Home   Research Publications Members Related Software
IndexBrowse   BibliographiesMy selection
 Search: in   (word length ≥ 3)
      Login
Publication no #639   Download bibtex file Type :   Html | Bib | Both
Add to my selection
Engineering Secure Self-adaptive Systems with Bayesian Games

Nianyu Li, Mingyue Zhang, Eunsuk Kang and David Garlan.


In Proceedings of the 24th International Conference on Fundamental Approaches to Software Engineering, 27 March - 1 April 2021.

Online links: PDF

Abstract
Security attacks present unique challenges to self-adaptive system design due to the adversarial nature of the environment. Game theory approaches have been explored in security to model malicious behaviors and design reliable defense for the system in a mathematically grounded manner. However, modeling the system as a single player, as done in prior works, is insufficient for the system under partial compromise and for the design of fine-grained defensive strategies where the rest of the system with autonomy can cooperate to mitigate the impact of attacks. To deal with such issues, we propose a new self-adaptive framework incorporating Bayesian game theory and model the defender (i.e., the system) at the granularity of components. Under security attacks, the architecture model of the system is translated into a Bayesian multi-player game, where each component is explicitly modeled as an independent player while security attacks are encoded as variant types for the components. The optimal defensive strategy for the system is dynamically computed by solving the pure equilibrium (i.e., adaptation response) to achieve the best possible system utility, improving the resiliency of the system against security attacks. We illustrate our approach using an example involving load balancing and a case study on inter-domain routing.

Keywords: Formal Methods, Science of Security, Self-adaptation.  
@InProceedings{2021:FASE:Li,
      AUTHOR = {Li, Nianyu and Zhang, Mingyue and Kang, Eunsuk and Garlan, David},
      TITLE = {Engineering Secure Self-adaptive Systems with Bayesian Games},
      YEAR = {2021},
      MONTH = {27 March - 1 April},
      BOOKTITLE = {Proceedings of the 24th International Conference on Fundamental Approaches to Software Engineering},
      PDF = {http://acme.able.cs.cmu.edu/pubs/uploads/pdf/FASE2021.pdf},
      ABSTRACT = {Security attacks present unique challenges to self-adaptive system design due to the adversarial nature of the environment. Game theory approaches have been explored in security to model malicious behaviors and design reliable defense for the system in a mathematically grounded manner. However, modeling the system as a single player, as done in prior works, is insufficient for the system under partial compromise and for the design of fine-grained defensive strategies where the rest of the system with autonomy can cooperate to mitigate the impact of attacks. To deal with such issues, we propose a new self-adaptive framework incorporating Bayesian game theory and model the defender (i.e., the system) at the granularity of components. Under security attacks, the architecture model of the system is translated into a Bayesian multi-player game, where each component is explicitly modeled as an independent player while security attacks are encoded as variant types for the components. The optimal defensive strategy for the system is dynamically computed by solving the pure equilibrium (i.e., adaptation response) to achieve the best possible system utility, improving the resiliency of the system against security attacks. We illustrate our approach using an example involving load balancing and a case study on inter-domain routing.},
      KEYWORDS = {Formal Methods, Science of Security, Self-adaptation}
}
    Created: 2021-01-27 11:35:24     Modified: 2021-04-05 12:13:46
Feedback: ABLE Webmaster
Last modified: Sat October 12 2019 16:15:32
        BibAdmin