NIST logo

Publication Citation: A Game-Theoretic Framework for Network Security Vulnerability Assessment and Mitigation

NIST Authors in Bold

Author(s): Assane Gueye; Vladimir V. Marbukh;
Title: A Game-Theoretic Framework for Network Security Vulnerability Assessment and Mitigation
Published: November 05, 2012
Abstract: In this paper we propose and discuss a game-theoretic framework for (a) evaluating security vulnerability, (b) quantifying the corresponding Pareto optimal vulnerability/cost tradeo®, and (c) identifying the optimal operating point on this Pareto optimal frontier. We discuss our framework in the context of a °ow-level model of Supply-Demand (S-D) network where we assume a sophisticated attacker attempting to disrupt the network °ow. The vulnerability metric is determined by the Nash equilibrium payoff of the corresponding game. The vulnerability/cost tradeoff is derived by assuming that the "network" can reduce the security vulnerability at the cost of using more expensive flows and the optimal operating point is determined by the "network" preferences with respect to vulnerability and cost. We illustrate the proposed framework on examples through numerical investigations.
Conference: GameSec
Proceedings: GameSec 2012, the third Conference on Decision and Game Theory for Security
Location: Budapest, -1
Dates: November 5-6, 2012
Keywords: Network Security Vulnerability; Network Security Cost; Vulnerability/Cost Tradeoff; Game Theoretic Model
Research Areas: Threats & Vulnerabilities, Cybersecurity, Networking
PDF version: PDF Document Click here to retrieve PDF version of paper (235KB)