Electronic Theses and Dissertations

Identifier

2484

Date

2015

Document Type

Dissertation

Degree Name

Doctor of Philosophy

Major

Computer Science

Committee Chair

Sajjan Shiva

Committee Member

Vasile Rus

Committee Member

Stan Franklin

Committee Member

Lan Wang

Abstract

The security systems built to secure the computer network systems have to addressdynamically changing attacks, like Stuxnet computer worm. To build a robust securitysystem using game theory, a formulation of the generic network security relatedactivities as a game is the central requirement. A game model capable of fecilitating thetypical security games is needed. The model should provide formal guarantees andacceptable bounded outcomes to be reliably useful. Such a generic model is aconvenient framework to derive many game models specifically optimized/targeted forparticular attacks.The model when instantiated with the inputs from a securitysituation will result in a security game. Given such a game, the favorable equilibriumcan be ’reasonably’ computed, and the corresponding strategy can be identified leadingto the equilibrium. Given the strategy, the corresponding actions/action-sequence ateach state can be identified. Given the actions/action-sequence for the game at eachstate, the corresponding computer-network-administrative actions amounting to theprescribed action in the game could be resolved. Thus, acting according to such aprescribed protocol, an effective defense can be built against the network attacks. Themain condition for the effectiveness of this system rests on how well the game canrepresent iv the security situation. Thus the robust game model presented herefacilitats effective defense. Here, in this dissertation, we present a generic networksecurity game model. The analyses and design of the model is presented along with thevalidation through numerical simulations. We present a framework for the effectiveinteraction with a suspicious user in a Honeypot. We present the framework formodeling the co-operative actions by multiple adversaries. We present the details of thedeployment of the game model to construct a game model repository in the securitysystem. Based on these game theoretic solutions, the architecture of a comprehensivesecurity system is presented with various components. Recently, as mostoperations/processes are being configured to operate with the cloud based systems, wepresent a formal security model of such systems, so that we can in future address theirsecurity problems using the security systems with the architecture presented here.

Comments

Data is provided by the student.

Library Comment

Dissertation or thesis originally submitted to the local University of Memphis Electronic Theses & dissertation (ETD) Repository.

Share

COinS