Multi-Player Evolutionary Game of Network Attack and Defense Based on System Dynamics
<p>Number of EU users attacked by financial malware from May 2020–April 2021. (source: Kaspersky Security Bulletin 2020–2021. EU statistics|Securelist).</p> "> Figure 2
<p>Multi-player game in network attack and defense.</p> "> Figure 3
<p>Evolutionary game system dynamics (SD) model of network attack and defense.</p> "> Figure 4
<p>Game results under initial strategy <math display="inline"><semantics> <mrow> <msub> <mi>E</mi> <mrow> <mn>10</mn> </mrow> </msub> </mrow> </semantics></math>.</p> "> Figure 5
<p>A mutation exists in the game results; <math display="inline"><semantics> <mrow> <msub> <mi>E</mi> <mrow> <mn>10</mn> </mrow> </msub> <mo stretchy="false">(</mo> <mi>α</mi> <mo>→</mo> <mn>0.01</mn> <mo stretchy="false">)</mo> </mrow> </semantics></math>.</p> "> Figure 6
<p>Effect of different penalty factors on defender in static penalty scheme.</p> "> Figure 7
<p>Effect of different penalty factors on attacker (1) in static penalty scheme.</p> "> Figure 8
<p>Evolutionary game SD model under the dynamic penalty scheme.</p> "> Figure 9
<p>Game results under dynamic penalty scheme <math display="inline"><semantics> <mrow> <mo stretchy="false">(</mo> <mi>α</mi> <mrow> <mo>=</mo> <mn>0.1</mn> <mo>,</mo> </mrow> <mo> </mo> <msub> <mi>β</mi> <mn>1</mn> </msub> <mrow> <mo>=</mo> <mn>0.4</mn> <mo>,</mo> </mrow> <mo> </mo> <msub> <mi>β</mi> <mn>2</mn> </msub> <mrow> <mo>=</mo> <mn>0.9</mn> </mrow> <mo stretchy="false">)</mo> </mrow> </semantics></math>.</p> "> Figure 10
<p>Game results under dynamic penalty scheme <math display="inline"><semantics> <mrow> <mo stretchy="false">(</mo> <mi>α</mi> <mrow> <mo>=</mo> <mn>0.5</mn> <mo>,</mo> </mrow> <mo> </mo> <msub> <mi>β</mi> <mn>1</mn> </msub> <mrow> <mo>=</mo> <mn>0.5</mn> <mo>,</mo> </mrow> <mo> </mo> <msub> <mi>β</mi> <mn>2</mn> </msub> <mrow> <mo>=</mo> <mn>0.5</mn> </mrow> <mo stretchy="false">)</mo> </mrow> </semantics></math>.</p> ">
Abstract
:1. Introduction
2. Literature Review
- 1:
- The model in this paper organically combines evolutionary game theory and system dynamics to analyze the game process of defenders and attackers during network attack and defense.
- 2:
- Different from previous work, we consider the mutual influence between attackers instead of each attacker being independent, which is more in line with actual network attack and defense scenarios.
- 3:
- The multi-player evolutionary game model that is established in this paper analyzes the strategic choices of each party in different schemes through system dynamics simulation combined with theoretical analysis, which provides essential strategic suggestions for organizations to govern network security problems.
3. Multi-Player Evolutionary Game Analysis of Network Attack and Defense
3.1. Game Design and Description
3.2. Game Solution
Jacobian matrix definitions | Details |
3.3. Game Analysis Based on System Dynamics
4. Stability Control Schemes of Network Attack and Defense
4.1. Static Penalty Scheme
4.2. Dynamic Penalty Scheme
Jacobian matrix definitions | Details |
5. Discussion and Managerial Implications
6. Conclusions
Author Contributions
Funding
Institutional Review Board Statement
Informed Consent Statement
Data Availability Statement
Conflicts of Interest
References
- Kaspersky Security Bulletin 2020–2021. EU Statistics; Kaspersky Security Bulletin: Moscow, Russia, 2021.
- Global Information Security Survey in 2019; Pricewaterhouse Coopers: Shanghai, China, 2019.
