( la Shannon) A multi-channel extension A multi-channel extension u - - PowerPoint PPT Presentation

SLIDE 1

Game Theoretic Approach to Information Security

TAMER BAȘAR

ECE, CAS, CSL, ITI, and MechSE, UIUC

basar1@illinois.edu SaTC Workshop

University of Wisconsin, Madison

June 15-17, 2016

SaTC - 15 June 2016

OUTLINE!

• Fundamental problem in information

transmission / communication

• Intervention by adversary(ies)
• Role of game theory
• Some classes of information security

games and their solutions

• Other settings of adversarial

intervention

• Conclusions / References

SaTC - 15 June 2016

Classical Communication Setting (à la Shannon)

The fundamental problem of communication is that of reproducing at one point (destination) either exactly or approximately a message selected at another point (source), given the cost of transmission.

SaTC - 15 June 2016

Classical Communication Setting (à la Shannon)

g h + w y u0 u1 x The fundamental problem of communication is that of reproducing at one point (destination) either exactly or approximately a message selected at another point (source), given the cost of transmission. T R

SaTC - 15 June 2016

Basic Architecture of a Communication System

• s. coder

channel

user

U1

• c. coder
• c. decoder
• s. decoder

source U0

Y

X

SaTC - 15 June 2016

Basic Architecture of a Communication System

• s. coder

channel

user

U1

• c. coder
• c. decoder
• s. decoder

source U0

Y

X What information to send

SaTC - 15 June 2016

Basic Architecture of a Communication System

• s. coder

channel

user

U1

• c. coder
• c. decoder
• s. decoder

source U0

Y

X How to send it

SaTC - 15 June 2016

Basic Architecture of a Communication System

• s. coder

channel

user

U1

• c. coder
• c. decoder
• s. decoder

source U0

Y

X Prob (Y=y | U0=u0)

SaTC - 15 June 2016

Classical Communication Setting (à la Shannon)

g h + w y u0 u1 x x, w ~ independent random variables u0, u1 are real valued variables J(g , h) = E [ Q(x, u0, u1) | g , h ] J* = min min J(g , h) T R

SLIDE 2

SaTC - 15 June 2016

Classical Communication Setting (à la Shannon)

g h + w y u0 u1 x x, w ~ independent random variables u0, u1 are real valued actions J(g , h) = E [ Q(x, u0, u1) | g , h ] J* = min min J(g , γ1) T R Standard distortion measure: Q(x, u0, u1) = k (u0)2 + (u1 - x)2

• r with k=0 & E[(u0)2] ≤ α

SaTC - 15 June 2016

A multi-channel extension

g h +

w1 y1

u0

u1

x

×

λ1 y2 yn

+ + × ×

wn λn

+

v λis are nonzero constants (gains); x, v, wis are independent random variables

SaTC - 15 June 2016

A multi-channel extension

g h +

w1 y1

u0

u1

x Distortion: Q(x, u0, u1) = k (u0)2 + (u1 - x)2

×

λ1 y2 yn

+ + × ×

wn λn

+

v yi = λI g(x+v) + wi

u0 = g(x+v)

u1 = h(y1,..,yn)

SaTC - 15 June 2016

Multiple Serial Decision Units

g hm

+ w0 ym u0 um

x + v x ~ N(0, σx

2), wi ~ N(0, σw 2), v ~ N(0, σv 2)

J(g0 , h[1,m]) = E [ Q(x, u0, u[1,m]) | g0 , h[1,m]] Q(x, u0, u[1,m]) = (um – x)2 + Σi=1

m (ui-1)2 + wm-1

h1

…. ….

