By Topic

A Game Theoretical Attack-Defense Model Oriented to Network Security Risk Assessment

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

5 Author(s)
Wei He ; Sch. of Comput. Sci. & Eng., Beihang Univ., Beijing ; Chunhe Xia ; Haiquan Wang ; Cheng Zhang
more authors

How to quantify the threat probability in network security risk assessment is an important problem to be solved. Most of the existing methods tend to consider the attacker and defender separately. However, the decision to perform the attack is a trade-off between the gain from a successful attack and the possible consequences of detection; meanwhile, the defenderpsilas security strategy depends mostly on the knowledge of the intentions of the attacker. Therefore, ignoring the connections between the attacker and defenderpsilas decisions does not correspond to reality. Game theory is the study of the ways in which strategic interactions among rational players produce outcomes with respect to the utilities of those players. In this paper, a novel game theoretical attack-defense model (GTADM) which quantifies the probability of threats is proposed in order to construct a risk assessment framework. According to the cost-benefit analysis, we define the method of formulating the payoff matrix; the equilibrium of the model is also analyzed. In the end, a simple scenario is presented to illustrate the usage of GTADM in the risk assessment framework to show its efficiency.

Published in:

Computer Science and Software Engineering, 2008 International Conference on  (Volume:3 )

Date of Conference:

12-14 Dec. 2008