A Network Security Risk Assessment Framework Based on Game Theory

Author

He, Wei ; Xia, Chunhe ; Zhang, Cheng ; Ji, Yi ; Ma, Xinyi

Author_Institution

Sch. of Comput. Sci. & Eng., Beihang Univ., China

Volume

2

fYear

2008

fDate

13-15 Dec. 2008

Firstpage

249

Lastpage

253

Abstract

Network security risk assessment depends on the prediction of attackerÂ¿s behavioral decision. In computer network attack and defense area, this kind of decision is the optimal judgment for attackers and defenders themselves in consideration of the opponentsÂ¿ strategy spaces. Thus, The attack and defend behavior can be seen as a game process. In this paper, we studied how to bring game theory into the research area of network security risk assessment. First, we analyze the concept and the process of risk assessment to find the combining point where game theory can be used in network security risk assessment. Then we present a risk assessment framework based on game theory, and set up a risk assessment system using this framework. We emphatically introduce GTADM (game theoretical attack-defense model) and HRCM (hierarchical risk computing model) in the system, and provide detailed analysis and specification by a scenario.

Keywords

computer networks; decision theory; game theory; risk management; telecommunication security; GTADM; HRCM; attacker behavioral decision; game process; game theoretical attack-defense model; hierarchical risk computing model; network security risk assessment; Computer networks; Computer science; Computer security; Data security; Game theory; Helium; History; Information security; Risk analysis; Risk management; GTADM; Game Theory; HRCM; network security risk assessment framework;

fLanguage

English

Publisher

ieee

Conference_Titel

Future Generation Communication and Networking, 2008. FGCN '08. Second International Conference on

Conference_Location

Hainan Island

Print_ISBN

978-0-7695-3431-2

Type

conf

DOI

10.1109/FGCN.2008.166

Filename

4734216