SaTC - 15 June 2016

A multi-sensor transmission

Source (S)

x1

u1 +

w1 x2 xn

+ +

wn

g1 g2 gn + h y z Design {(g1, …, gn), h} to minimize a distortion at receiver, with wi, z noises

Receiver Network is a connected graph Nodes are agents / dynamic systems /mobile Links are one of three types of connections

Multi-agent networked systems as graphs

SaTC%&%15%June%2016 %

Links are one of three types of connections:

• Communication
• Collaboration
• Physical

! Layered graphs

Multi-agent networked systems as graphs

SaTC%&%15%June%2016 %

Intrusion/Intervention by an Adversary

Passive attack

• Eavesdropping (on transmission—a passive attack)

Active attacks

• Jamming (communication channels)
• Denial of service
• Message distortion (by flipping bits—active attack)
• Node capture and cloning (physically capturing sensor

nodes, replicatings the nodes, and deploying into the network)

SaTC - 15 June 2016

Some nodes could be adversarial:

• jamming communication
• interrupting collaboration
• breaking physical links

Leads to a game situation

! Conflic4ng%interests% %between%mul4ple%% coopera4ve%as%well%as% non&coopera4ve%agents%

SaTC%&%15%June%2016 %

SLIDE 3

Aerial Jamming Attack on the CommNet of a team of UAVs

The jammer wants to maximize the time for which communication can be jammed. The two UAVs want to minimize the time for which communication remains jammed.

SaTC - 15 June 2016 SaTC - 15 June 2016

Back to Classical Setting but with Channel Jammed

g h + w y u0 u1 x

v is the jamming signal generated by the adversary (J)

v

SaTC - 15 June 2016

Back to Classical Setting but with Channel Jammed

g h + w y u0 u1 x Q: What is known about the capabilities, information access, and objectives of J? v

SaTC - 15 June 2016

Back to Classical Setting but with Channel Jammed

g h + w y u0 u1 x Q: What is known about the capabilities, information access, and objectives of J? v For example: E[v2] ≤ α

SaTC - 15 June 2016

Back to Classical Setting but with Channel Jammed

g h + w y u0 u1 x Q: What is known about the capabilities, information access, and objectives of J? v J has access to some information, IJ,

• n x and u0 ! v = μ(IJ)

Looking for policies ( (g, h), μ ) possibly randomized

SaTC - 15 June 2016

Back to Classical Setting but with Channel Jammed

g h + w y u0 u1 x Standard distortion measure QIJ(x, u0, u1, v) = k0 (u0)2 + (u1 - x)2 with J’s constraint E[v2] ≤ α

• r

QIJ(x, u0, u1, v) = k0 (u0)2 + (u1 - x)2 – kJ v2 v

SaTC - 15 June 2016

Back to Classical Setting but with Channel Jammed

g h + w y u0 u1 x R(g, h, μ) := E[QIJ(x, u0, u1, v) | (g, h), μ ] v J has access to some information, IJ,

• n x and u0 ! v = μ(IJ)

Looking for policies ( (g, h), μ ) possibly randomized

SaTC - 15 June 2016

Back to Classical Setting but with Channel Jammed

g h + w y u0 u1 x R(g, h, μ) := E[QIJ(x, u0, u1, v) | (g, h),,μ ] v R is what the system cares about and hence a reasonable approach is inf(g, h) supμ R(g, h, μ) =: R* (UV of ZSG) If J behaves differently, then system does no worse than R* using the same policy pair.

SaTC - 15 June 2016

Upper and lower values, Saddle Point, and Nonzero-sum Games

g h + w y u0 u1 x v inf(g, h) supμ R(g, h, μ) =: R* (UV of ZSG) Lower value (LV) is: supμ inf(g, h) R(g, h, μ) ≤ R* If equal, then there is “value”, and possibility

• f SP: A triple (g*, h*, μ*) such that

R(g*, h*, μ) ≤ R(g*, h*, μ*) ≤ R(g, h, μ*) for all g, h, μ

SLIDE 4

SaTC - 15 June 2016

Upper and lower values, Saddle Point, and Nonzero-sum Games

g h + w y u0 u1 x v SP: A triple (g*, h*, μ*) such that R(g*, h*, μ) ≤ R(g*, h*, μ*) ≤ R(g, h, μ*) for all g, h, μ If J is known to have a different objective, say maximizing RJ , not fully aligned with R, then a NZSG ! Nash equilibrium: R(g*, h*, μ*) ≤ R(g, h, μ*) RJ(g*, h*, μ) ≤ RJ(g*, h*, μ*)