- Hawkins, S.; Yen, D.C.; Chou, D.C. Awareness and challenges of Internet security. Inf. Manag. Comput. Secur. 2000, 8, 131–143. [Google Scholar] [CrossRef]
- Zhang, H.; Jiang, L.; Huang, S.; Wang, J.; Zhang, Y. Attack-defense differential game model for network defense strategy selection. IEEE Access 2018, 7, 50618–50629. [Google Scholar] [CrossRef]
- Do, C.T.; Tran, N.H.; Hong, C.; Kamhoua, C.A.; Kwiat, K.A.; Blasch, E.; Ren, S.; Pissinou, N.; Iyengar, S.S. Game theory for cyber security and privacy. ACM Comput. Surv. 2017, 50, 1–37. [Google Scholar] [CrossRef]
- Roy, S.; Ellis, C.; Shiva, S.; Dasgupta, D.; Shandilya, V.; Wu, Q. A survey of game theory as applied to network security. In Proceedings of the 2010 43rd Hawaii International Conference on System Sciences, Kauai, HI, USA, 5–8 January 2010; pp. 1–10. [Google Scholar]
- Yu, Y.; Taylor, O.; Li, R.; Sunagawa, B. An Extended Chaotic Map-Based Authentication and Key Agreement Scheme for Multi-Server Environment. Mathematics 2021, 9, 798. [Google Scholar] [CrossRef]
- El Mrabet, Z.; Kaabouch, N.; El Ghazi, H.; El Ghazi, H. Cyber-security in smart grid: Survey and challenges. Comput. Electr. Eng. 2018, 67, 469–482. [Google Scholar] [CrossRef] [Green Version]
- Liu, Q.; Li, X.; Meng, X. Effectiveness research on the multi-player evolutionary game of coal-mine safety regulation in China based on system dynamics. Saf. Sci. 2019, 111, 224–233. [Google Scholar] [CrossRef]
- Forrester, J.W. System dynamics, systems thinking, and soft OR. Syst. Dyn. Rev. 1994, 10, 245–256. [Google Scholar] [CrossRef]
- Coyle, R.G. System dynamics modelling: A practical approach. J. Oper. Res. Soc. 1997, 48, 544. [Google Scholar] [CrossRef]
- Homer, J.B.; Hirsch, G.B. System dynamics modeling for public health: Background and opportunities. Am. J. Public Health 2006, 96, 452–458. [Google Scholar] [CrossRef]
- Pawar, M.V.; Anuradha, J. Network security and types of attacks in network. Procedia Comput. Sci. 2015, 48, 503–506. [Google Scholar] [CrossRef]
- Liang, X.; Xiao, Y. Game theory for network security. IEEE Commun. Surv. Tutor. 2012, 15, 472–486. [Google Scholar] [CrossRef] [Green Version]
- Feng, Z.; Ren, G.; Chen, J.; Chen, C.; Yang, X.; Luo, Y.; Xu, K. An anti-Jamming hierarchical optimization approach in relay communication system via Stackelberg game. Appl. Sci. 2019, 9, 3348. [Google Scholar] [CrossRef] [Green Version]
- Jia, L.; Xu, Y.; Sun, Y.; Feng, S.; Anpalagan, A. Stackelberg game approaches for anti-jamming defence in wireless networks. IEEE Wirel. Commun. 2018, 25, 120–128. [Google Scholar] [CrossRef] [Green Version]
- Yuan, H.; Xia, Y.; Zhang, J.; Yang, H.; Mahmoud, M.S. Stackelberg-game-based defense analysis against advanced persistent threats on cloud control system. IEEE Trans. Ind. Inform. 2019, 16, 1571–1580. [Google Scholar] [CrossRef]
- Li, Y.; Shi, D.; Chen, T. False data injection attacks on networked control systems: A Stackelberg game analysis. IEEE Trans. Autom. Control 2018, 63, 3503–3509. [Google Scholar] [CrossRef]
- Jakóbik, A.; Palmieri, F.; Kołodziej, J. Stackelberg games for modeling defense scenarios against cloud security threats. J. Netw. Comput. Appl. 2018, 110, 99–107. [Google Scholar] [CrossRef]
- Carroll, T.E.; Grosu, D. A game theoretic investigation of deception in network security. Secur. Commun. Netw. 2011, 4, 1162–1172. [Google Scholar] [CrossRef]
- Zhang, H.; Wang, J.; Yu, D.; Han, J.; Li, T. Active defense strategy selection based on static Bayesian game. In Proceedings of the Third International Conference on Cyberspace Technology (CCT 2015), Beijing, China, 17–18 October 2015; pp. 1–7. [Google Scholar]
