Dynamic Network Security Deployment under Partial Information George Theodorakopoulos (EPFL) John S. Baras (UMD) Jean-Yves Le Boudec (EPFL) September 24, 2008 2008 Allerton Conference

1

Security Products: Deploy or Not ? „

„ „

„

Network users decide to start and continue to use security products based on economic considerations Costs are rather perceived vs real Costs depend on information available to users at each decision time Costs depend on decisions of other users – a user’s likelihood to get infected depends on the security level employed by other users 2

Approach: Overview „

„

„ „

„

Combine malware spreading dynamics with a game theoretic approach (deploy security or not) Users can change decisions dynamically to maximize their perceived utility Results in an Evolutionary Game with Learning Find and characterize equilibrium points – dependence on speed of learning ‘network state’ Evolutionary Equilibria (EE) 3

Scenario „ „ „

„

Network with N users Total contact rate βN , β>0, ind. of N A pair makes (2 β/ (N-1)) contacts per unit time A user can be in one of 3 states: „ „ „

„

Susceptible (S ) Infected (I ) Protected (P )

S, I, P, percentages -- S + I + P =1 4

Scenario … „

„

„

„

Worm propagates in the network and infects susceptible users Infection lasts a random time -- exp. with parameter δ An infected user infects other susceptible users he contacts After infection is over user becomes protected 5

Scenario … „

Non-infected users ( S or P ) can decide to stay in their current state or switch to the other state „

„

Decide whether and for how long to install protection

Decision depends on „ „

„ „

Cost of protection cP > 0 Risk of getting infected; function of infection cost cI > cP > 0, and of percentage of infected users I (t ) Need to learn ( ‘estimate’ ) I (t ) I (t ) changes 6

Game Formulation

„ „ „ „ „

Two types of players: Type 1 and Type 2 Type 1 is non-infected Type 2 is infected Players matched at random Probability { Type 1 player will meet a Type 2 player} = I 7

Game Formulation … „

Type 1 player vs Type 1 player game

S S P

(0, 0)

P (0, -cP)

(-cP , 0) (-cP , -cP )

8

Game Formulation … „

Type 1 player vs Type 2 player game (omit payoffs of Type 2 players)

I S P

(-cI , --) (-cP , --) 9

Game Theoretic Behavior „

User ‘pays’ „ „

„

Threshold I*= (cP /cI ) „

„

„

cP when installing protection cI when getting infected ( 0 < cP < cI )

When I (t ) (fraction of Infected) exceeds I* then: Best Response Æ S becomes P Otherwise: Best Response Æ P becomes S

So: Learning the value of I (t ) is crucial 10

Learning „ „

„

„

„

How do S and P users learn the value of I (t ) ? Central monitor (e.g., base station) knows instantly I (t ) Each user contacts the monitor at rate γ and learns I (t ) Users do not know the exact value of I (t ) at all times Field observations: users chose randomly between two alternatives – choice becomes more deterministic when utility differences larger

11

Smoothed Best Response „

„

„

Psychology research: When choosing between two similar alternatives, users randomize If the expected costs of infection and protection are close enough (I (t ) close to the threshold I*), users randomize pSP (I ): probability of SÆP switch, when learning that I (t ) =I pPS (I ): similarly for PÆS switch 12

Smoothed Best Response

„

„

pSP (I ): piecewise

linear sigmoid For ε→ 0 becomes pure best response

Switching probability pSP (I)

1



0

I∗ − 0

 2

I∗ +

 2

I∗ Fraction I of infected users

1 13

Epidemic Worm Propagation „

SIP model (similar to the classical SIR)

„

Parameters „ „

„

S, I, P : fraction of Susceptible, Infected, Protected β : rate of contacts per node (classical: per pair)

δ : rate of disinfection (equivalently, the duration of 14 the infection is ~ Exp(δ ))

Complete Model „

Users can switch between S and P, and also learn I at rate γ ƒ An evolutionary game on the simplex in \3 ƒ A switching dynamical system on the simplex in \3 ƒ Strong connections to ‘replicator dynamics’ Lie-algebraic conditions for equilibria, stability, periodic solutions 15

Results „

Equilibrium points and stability „

Point „ „

„

Exists always Stable when

The condition ,, so

means that exponentially in

ƒ Nothing to worry about in this case:

Some users go from S to I to P, then I goes to zero, and all the P switch to S (zero cost!)

