Security Analysis of Enterprise Network

Only available on StudyMode
  • Download(s) : 21
  • Published : March 13, 2013
Open Document
Text Preview
This full text paper was peer reviewed at the direction of IEEE Communications Society subject matter experts for publication in the IEEE ICC 2009 proceedings

Security Analysis of Enterprise Network Based on
Stochastic Game Nets Model
Yuanzhuo Wang, Chuang Lin, Senior Member, IEEE, Yang Wang, Kun Meng Department of Computer Science and Technology, Tsinghua University, Beijing 100084, China Email: {yzwang, clin, ywang, mengkun08}@csnet1.cs.tsinghua.edu.cn Abstract—In this paper, we propose a novel modeling method, Stochastic Game Nets (SGN), and use it to model and analyze the security issues in enterprise networks. Firstly, the definition and modeling algorithm of Stochastic Game Nets are given. And then we apply the Stochastic Game Nets method to describe the attack and defense course in the enterprise networks successfully, and find a Nash equilibrium. Finally we analyze the confidentiality and integrity of the enterprise network quantificationally based on the model. The method can also be applied to other areas with respect to a game.

Keywords- Stochastic Game Net, Enterprise Network, Security
Analysis, Integrality, Confidentiality.

I.

INTRODUCTION

Enterprise networks interconnect islands of departmental,
local and remote computing and communication resources.
They provide many benefits to organizations using them, such as the enhancement of efficiency, allowing employees greater flexibility in their work habits etc. As the role of enterprise networks, they are keeping expanding in theirs support of both internal and external connectivity in the form of emerging

internet, intranet and extranet applications. Unfortunately, owing to all kinds of reasons, the networks always are under the hazard of illegal intrusion. This has given rise to the
dichotomy faced by those partaking in the information
economy paradigm. Security has become an ever increasingly
critical element for enterprise network design and
implementation.
More recently, the notion of intrusion tolerance has been
advocated to allow the system to continue performing its
intended function despite partially successful attacks, e.g., see Nicol, Sanders and Trivedi [1]. Wang [2] describes DoS attack and DDoS attacks as a queue model. Most attempts to validate security mechanisms and strategies have been qualitative

analysis by showing the process employed to construct a
security system. In face of various attack behaviors, security specialists are interested in knowing how an intruder enters enterprise networks, and how to prevent or to counteract
attacks more efficiently. The quantificational security analysis for enterprise network can make the security mechanisms and
strategies more effective.
Game theory now has been introduced to the field of
network security and computer security. In Lye and Wing [3], a game theoretic method for analyzing the security of computer networks was presented. The interactions between an attacker and the administrator were modeled as a two-player stochastic game for which best-response strategies (Nash Equilibrium)

were computed. Mahimkar and Shmatikov [4] proposed a new
protocol for preventing malicious bandwidth consumption, and demonstrated how game-based formal methods could be
successfully used to verify availability-related security
properties of network protocols. Liu, Zang and Yu [5]
presented a general incentive-based method to model attacker intent, objectives, and strategies (AIOS) and a game-theoretic approach to infer AIOS. Wang and Reiter [6] and Bencsth,
Buttyn and Vajda [6] proposed the puzzle auction mechanism
to defend the DoS and DDoS attacks based on game theory. Xu
and Lee [7] used game-theoretical framework to analyze the
performance of their proposed DDoS defense system and to
guide its design and performance tuning accordingly. Browne
[8] described how static games can be used to analyze attacks involving complicated and heterogeneous military networks.
In most...
tracking img