GameSec: A Game Theoretic
Approach to Attack Prediction
2002-2005: DOE Early Career Principle Investigator Award
Cyber security is not only an
important science and technology issue, but also a critical national
security issue. The ability to predict attacks can
dramatically enhance people's
capacity to defend cyber attacks since attack prediction has the potential to
evolve existing passive (or reactive) secure systems into (pro)active secure systems. This research suggests a game
theoretic approach to predict cyber attacks. Our approach models a cyber system
and an
attacker as two players playing a game, and
the Nash equilibrium strategies of the game can
produce valuable predictions about cyber attacks. The predictions produced by our approach can tell which actions the attacker will probably
take when an attack happens,
although they cannot tell when the
attack will probably happen. Our
approach not only can predict (the
actions of) known types of attacks, but also can
predict (the actions of) some unknown (or new) types of attacks.
Publications:
- P. Liu, W. Zang, M. Yu, “Incentive-Based Modeling and Inference of Attacker Intent, Objectives and Strategies”, ACM Transactions
on Information and Systems
Security, 56(3): 283—298.
- Peng Liu, “Financial Cyber Crime Detection and Analysis: A Game Theoretic Approach”,
International Journal of Information
Policy, Law, and Security, under review.
- P. Liu, W. Zang, “Incentive-Based Modeling and Inference of Attacker Intent, Objectives and Strategies,” Proc. 10th ACM Conference on
Computer and Communications
Security (CCS ’03), October 28-31, Washington DC,
2003, pages 179-189.
- W. Zang,
P. Liu, M. Yu, “A Game Theoretic Analysis of Resilience of Internet
against DDoS Attacks”, to be submitted for journal publication.
- Peng Liu, Meng Yu, Jiwu Jing, “Information
Assurance”, In Handbook
of Information Security, Hossein Bidgoli
et al. (eds.), John Wiley & Sons, 2005.
- M. Yu, P. Liu, W. Zang,
“Self Healing Workflow Systems under Attacks”, in Proc. 24th IEEE
International Conference on Distributed Computing Systems (ICDCS 04), Tokyo, Japan, March
2004, pages 418-425. Acceptance
rate = 17.68%
- M. Yu, W. Zang,
P. Liu, “Defensive Execution of Transactional
Processes against Attacks”, In Proc. ACSAC ’05, 2005, to appear,
Acceptance rate = 19.6%
- M. Yu, P. Liu, W.
Zang, “Dependency Relation
based Attack Recovery of Workflow Systems”, ACM Transactions on
Information and Systems
Security, in review.
- M. Yu, P. Liu, W. Zang, “The Implementation and
Evaluation of a Self-Healing Workflow System,” IEEE Transactions on
Dependable and Secure Computing,
in review for journal publication.
- M. Yu, P. Liu, W.
Zang, “Specifying and Using Group-to-Group Communication Services
for Intrusion Masking”, Journal of
Computer Security, Vol. 13, No. 4, 623-658.
- H. Wang, P. Liu, L. Li, “Evaluating the Impact of
Intrusion Detection Deficiencies on the Cost-Effectiveness of Attack
Recovery, Proceedings of the 7th
Information Security Conference, San
Francisco, September 2004.
- R. Li, J. Li, H.
Kameda, P. Liu, “Localized Public-key Management
for Mobile Ad Hoc Networks”, Proc.
2004 IEEE Globecom, Nov 2004.
- Q.
Gu, P. Liu, W. Lee, C. Chu, “eKTR: An
Efficient Key Management Scheme
in Wireless Data Broadcast Services”, Proc.
2005 IEEE Mobiquitous, short paper, 2005.
- Peng Liu, Hai Wang,
Lunquan
Li, “Real-Time Data Attack Isolation for Commercial
Database Applications”, Elsevier
Journal of Network and Computer
Applications, in press.
- Q. Gu, P. Liu, S. Zhu, C. Chu, “Defending against
Packet Injection Attacks in Unreliable Ad Hoc Networks”, In Proc. IEEE GLOBECOM ’05, 2005, to appear.
- Peng Liu, Amit Chetal, “Trust-Based Secure Info Sharing
Between Federal Government Agencies”, Journal
of the American Society for
Information Science and
Technology, Vol. 56, No. 3,
2005, pages 283-298.
- R. Li, J. Li, P. Liu, H. H. Chen, “On-Demand Public-Key Management
for Mobile Ad Hoc Networks”, Journal
of Wireless Communications and
Mobile Computing, accepted, to appear.
- Q.
Gu, P. Liu, C. Chu, “Analysis of Area-congestion-based DDoS Attacks
in Ad Hoc Networks”, International
Journal of Ad Hoc Networks, in review.