Modelling and Analysis of Network Security - an Algebraic Approach

Game theory has been applied to investigate network security. But different security scenarios were often modeled via different types of games and analyzed in an ad-hoc manner. In this paper, we propose an algebraic approach for modeling and analyzing uniformly several types of network security games. This approach is based on a probabilistic extension of the value-passing Calculus of Communicating Systems (CCS), which is a common formal language for modeling concurrent systems. Our approach gives a uniform security model for different security scenarios. We present then a uniform algorithm for computing the Nash equilibria strategies on this security model. In a nutshell, the algorithm first generates a network state transition graph for our security model, then simplifies this transition graph through graph-theoretic abstraction and bisimulation minimization. Then, a backward induction method, which is only applicable to finite tree models, can be used to compute all the Nash equilibria strategies of the (possibly infinite) security models. This algorithm is implemented and can be tuned smoothly for computing its social optimal strategies, and its termination and correctness are proved. The effectiveness and efficiency of this approach are demonstrated with two detailed examples from the field of network security.