SaTC - 15 June 2016

Back to Classical Setting with Jammer

g h + w y u0 u1 x Take as distortion measure QIJ(x, u0, u1, v) = k0 (u0)2 + (u1 - x)2 – kJ v2 and assume x ~ N(0, σx

2), w ~ N(0, σw 2)

Then, there exists a SP, with the worst- case v comprised of two additive terms: (i) rv linearly correlated with IJ (ii) independent Gaussian rv v

SaTC - 15 June 2016

Back to Classical Setting with Jammer

g h + w y u0 u1 x Take as distortion measure QIJ(x, u0, u1, v) = k0 (u0)2 + (u1 - x)2 – kJ v2 and assume x ~ N(0, σx

2), w ~ N(0, σw 2)

Then, there exists a SP, with the worst- case v comprised of two additive terms: (i) rv linearly correlated with IJ (ii) independent Gaussian rv v And the minimizing g and h are linear in their respective information, and could also involve a discrete rv dictating which

• f multiple solutions T & R should pick

(coordination requires clean side channel

• r a signaling mechanism).

SaTC - 15 June 2016

Back to Classical Setting with Jammer

g h + w y u0 u1 x Take as distortion measure QIJ(x, u0, u1, v) = k0 (u0)2 + (u1 - x)2 – kJ v2 and assume x ~ N(0, σx

2), w ~ N(0, σw 2)

Then, there exists a SP, with the worst- case v comprised of two additive terms: (i) rv linearly correlated with IJ (ii) independent Gaussian rv v And the minimizing g and h are linear in their respective information, and could also involve a discrete rv dictating which

• f multiple solutions T & R should pick

(coordination requires clean side channel

• r a signaling mechanism.

In some regions of the parameter space, the SP enables the pair (g, h), with proper randomization and coordination, to neutralize J so that it discards/disregards its information and injects an independent noise into the channel.

SaTC - 15 June 2016

Back to Classical Setting with Jammer (J)

g h + w y u0 u1 x Take as distortion measure QIJ(x, u0, u1, v) = k0 (u0)2 + (u1 - x)2 – kJ v2 and assume x ~ N(0, σx

2), w ~ N(0, σw 2)

Then, there exists a SP, with the worst- case v comprised of two additive terms: (i) rv linearly correlated with IJ (ii) independent Gaussian rv v And the minimizing g and h are linear in their respective information, and could also involve a discrete rv dictating which

• f multiple solutions T & R should pick

(coordination requires clean side channel

• r a signaling mechanism.

Solutions and techniques extend to vector

• valued sources, multiple channels, multiple

jammers, and some classes of non-Gaussian distributions.

Refs: TB (TIT’83); TB&Wu (TIT’’85); TB&Wu (JOTA’86); Bansal & TB (JOTA’89); Akyol, Rose, TB (TIT’15)

SaTC - 15 June 2016

A multi-sensor transmission with adversary controling some nodes

Source (S)

x1

u1 +

w1 x2 xn

+ +

wn

g1 g2 µn + h y z Nodes m+1,..,n controled by adversaries, injecting signals xm+1,…,xn to maximize distortion at receiver.

Receiver

A multi-sensor transmission with adversary controling some nodes (2)

• Sensor policies: xi = gi(s+wi), i=1,…,m
• Adversary policies: xj=µj(s+wi), j=m+1,…, n
• Receiver policy: u1 = h(y), y=Σixi + Σjxj + z
• Distortion measure: QSJ(s, {xi}, u1, {xj}) =

= (u1-s)2 + kΣi (xi)2 – kJΣj (xj)2

• Zero-sum game: R(g, h, μ) :=

:= E[QSJ(s, {xi}, u1, {xj}) | ({gi}, h),,{{μj} ]

SaTC - 15 June 2016

A multi-sensor transmission with adversary controling some nodes (3)

Looking for a SP solution for R(g, h, μ) with (g, h) as minimizers, and μ as maximizer, with each gi possibly randomized, and likewise each μj, with also coordination among the m sensors and the receiver, and likewise among the n-m adversaries.

