Abstract
Stochastic game theoretic framework has been used in many fields of networks with interactive behaviors. However, further use of this framework is limited due to the following reasons. Firstly, it is difficult to build comprehensive and rigorous models for complex network structures by the state-based game model. Secondly, solving and extending the dynamic behaviors of participators of the network are nearly impossible, because of the complexity of state transitions. Last but not least, general game model is not able to describe and analyze specific events and behaviors in some kinds of networks, like enterprise networks. In this paper, we propose a new modeling paradigm (stochastic game net, or SGN) for stochastic games representation with Petri nets. Based on our graphical tool, stochastic game problems can be described clearly, and the model can be solved and extended easily. Moreover, this paper puts forth a series of methods for modeling and analyzing the competitive game by SGN, which is the main contribution of this work. Our achievements are applied to the security analysis for enterprise networks. The analysis results prove the powerful ability of our achievements in solving the complicated and dynamic game problems. Furthermore, our approaches can be used to calculate the existence and the value of an equilibrium point.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Lye, K., Wing, J.M.: Game strategies in network security. In: Proceedings of 15th IEEE Computer Security Foundations Workshop (2002)
Mahimkar, A., Shmatikov, V.: On the advantage of network coding for improving network throughput. In: Proceedings of 18th IEEE Computer Security Foundations Workshop (2005)
Liu P., Zang W., Yu M.: Incentive-based modeling and inference of attacker intent, objectives, and strategies. ACM Trans. Inf. Syst. Secur. 8(1), 78–118 (2005)
Wang, X., Reiter, M.: Defending against denial-of-service attacks with puzzle auctions. In: Proceedings of IEEE Security and Privacy (2003)
Bencsth, B., Buttyn, L., Vajda, I.: A game based analysis of the client puzzle approach to defend against dos attacks. In: Proceedings of IEEE Conference on Software, Telecommunications and Computer Networks (2003)
Xu J., Lee W.: Sustaining availability of web services under distributed denial of service attacks. IEEE Trans. Comput. 52(2), 195–208 (2003)
Browne, R.: Defensive infrastructure for survivability against multi-mode attacks. In: Proceedings of 21st Century Military Communication-Architectures and Technologies for Information Superiority (2000)
Nicol, D.M., Sanders, W.H., Trivedi, K.S.: Model-based evaluation: from depend-ability to security. IEEE Trans. Dependability Secur. Comput. 1(1), 48–65 (2004)
Shapley, L.S.: Stochastic games. In: Proceedings of the National Academy of Sciences, pp. 1095–1100. (1953)
Molloy M.K.: Performance analysis using stochastic petri nets. IEEE Trans. Comput. 31(9), 913–917 (1982)
Ciardo, G., Blakemore, A., Chimento, P.F., Trivedi, K.S.: Automated Generation and Analysis of Markov Reward Models Using Stochastic Reward Nets. In: Meyer, C., Plemmons, R. (eds.) Linear Algebra, Markov Chains and Queuing Models, IMA Volumes in Mathematics and its Applications, vol. 48, pp. 145–191. Springer, Heidelberg (1993)
Wang, Y.Z., Lin, C., Wang, Y., Meng,K.: Security analysis of enterprise network based on Stochastic game nets model. ICC ’09 Communica-tion and Information Systems Security Symposium (2009)
Lin, C., Wang, Y., Wang, Y.: A Stochastic game nets based approach for network security analysis. In: Proceedings of the 29th International Conference on Application and Theory of Petri Nets and other Models of Concurrency, Concurrency methods: Issues and Applications, pp. 21–23 (2008)
Nash, J.: Equilibrium points in n-person games. In: Proceedings of the National Academy of Science, vol. 36, pp. 48–49. (1950)
Stoneburner, G., Goguen, A., Feringa, A.: Risk management guide for information technology systems. National Institute of Standards and Technology, Gaithersburg, Special Publication, 800(30). http://csrc.nist.gov/publications/nistpubs/800-30/sp800-30.pdf(2001). Accessed 1 Jun 2007
Ciaodo, G., Muppala, J., Trivedi, K.S.: SPNP: Stochastic Petri net package, In: Proceedings of Petri Nets and Performance Models, pp. 142–151. (1989)
United States-Computer Emergency Response Team. http://www.us-cert.gov/
Wang, Y., Lin, C., Meng, K.,: Security analysis for online banking system using hierarchical Stochastic game nets model. In: Proceeding of IEEE Global Communications Conference (2009)
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Wang, Y., Yu, M., Li, J. et al. Stochastic game net and applications in security analysis for enterprise network. Int. J. Inf. Secur. 11, 41–52 (2012). https://doi.org/10.1007/s10207-011-0148-z
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10207-011-0148-z