ebook img

Decision and Game Theory for Security: First International Conference, GameSec 2010, Berlin, Germany, November 22-23, 2010. Proceedings PDF

276 Pages·2010·3.82 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Decision and Game Theory for Security: First International Conference, GameSec 2010, Berlin, Germany, November 22-23, 2010. Proceedings

Lecture Notes in Computer Science 6442 CommencedPublicationin1973 FoundingandFormerSeriesEditors: GerhardGoos,JurisHartmanis,andJanvanLeeuwen EditorialBoard DavidHutchison LancasterUniversity,UK TakeoKanade CarnegieMellonUniversity,Pittsburgh,PA,USA JosefKittler UniversityofSurrey,Guildford,UK JonM.Kleinberg CornellUniversity,Ithaca,NY,USA AlfredKobsa UniversityofCalifornia,Irvine,CA,USA FriedemannMattern ETHZurich,Switzerland JohnC.Mitchell StanfordUniversity,CA,USA MoniNaor WeizmannInstituteofScience,Rehovot,Israel OscarNierstrasz UniversityofBern,Switzerland C.PanduRangan IndianInstituteofTechnology,Madras,India BernhardSteffen TUDortmundUniversity,Germany MadhuSudan MicrosoftResearch,Cambridge,MA,USA DemetriTerzopoulos UniversityofCalifornia,LosAngeles,CA,USA DougTygar UniversityofCalifornia,Berkeley,CA,USA GerhardWeikum MaxPlanckInstituteforInformatics,Saarbruecken,Germany Tansu Alpcan Levente Buttyán John S. Baras (Eds.) Decision and Game Theory for Security First International Conference, GameSec 2010 Berlin, Germany, November 22-23, 2010 Proceedings 1 3 VolumeEditors TansuAlpcan TechnicalUniversity Berlin,Germany E-mail:[email protected] LeventeButtyán BudapestUniversityofTechnology andEconomics Budapest,Hungary E-mail:[email protected] JohnS.Baras UniversityofMaryland CollegePark,MD,USA E-mail:[email protected] LibraryofCongressControlNumber:Appliedfor CRSubjectClassification(1998):E.3,C.2.0,D.4.6,K.4.4,K.6.5,H.2.0 LNCSSublibrary:SL4–SecurityandCryptology ISSN 0302-9743 ISBN-10 3-642-17196-6SpringerBerlinHeidelbergNewYork ISBN-13 978-3-642-17196-3SpringerBerlinHeidelbergNewYork Thisworkissubjecttocopyright.Allrightsarereserved,whetherthewholeorpartofthematerialis concerned,specificallytherightsoftranslation,reprinting,re-useofillustrations,recitation,broadcasting, reproductiononmicrofilmsorinanyotherway,andstorageindatabanks.Duplicationofthispublication orpartsthereofispermittedonlyundertheprovisionsoftheGermanCopyrightLawofSeptember9,1965, initscurrentversion,andpermissionforusemustalwaysbeobtainedfromSpringer.Violationsareliable toprosecutionundertheGermanCopyrightLaw. springer.com ©Springer-VerlagBerlinHeidelberg2010 PrintedinGermany Typesetting:Camera-readybyauthor,dataconversionbyScientificPublishingServices,Chennai,India Printedonacid-freepaper 06/3180 Preface Securing complex and networkedsystems has become increasingly importantas these systems play an indispensable role in modern life at the turn of the in- formation age. Concurrently, security of ubiquitous communication, data, and computing poses novel research challenges. Security is a multi-faceted problem due to the complexity of underlying hardware, software, and network interde- pendencies as well as human and social factors. It involves decision making on multiple levels and multiple time scales, given the limited resourcesavailable to both malicious attackers and administrators defending networked systems. De- cisionandgametheoryprovidesarichsetofanalyticalmethodsandapproaches to address various resource allocation and decision-making problems arising in security. This edited volume contains the contributions presented at the inaugural Conference on Decision and Game Theory for Security - GameSec 2010. These 18 articles (12 full and 6 short papers) are thematically categorized into the following six sections: – “Security investments and planning” contains two articles, which present optimization methods for (security) investments when facing adversaries. – “Privacy and anonymity” has three articles discussing location privacy, on- line anonymity, and economic aspects of privacy. – “Adversarial