SaTC - 15 June 2016

A multi-sensor transmission with adversary controling some nodes (4)

Solution (Akyol, Rose, TB (ISIT’13)):

• With all statistics Gaussian, the best for

sensors is to use randomized linear transformations for gi ‘s, and share the randomization information with the receiver.

• For the adversaries, SP solution dictates

Gaussian xj‘s, correlated across them

• With lack of coordination among adversaries,

the system benefits, i.e. R is lower.

SaTC - 15 June 2016

SLIDE 5

SaTC - 15 June 2016

SIT with Privacy Constraints

(also a game but not ZS) g h + w y u0 u1 x, θ Common cost: JR(g , h) = E{(u1 – x)2} Privacy constraint: JT(g , h) = E{(θ – E[θ|y])2} ≥ DP (*) Find gS that minimizes JR(g , hS) st (*) holds, where hS = h(g) minimizes JR(g , h) uniquely for all g. T R

Soft Watermarking Game

SaTC - 15 June 2016

Watermark X U0 Y U1 S Signal Constraints: E{(g(X,S) – S)2} ≤ PE E{(Y – U0)2} ≤ PA Distortion: E{h(Y) – X)2} ! R(g,h; µ) UV is: infg infh supµ R(g,h; µ)

Encoder g(X,S) Attacker µ Decoder h(Y)

Soft Watermarking Game

SaTC - 15 June 2016

Watermark X U0 Y U1 S Signal Constraints: E{(g(X,S) – S)2} ≤ PE E{(Y – U0)2} ≤ PA Distortion: E{h(Y) – X)2} ! R(g,h; µ) UV is: infg infh supµ R(g,h; µ)

Encoder g(X,S) Attacker µ Decoder h(Y)

With X, S, Gaussian, worst-case µ is affine- Gaussian -- (Mıhçak, Akyol, TB, Langbort 2016)

SaTC - 15 June 2016

Denial of Service Attack

(Gupta, Nayyar, Langbort, TB; CDC’12)

γ0 γ1 + y u0 u1 x

• Transmitter (T) observes x and decides

whether to transmit or not

• Jammer (J) observes T’s action and decides

whether to deny service or not

• Both actions incur cost (inactions do not)
• Receiver (R) incurs no cost if transmission is

unblocked; otherwise cost is var(x2)

v

T J R

SaTC - 15 June 2016

Denial of Service Attack

(Gupta, Nayyar, Langbort, TB; CDC’12)

γ0 γ1 + y u0 u1 x

• Transmitter (T) observes x and decides

whether to transmit or not

• Jammer (J) observes T’s action and decides

whether to deny service or not

• Both actions incur cost
• Receiver (R) incurs no cost if transmission

unblocked; otherwise cost is var(x2)

v

T J R

If T uses strategy ϒ, ϒ(x) = αx, α=0 or 1, and J blocks w.p. p, then cost to T-R: J(ϒ,p) = E[ c 1{α=1} – d 1{v=B} + (x-xest)2 ] to be minimized by T and maximized by J Best responses are of the threshold type

Best responses

• min J(ϒ,0) ! α* = 1 if |x|2 > c
• min J(ϒ,1) ! α* = 1 if d > c
• for 0 < p < 1, min J(ϒ,p) !

α* = 1 if |x|2 > Δp := (c-pd) / (1-p)

• p* = 1 if E [x2 | α = 1 ] > d

= 0 if E [x2 | α = 1 ] < d (0,1) if E [x2 | α = 1 ] = d

SaTC - 15 June 2016

An equivalent game and its SP solution

• Original dynamic game with asymmetric

information is now a static game (with symmetric information) in Δ (threshold) & p

• Admits a SP, where Δ and p could take inner

values (finite non-zero Δ, and proper mixed for J)

SaTC - 15 June 2016

Multi-stage version with limits

• n frequency of blocking
• Source {xt} i.i.d. zero-mean Gaussian
• N-stage additive cost, but J can block M < N

times

• J knows all past actions, and current action
• f T
• T knows all past actions, and past and

present values of source output

• State st (common information): # blockings

SaTC - 15 June 2016

Multi-stage version with limits

• n frequency of blocking (2)
• Original dynamic game with asymmetric

information can be “lifted” to one with symmetric information, and results of static game applied iteratively, but now also by keeping track of st

• SP solution is again of the threshold type,

with Δt and pt now depending on st.

