Combating adversaries in network-structured security domains
Game theoretic models of security, and associated computational methods, have emerged as critical components of security posture across a broad array of domains, including airport security and coast guard. However, the network-structured security domains capturing a variety of realistic problems suc...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Theses and Dissertations |
| Language: | English |
| Published: |
2018
|
| Subjects: | |
| Online Access: | http://hdl.handle.net/10356/75075 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| id |
sg-ntu-dr.10356-75075 |
|---|---|
| record_format |
dspace |
| institution |
Nanyang Technological University |
| building |
NTU Library |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
NTU Library |
| collection |
DR-NTU |
| language |
English |
| topic |
DRNTU::Engineering::Computer science and engineering |
| spellingShingle |
DRNTU::Engineering::Computer science and engineering Guo, Qingyu Combating adversaries in network-structured security domains |
| description |
Game theoretic models of security, and associated computational methods, have emerged as critical components of security posture across a broad array of domains, including airport security and coast guard. However, the network-structured security domains capturing a variety of realistic problems such as preventing the illegal good smuggling, are not paid enough attentions. Many critical challenges and issues exist in those scenarios which, however, remain to be solved, including the cooperation among multiple adversaries, preventing adversarial flows on the network, and the planning and learning in repeated games. Although existing work on target-structured security domains has considered part of those issues, their methodologies fail to deal with the network structure, as the adversarial activity on the network is much more complex. This thesis provides the first models and approaches for several important network-structured security domains: 1) the interdiction of multiple cooperative adversaries connecting on the network from forming powerful coalitions, 2) the interdiction of an adversarial network flow, and 3) the online policy for combating the repeated attacks on the network. First, to address the issue of cooperation among attackers, we introduce a novel coalitional security game (CSG) model. A CSG consists of a set of attackers connected by a (communication or trust) network who can form coalitions as connected subgraphs of this network so as to attack a collection of targets. A defender in a CSG can delete a set of edges, incurring a cost for deleting each edge, with the goal of optimally limiting the attackers' ability to form effective coalitions (in terms of successfully attacking high value targets). We first show that a CSG is, in general, hard to approximate. Nevertheless, we develop a novel branch and price algorithm, leveraging a combination of column generation, relaxation, greedy approximation, and stabilization methods to enable scalable high-quality approximations of CSG solutions on realistic problem instances. Second, focusing on the challenging task of optimally interdicting an illegal network flow, we make several contributions. We propose a new Stackelberg game model for network flow interdiction. To solve this game, we provide a novel Column and Constraint Generation approach for computing the optimal defender strategy. We conduct extensive complexity analysis of the column generation subproblem. We propose compact convex nonlinear programs for solving the subproblems. Novel greedy and heuristic approaches for subproblems with good approximation guarantee are also incorporated. With these novel approaches, our approach can obtain a robust enough solution outperforming the existing methods and heuristic baselines significantly and scale up to realistic-sized problems according to extensive experimental evaluation. Finally, we study repeated network interdiction games with no prior knowledge of the adversary and the environment. We provide the first defender strategy, that enjoys nice theoretical and practical performance guarantees, by applying the adversarial online learning approach. In particular, we model the repeated network interdiction game with no prior knowledge as an online linear optimization problem, for which a novel and efficient online learning algorithm, SBGA, is proposed, which exploits the unique semi-bandit feedback in network security domains. We prove that SBGA achieves sublinear regret against adaptive adversary, compared with both the best fixed strategy on hindsight and a near optimal adaptive strategy. Extensive experiments also show that SBGA significantly outperforms existing approaches with fast convergence rate. |
| author2 |
Bo An |
| author_facet |
Bo An Guo, Qingyu |
| format |
Theses and Dissertations |
| author |
Guo, Qingyu |
| author_sort |
Guo, Qingyu |
| title |
Combating adversaries in network-structured security domains |
| title_short |
Combating adversaries in network-structured security domains |
| title_full |
Combating adversaries in network-structured security domains |
| title_fullStr |
Combating adversaries in network-structured security domains |
| title_full_unstemmed |
Combating adversaries in network-structured security domains |
| title_sort |
combating adversaries in network-structured security domains |
| publishDate |
2018 |
| url |
http://hdl.handle.net/10356/75075 |
| _version_ |
1695636087350755328 |
| spelling |
sg-ntu-dr.10356-750752021-03-20T13:06:32Z Combating adversaries in network-structured security domains Guo, Qingyu Bo An Interdisciplinary Graduate School (IGS) Joint NTU-UBC Research Centre of Excellence in Active Living for the Elderly (LILY) DRNTU::Engineering::Computer science and engineering Game theoretic models of security, and associated computational methods, have emerged as critical components of security posture across a broad array of domains, including airport security and coast guard. However, the network-structured security domains capturing a variety of realistic problems such as preventing the illegal good smuggling, are not paid enough attentions. Many critical challenges and issues exist in those scenarios which, however, remain to be solved, including the cooperation among multiple adversaries, preventing adversarial flows on the network, and the planning and learning in repeated games. Although existing work on target-structured security domains has considered part of those issues, their methodologies fail to deal with the network structure, as the adversarial activity on the network is much more complex. This thesis provides the first models and approaches for several important network-structured security domains: 1) the interdiction of multiple cooperative adversaries connecting on the network from forming powerful coalitions, 2) the interdiction of an adversarial network flow, and 3) the online policy for combating the repeated attacks on the network. First, to address the issue of cooperation among attackers, we introduce a novel coalitional security game (CSG) model. A CSG consists of a set of attackers connected by a (communication or trust) network who can form coalitions as connected subgraphs of this network so as to attack a collection of targets. A defender in a CSG can delete a set of edges, incurring a cost for deleting each edge, with the goal of optimally limiting the attackers' ability to form effective coalitions (in terms of successfully attacking high value targets). We first show that a CSG is, in general, hard to approximate. Nevertheless, we develop a novel branch and price algorithm, leveraging a combination of column generation, relaxation, greedy approximation, and stabilization methods to enable scalable high-quality approximations of CSG solutions on realistic problem instances. Second, focusing on the challenging task of optimally interdicting an illegal network flow, we make several contributions. We propose a new Stackelberg game model for network flow interdiction. To solve this game, we provide a novel Column and Constraint Generation approach for computing the optimal defender strategy. We conduct extensive complexity analysis of the column generation subproblem. We propose compact convex nonlinear programs for solving the subproblems. Novel greedy and heuristic approaches for subproblems with good approximation guarantee are also incorporated. With these novel approaches, our approach can obtain a robust enough solution outperforming the existing methods and heuristic baselines significantly and scale up to realistic-sized problems according to extensive experimental evaluation. Finally, we study repeated network interdiction games with no prior knowledge of the adversary and the environment. We provide the first defender strategy, that enjoys nice theoretical and practical performance guarantees, by applying the adversarial online learning approach. In particular, we model the repeated network interdiction game with no prior knowledge as an online linear optimization problem, for which a novel and efficient online learning algorithm, SBGA, is proposed, which exploits the unique semi-bandit feedback in network security domains. We prove that SBGA achieves sublinear regret against adaptive adversary, compared with both the best fixed strategy on hindsight and a near optimal adaptive strategy. Extensive experiments also show that SBGA significantly outperforms existing approaches with fast convergence rate. Doctor of Philosophy (IGS) 2018-05-28T04:20:48Z 2018-05-28T04:20:48Z 2018 Thesis Guo, Q. (2018). Combating adversaries in network-structured security domains. Doctoral thesis, Nanyang Technological University, Singapore. http://hdl.handle.net/10356/75075 10.32657/10356/75075 en 175 p. application/pdf |