16

Results … „

Point „ „ „ „ „

„

Exists when and Stable whenever it exists S= is independent of For , I increases, and P decreases If users learn fast that I (t ) < I*, they switch from P to S, and then get infected User selfishness increases total network cost ( ) 17

Results … „

Point „ „ „

„ „

Exists when and Stable whenever it exists : smaller solution of

Always: So, is a tight upper bound for I 18

Conclusions „

Socially optimal strategy: „

„

“All users become P at the first sign of infection, and then switch to S when the infected have all become disinfected.”

But not individually rational! „

Protection costs, and users prefer to risk a large loss (infection) rather than accept a small certain loss (protection). 19

Conclusion

„

Telling users the true state of the network increases the total network cost. We can show:

„

Optimal for the operator:

„

Dynamic security deployment under partial information

Sep 24, 2008 - Dynamic Network Security. Deployment ... maximize their perceived utility. ▫ Results in an ... dependence on speed of learning 'network state'.

118KB Sizes 0 Downloads 191 Views

Recommend Documents

Dynamic Partial Reconfiguration
Nov 1, 2004 - Xilinx software that appeared in the version 6.3 SP3. I found two ways of solving this problem : (1) uninstall SP3 or (2) use FPGA editor.

Wyoming School Security Fund Deployment - Aug 2015 ...
Wyoming School Security Fund Deployment - Aug 2015 Presentation.pdf. Wyoming School Security Fund Deployment - Aug 2015 Presentation.pdf. Open.

Dynamic economic equilibrium under redistribution
taxes remain at their upper bound forever. This result makes it clear that optimal taxes preferred by the median voter are aimed not at equalizing the wealth distribution but at high transfers and high consumption, since high constant taxes leave the

School Choice: Student Exchange under Partial Fairness
‡Department of Economics, Massachusetts Institute of Technology. ..... Step k > 1: Each student rejected in Step k −1 applies to her next best school. .... 7The students actually reveal two pieces of information simultaneously: their preferences 

Dynamic Strategic Information Transmission - NYU
Sep 16, 2011 - Keywords: asymmetric information; cheap talk; dynamic strategic .... informed party sends cheap messageslthe uniformed party chooses ...

Partial Realization in Dynamic Justification Logic
The effect of a public announcement of statement A is represented by a formula ... membership card, which can also be attached to their luggage to make public.

Extended Partial Distance Elimination and Dynamic ...
Along with language model search- ing, likelihood computation is so time consuming that most of ... the nearest neighbour approximation (PDE) and VQ-based. Gaussian selection. In section 3, we present our new .... likelihood of a GMM S with the likel

Dynamic Strategic Information Transmission - NYU
Sep 16, 2011 - Keywords: asymmetric information; cheap talk; dynamic strategic ... Skreta: NYU, Stern School of Business; Tsyvinski: Yale and NES; Wilson: NYU. ...... In the second line, the limit is clearly decreasing in y (noting that ф ) B 2.

Information Security and Acceptable Use Security Policy.pdf ...
There was a problem previewing this document. Retrying... Download. Connect more apps... Try one of the apps below to open or edit this item. Information ...

lobbying under asymmetric information
home firm can convey this information to the policymaker via costly lobbying. ... This is the system that we have. I didn't .... 6 We use Brander-Spencer (1985) framework since its the simplest best-known model in trade. ..... costs as expenses like

Competitive Screening under Heterogeneous Information
equilibrium outcome under duopoly often lies between the monopoly and the perfectly competitive outcome, and that (ii) when .... competitive outcomes.10 Frictions in our model have a different nature (they are informational). Faig and Jerez (2005) ..

Competitive Screening under Heterogeneous Information
of sales. Firms then have to design their menu of products accounting for consumers' choices of which firm to ..... the best offer available), expected sales to each type k depend on the rank Fk(uk) of the indirect ..... value for quality in televisi

under conditions of limited information
of location; as regional economies in developing countries are very open, ... input-output accounts, one that has been rarely implemented given the .... Banking and Finance. 9. ... development of a Wales-Rest of the U.K. interregional table.

Dynamic Contracting under Adverse Selection and ...
Jan 30, 2017 - Caltech, EPGE#FGV, FGV#SP, Insper, PUC#Rio, TSE, Yale and Washington University at Saint Louis. Any remaining errors are mine.