- Laszka, A.; Horvath, G.; Felegyhazi, M.; Buttyán, L. FlipThem: Modeling targeted attacks with FlipIt for multiple resources. In Proceedings of the International Conference on Decision and Game Theory for Security, Los Angeles, CA, USA, 6–7 November 2014; pp. 175–194. [Google Scholar]
- Zhu, B.; Deng, S.; Xu, Y.; Yuan, X.; Zhang, Z. Information security risk propagation model based on the SEIR infectious disease model for smart grid. Information 2019, 10, 323. [Google Scholar] [CrossRef] [Green Version]
- Wang, Q.; Tai, W.; Tang, Y.; Ni, M.; You, S. A two-layer game theoretical attack-defense model for a false data injection attack against power systems. Int. J. Electr. Power Energy Syst. 2019, 104, 169–177. [Google Scholar] [CrossRef]
- Friedman, D. On economic applications of evolutionary game theory. J. Evol. Econ. 1998, 8, 15–43. [Google Scholar] [CrossRef] [Green Version]
- Hofbauer, J.; Sigmund, K. Evolutionary game dynamics. Bull. Am. Math. Soc. 2003, 40, 479–519. [Google Scholar] [CrossRef] [Green Version]
- Newton, J. Evolutionary game theory: A renaissance. Games 2018, 9, 31. [Google Scholar] [CrossRef] [Green Version]
- Shi, L.; Wang, X.; Hou, H. Research on Optimization of Array Honeypot Defense Strategies Based on Evolutionary Game Theory. Mathematics 2021, 9, 805. [Google Scholar] [CrossRef]
- Feng, S.; Xiong, Z.; Niyato, D.; Wang, P. Dynamic resource management to defend against advanced persistent threats in fog computing: A game theoretic approach. IEEE Trans. Cloud Comput. 2019, 9, 995–1007. [Google Scholar] [CrossRef]
- Feng, S.; Xiong, Z.; Niyato, D.; Wang, P.; Leshem, A. Evolving risk management against advanced persistent threats in fog computing. In Proceedings of the 2018 IEEE 7th International Conference on Cloud Networking (CloudNet), Tokyo, Japan, 22–24 October 2018; pp. 1–6. [Google Scholar]
- Hu, H.; Liu, Y.; Zhang, H.; Pan, R. Optimal network defense strategy selection based on incomplete information evolutionary game. IEEE Access 2018, 6, 29806–29821. [Google Scholar] [CrossRef]
- Hu, H.; Liu, Y.; Chen, C.; Zhang, H.; Liu, Y. Optimal decision making approach for cyber security defense using evolutionary game. IEEE Trans. Netw. Serv. Manag. 2020, 17, 1683–1700. [Google Scholar] [CrossRef]
- Huang, W.; Yuan, B.; Wang, S.; Zhang, X. Research on Simulation of Network Attack and Defense situation based on Evolutionary Game. In Proceedings of the 2020 The 9th International Conference on Networks, Communication and Computing, Tokyo, Japan, 18–20 December 2020; pp. 96–103. [Google Scholar]
- Wu, Y.; Feng, G.; Wang, N.; Liang, H. Game of information security investment: Impact of attack types and network vulnerability. Expert Syst. Appl. 2015, 42, 6132–6146. [Google Scholar] [CrossRef]
- Liu, X.; Qian, X.; Pei, J.; Pardalos, P.M. Security investment and information sharing in the market of complementary firms: Impact of complementarity degree and industry size. J. Glob. Optim. 2018, 70, 413–436. [Google Scholar] [CrossRef]
- Li, Y.; Xu, L.; Liu, B. Evolutionary game analysis on e-commerce personalization and privacy protection. Wuhan Univ. J. Nat. Sci. 2018, 23, 17–24. [Google Scholar] [CrossRef]
- Wu, Y.; Xiao, H.; Dai, T.; Cheng, D. A game-theoretical model of firm security reactions responding to a strategic hacker in a competitive industry. J. Oper. Res. Soc. 2021, 1–25. [Google Scholar] [CrossRef]
- Li, X.; Xue, Q. An economic analysis of information security investment decision making for substitutable enterprises. Manag. Decis. Econ. 2021, 42, 1306–1316. [Google Scholar] [CrossRef]