and robust control” contains three articles, which investigate security and robustness aspects of control in networks. – “Networksecurityandbotnets”hasfourarticlesfocusingondefensivestrate- giesagainstbotnetsaswellasdetectionofmaliciousadversariesinnetworks. – “Authorizationandauthentication”hasanarticleonpasswordpracticesand another one presenting a game-theoretic authorization model. – “Theory and algorithms for security” contains four articles on various theo- retic and algorithmic aspects of security. Considering that decision making for security is still a research topic in its in- fancy,webelievethatthis edited volumeaswellasthe GameSec conferencewill be of interest to both researchers and students who work in this area and have diverse backgrounds. November 2010 Tansu Alpcan Levente Butty´an John Baras Organization GameSec 2010,the inaugural Conference on Decision and Game Theory for Se- curity, took place on the campus of Technical University of Berlin, Germany, during November22–23,2010.GameSec brings together researcherswho aimto establish a theoretical foundation for making resource allocation decisions that balance available capabilities and perceived security risks in a principled man- ner. The conference focuses on analytical models based on game, information, communication, optimization, decision, and control theories that are applied to diverse security topics. At the same time, the connection between theoretical models andreal-worldsecurityproblems areemphasizedto establishthe impor- tantfeedbackloopbetweentheoryandpractice.Giventhescarcityofvenuesfor researcherswho try to developa deeper theoreticalunderstanding of the under- lying incentive and resource allocation issues in security, GameSec aims to fill an important void and to serve as a distinguished forum. Steering Committee Tansu Alpcan Technical University of Berlin & T-Labs., Germany Nick Bambos Stanford University, USA Tamer Ba¸sar University of Illinois at Urbana-Champaign, USA Anthony Ephremides University of Maryland, USA Jean-Pierre Hubaux EPFL, Switzerland Program Committee General Chair Tansu Alpcan Technical University of Berlin/ T-Labs TPC Chairs John Baras University of Maryland Levente Butty´an Budapest University of Technology and Economics Publicity Chairs Albert Levi Sabanci University, Istanbul Zhu Han University of Houston Publication Chair Holger Boche Technology University of Berlin / HHI Finance Chair Slawomir Stanczak Technology University of Berlin / HHI VIII Organization Local Chair Jean-Pierre Seifert Technology Universityof Berlin / T-Labs Secretary Christine Kluge Technology University of Berlin / T-Labs Sponsoring Institutions Industry Sponsors Gold Sponsor: Deutsche Telekom Laboratories (T-Labs) Silver Sponsor: Fraunhofer Heinrich Hertz Institute (HHI) Technical Co-sponsors IEEE Control System Society International Society of Dynamic Games (ISDG) In-cooperationwithACMSpecial InterestGroup on Security,Audit andControl (SIGSAC) Co-sponsoredby the IEEE Multimedia Communication Technical Committee Technical Program Committee Imad Aad Nokia Research, Switzerland Eitan Altman INRIA, France Sonja Buchegger KTH, Sweden Mario Cagalj University of Split, Croatia Srdjan Capkun ETH Zurich, Switzerland Lin Chen University of Paris-Sud 11, France John Chuang UC Berkeley, USA Sajal K. Das University of Texas at Austin, USA Merouane Debbah Supelec, France Mark Felegyhazi ICSI-Berkeley, USA Jens Grossklags Princeton University, USA Are Hjorungnes University of Oslo, Norway Eduard A. Jorswieck Technical University Dresden, Germany Iordanis Koutsopoulos University of Thessaly, Greece Jean Leneutre Telecom ParisTech, France Xiang-Yang Li Illinois Institute of Technology, USA Li (Erran) Li Bell Labs., USA M. Hossein Manshaei EPFL, Switzerland Pietro Michiardi EURECOM, France John Mitchell Stanford University, USA Refik Molva EURECOM, France Pierre Moulin University of Illinois at UC, USA Ariel Orda Technion, Israel David