A Stackelberg Game Model for Botnet Data Exfiltration
نویسندگان
چکیده
Cyber-criminals can distribute malware to control computers on a networked system and leverage these compromised computers to perform their malicious activities inside the network. Botnet-detection mechanisms, based on a detailed analysis of network traffic characteristics, provide a basis for defense against botnet attacks. We formulate the botnet defense problem as a zero-sum Stackelberg security game, allocating detection resources to deter botnet attacks taking into account the strategic response of cyber-criminals. We model two different botnet data-exfiltration scenarios, representing exfiltration on single or multiple paths. Based on the game model, we propose algorithms to compute an optimal detection resource allocation strategy with respect to these formulations. Our algorithms employ the double-oracle method to deal with the exponential action spaces for attacker and defender. Furthermore, we provide greedy heuristics to approximately compute an equilibrium of these botnet defense games. Finally, we conduct experiments based on both synthetic and real-world network topologies to demonstrate advantages of our game-theoretic solution compared to previously proposed defense policies.
منابع مشابه
Online Appendix: A Stackelberg Game Model for Botnet Data Exfiltration
Proof. Let’s consider an arbitrary instance of the urban network security problem. There is an urban road network which is represented as a graph G = (V,E). The attacker starts at one of the source nodes s ∈ S ⊂ V and travels along a path to attack one of the targets t ∈ T ⊂ V. The attacker’s pure strategies are all possible paths in the graph, each starts from a source s ∈ S and ends at a targ...
متن کاملA mixed integer bi-level DEA model for bank branch performance evaluation by Stackelberg approach
One of the most complicated decision making problems for managers is the evaluation of bank performance, which involves various criteria. There are many studies about bank efficiency evaluation by network DEA in the literature review. These studies do not focus on multi-level network. Wu (Eur J Oper Res 207:856–864, 2010) proposed a bi-level structure for cost efficiency at the first time. In t...
متن کاملA Novel Model for the Analysis of Interactions Between Governments and Agricultures in a Study of Social Beneficial Externalities Based on the Stackelberg Game: A Case Study on Cotton Production
Production is a key economic activity with potential long-term social benefits that can be thoroughly realised only if governments comply with their duties towards domestic production. Governments are responsible for the production of sustainable agricultural products via appropriate allocation of subsidies and regulation of price policies that would help take advantage of the potentials underl...
متن کاملA mathematical model of the effect of subsidy transfer in cooperative advertising using differential game theory
This work deals with subsidy transfer from a manufacturer to a retailer through the distributor in cooperative advertising. While the retailer engages in local advertising, the manufacturer indirectly participates in retail advertising using advertising subsidy which is given to the distributor, who in turn transfers it to the retailer. The manufacturer is the Stackelberg game leader; the distr...
متن کاملPricing and Advertising Decisions in a Three-level Supply Chain with Nash, Stackelberg and Cooperative Games
Pricing and advertising are two important marketing strategies in the supply chain management which lead to customer demand’s increase and therefore higher profit for members of supply chains. This paper considers advertising, and pricing decisions simultaneously for a three-level supply chain with one supplier, one manufacturer and one retailer. The amount of market demand is influenced ...
متن کامل