- Li, X. An evolutionary game—Theoretic analysis of enterprise information security investment based on information sharing platform. Manag. Decis. Econ. 2021. [Google Scholar] [CrossRef]
- Howard, R.A. Information value theory. IEEE Trans. Syst. Sci. Cybern. 1966, 2, 22–26. [Google Scholar] [CrossRef]
- Selten, R. Models of Strategic Rationality; Springer Science & Business Media: Berlin, Germany, 2013; Volume 2. [Google Scholar]
- Smith, J.M. Evolutionary game theory. Phys. D Nonlinear Phenom. 1986, 22, 43–49. [Google Scholar] [CrossRef]
- Friedman, D. Evolutionary games in economics. Econom. J. Econom. Soc. 1991, 59, 637–666. [Google Scholar] [CrossRef] [Green Version]
- You, M.; Li, S.; Li, D.; Cao, Q.; Xu, F. Evolutionary game analysis of coal-mine enterprise internal safety inspection system in China based on system dynamics. Resour. Policy 2020, 67, 101673. [Google Scholar] [CrossRef]
- Liu, Q.; Li, X.; Hassall, M. Evolutionary game analysis and stability control scenarios of coal mine safety inspection system in China based on system dynamics. Saf. Sci. 2015, 80, 13–22. [Google Scholar] [CrossRef]
- Regulation(EU) 2019/881 of the European Parliament and of the Council of 17 April 2019; European Union Agency for Cybersecurity: Marousi, Greece, 2019.
Variables | Meanings of the Variables | Notes |
---|---|---|
Probability of the defender choosing to strengthen the defense of the system | ||
Probability of the attacker() choosing to attack the system | ||
Cost of attack for the attacker(), including the cost of manpower, equipment, technical research, etc. | ||
Gain factor for attackers to obtain valuable information from the defender | ||
Value of the defender’s information assets | ||
Penalty factor for attackers | ||
The original defensive cost of the defender | ||
Defensive cost after strengthening the defense | ||
Reputational loss when defender leaks information |
Strategy of Attacker (1) | Strategy of Attacker (2) | |
---|---|---|
Attack (β2) | Do not attack (1 − β2) | |
Strategy of Attackers | Strategy of Defender | |
---|---|---|
Strengthen the Defense (α) | Maintain the Original Defense (1 − α) | |
Equilibrium Solution | λ1 | λ2 | λ3 |
---|---|---|---|
Variables | Meanings of the Variables | Initial Values |
---|---|---|
Cost of attack for attacker (), including the cost of manpower, equipment, etc. | 8 | |
Cost of attack for attacker (), including the cost of manpower, equipment, etc. | 11 | |
Gain factor for attackers to obtain defender’s valuable information | 0.8 | |
The value of the defender’s information assets | 20 | |
Penalty factor for attackers | 0.7 | |
The original defensive cost of the defender | 2 | |
Defensive cost after strengthening the defense | 14 | |
Reputational loss when defender leaks information | 8 |
Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations. |
© 2021 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Yang, P.; Gao, F.; Zhang, H. Multi-Player Evolutionary Game of Network Attack and Defense Based on System Dynamics. Mathematics 2021, 9, 3014. https://doi.org/10.3390/math9233014
Yang P, Gao F, Zhang H. Multi-Player Evolutionary Game of Network Attack and Defense Based on System Dynamics. Mathematics. 2021; 9(23):3014. https://doi.org/10.3390/math9233014
Chicago/Turabian StyleYang, Pengxi, Fei Gao, and Hua Zhang. 2021. "Multi-Player Evolutionary Game of Network Attack and Defense Based on System Dynamics" Mathematics 9, no. 23: 3014. https://doi.org/10.3390/math9233014