C. Parkes Harvard University, USA George C. Polyzos AUEB, Greece Organization IX Radha Poovendran University of Washington, USA Svetlana Radosavac DoCoMo Labs., USA Walid Saad University of Oslo, Norway Yalin Sagduyu University of Maryland, USA Stefan Schmid Technical University of Berlin/T-Labs, Germany Mudhakar Srivatsa IBM Research, USA Slawomir Stanczak Technology University of Berlin/HHI, Germany Georgios Theodorakopoulos EPFL, Switzerland Amit Vasudevan Carnegie Mellon University, USA Jean Walrand UC Berkeley, USA Nan Zhang George Washington University, USA Table of Contents Security Investments and Planning Design of Network Topology in an Adversarial Environment........... 1 Assane Gueye, Jean C. Walrand, and Venkat Anantharam Optimal Information Security Investment with Penetration Testing..... 21 Rainer Bo¨hme and M´ark F´elegyha´zi Privacy and Anonymity Tracking Games in Mobile Networks................................ 38 Mathias Humbert, Mohammad Hossein Manshaei, Julien Freudiger, and Jean-Pierre Hubaux gPath: A Game-Theoretic Path Selection Algorithm to Protect Tor’s Anonymity...................................................... 58 Nan Zhang, Wei Yu, Xinwen Fu, and Sajal K. Das When Do Firms Invest in Privacy-PreservingTechnologies? ........... 72 Murat Kantarcioglu, Alain Bensoussan, and SingRu(Celine) Hoe Adversarial and Robust Control AdversarialControl in a Delay Tolerant Network..................... 87 Eitan Altman, Tamer Ba¸sar, and Veeraruna Kavitha Security Interdependencies for Networked Control Systems with Identical Agents ................................................. 107 Saurabh Amin, Galina A. Schwartz, and S. Shankar Sastry Robust Control in Sparse Mobile Ad-Hoc Networks .................. 123 Eitan Altman, Alireza Aram, Tamer Ba¸sar, Corinne Touati, and Saswati Sarkar Network Security and Botnets A Game-Theoretical Approach for Finding Optimal Strategies in a Botnet Defense Model ............................................ 135 Alain Bensoussan, Murat Kantarcioglu, and SingRu(Celine) Hoe ISPs and Ad Networks against Botnet Ad Fraud ..................... 149 Nevena Vratonjic, Mohammad Hossein Manshaei, Maxim Raya, and Jean-Pierre Hubaux XII Table of Contents A Localization Game in Wireless Sensor Networks ................... 168 Nicola Gatti, Mattia Monga, and Sabrina Sicari Effective Multimodel Anomaly Detection Using Cooperative Negotiation ..................................................... 180 Alberto Volpatto, Federico Maggi, and Stefano Zanero Authorization and Authentication The Password Game: Negative Externalities from Weak Password Practices........................................................ 192 S¨oren Preibusch and Joseph Bonneau Towards a Game Theoretic Authorisation Model..................... 208 Farzad Salim, Jason Reid, Uwe Dulleck, and Ed Dawson Theory and Algorithms for Security Disperse or Unite? A Mathematical Model of Coordinated Attack...... 220 Steve Alpern, Robbert Fokkink, Joram op den Kelder, and Tom Lidbetter Uncertainty in Interdependent Security Games....................... 234 Benjamin Johnson, Jens Grossklags, Nicolas Christin, and John Chuang Attack–Defense Trees and Two-Player Binary Zero-Sum Extensive Form Games Are Equivalent....................................... 245 Barbara Kordy, Sjouke Mauw, Matthijs Melissen, and Patrick Schweitzer Methods and Algorithms for Infinite Bayesian Stackelberg Security Games (Extended Abstract) ............................... 257 Christopher Kiekintveld, Janusz Marecki, and Milind Tambe Author Index.................................................. 267

Description:
Securing complex and networked systems has become increasingly important as these systems play an indispensable role in modern life at the turn of the - formation age. Concurrently, security of ubiquitous communication, data, and computing poses novel research challenges. Security is a multi-faceted
See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.