• Extension to correlated source outputs …..

SaTC - 15 June 2016

SLIDE 6

Intrusion Detection System (IDS) A Class of Network Security Games

• Interaction between attacker(s) and the IDS is

modeled as a non-cooperative game

SaTC - 15 June 2016

Intrusion Detection System (IDS) A Class of Network Security Games

• Interaction between attacker(s) and the IDS is

modeled as a non-cooperative game

• A sensor network is introduced as a third, fictitious

player, with a fixed probability distribution for each attack type

SaTC - 15 June 2016

Intrusion Detection System (IDS) A Class of Network Security Games

• Interaction between attacker(s) and the IDS is

modeled as a non-cooperative game

• A sensor network is introduced as a third, fictitious

player, with a fixed probability distribution for each attack type

• Output of the sensor network is measurement to IDS,

based on which it decides on the presence (or not) of an attack and its type

SaTC - 15 June 2016

Intrusion Detection System (IDS) A Class of Network Security Games

• Interaction between attacker(s) and the IDS is

modeled as a non-cooperative game

• A sensor network is introduced as a third, fictitious

player, with a fixed probability distribution for each attack type

• Output of the sensor network is measurement to IDS,

based on which it decides on the presence (or not) of an attack and its type

• Payoffs to attacker(s) and IDS for each triple of

actions

SaTC - 15 June 2016

A Class of Network Security Games (continued)

• Finite or infinite (continuous-kernel) NZS games

depending on whether # actions is finite or not.

SaTC - 15 June 2016

A Class of Network Security Games (continued)

• Finite or infinite (continuous-kernel) NZS games

depending on whether # actions is finite or not.

• As a finite game, there is a NE in mixed strategies:

worst probabilistic attacker behavior and corresponding best IDS strategy

SaTC - 15 June 2016

A Class of Network Security Games (continued)

• Finite or infinite (continuous-kernel) NZS games

depending on whether # actions is finite or not.

• As a finite game, there is a NE in mixed strategies:

worst probabilistic attacker behavior and corresponding best IDS strategy

• As a continuous-kernel game, there exists a unique NE

under some mild conditions

SaTC - 15 June 2016

A Class of Network Security Games (continued)

• Finite or infinite (continuous-kernel) NZS games

depending on whether # actions is finite or not.

• As a finite game, there is a NE in mixed strategies:

worst probabilistic attacker behavior and corresponding best IDS strategy

• As a continuous-kernel game, there exists a unique NE

under some mild conditions

• If payoffs are completely conflicting (zero-sum),

there exist saddle-point solutions

SaTC - 15 June 2016

A Finite Security Game in Extensive Form (single subsystem, single detectable threat)

SaTC - 15 June 2016

SLIDE 7

Selected References

• Network Security: A Decision and Game-

Theoretic Approach (Alpcan, TB, CUP, 2011)

• Game theory meets network security and privacy

(Manshei, Zhu, Alpcan, TB, Hubaux; ACM Survey, ‘12)

• A hierarchical security architecture for the smart

grid (Zhu, TB; in Hossain, Han, Poor, edts, Smart Grid Communications and Networking, CUP, 2012)

• Hybrid learning in stochastic games and its

applications in network security (Zhu, TB; in Lewis, Liu, edts, Computational Intelligence Series, IEEE’12)

• Game Theory in Wireless and Comm Nets (Han,

Niyato, Saad, TB, Hjorunges; CUP, Oct 2011)

SaTC - 15 June 2016 SaTC - 15 June 2016

• Network Security

Concepts

• Security Games (SGs)
• Deterministic SGs
• Stochastic SGs
• SGs w information

limitations

• Decision Making for

Network Security

• Security risk-management
• Resource allocation for

security

• Usability, trust, and privacy
• Security Attack and

Intrusion Detection

• Machine learning for

intrusion and anomaly detection

• Hypothesis testing for

attack detection

SaTC - 15 June 2016

Thanks!!