Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

A Game-Theoretic Framework for Network Security Vulnerability Assessment and Mitigation

Published

Author(s)

Assane Gueye, Vladimir V. Marbukh

Abstract

In this paper we propose and discuss a game-theoretic framework for (a) evaluating security vulnerability, (b) quantifying the corresponding Pareto optimal vulnerability/cost tradeo®, and (c) identifying the optimal operating point on this Pareto optimal frontier. We discuss our framework in the context of a °ow-level model of Supply-Demand (S-D) network where we assume a sophisticated attacker attempting to disrupt the network °ow. The vulnerability metric is determined by the Nash equilibrium payoff of the corresponding game. The vulnerability/cost tradeoff is derived by assuming that the "network" can reduce the security vulnerability at the cost of using more expensive flows and the optimal operating point is determined by the "network" preferences with respect to vulnerability and cost. We illustrate the proposed framework on examples through numerical investigations.
Proceedings Title
GameSec 2012, the third Conference on Decision and Game Theory for Security
Conference Dates
November 5-6, 2012
Conference Location
Budapest
Conference Title
GameSec

Keywords

Network Security Vulnerability, Network Security Cost, Vulnerability/Cost Tradeoff, Game Theoretic Model

Citation

Gueye, A. and Marbukh, V. (2012), A Game-Theoretic Framework for Network Security Vulnerability Assessment and Mitigation, GameSec 2012, the third Conference on Decision and Game Theory for Security, Budapest, -1, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=912263 (Accessed December 11, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created November 5, 2012, Updated May 4, 2021