the ease of use has fostered lots of problems of network security. Now the hostile attacks are more and more complicated, distributed and profit-motivated, how to secure the network system has become the research focus in network technologies and also a key problem needed to be settled facing by people.”

“The existing network security means can only detect part of the intrusion behavior but can not deal with the distributed and complicated attacks, and the influence of attacks on network security can not be reflected intuitively.”

“Network security technology is asked to step into a new age. In 2000, Tim Bass first proposed the concept of cyberspace situational awareness [1] and established the functional framework of NSA, aiming to solve the existed network problems, which set the foundations for later research on NSA.”

Conclusions

“Network situational awareness is the promising direction of network security technology. In this paper, stochastic game theoretic is introduced to the research on NSA, the idea of analysis of network services is adopted to quantify NSA. However, the research is just underway, there exists some shortcomings, i.e. the network service full state space can be extremely large, but we focus on only a small subset of states that can be easily observed in attack scenarios. Also, the state transition probabilities need to be deduced more reasonably. In the future, we wish to develop a systematic method for decomposing large models into smaller subsystem, solve the state combination problem, and finally realize the real NSA in large scale network.”


Full text of this research paper here.