Cloud networks are the backbone of the modern distributed internet infrastructure as they provision most of the on-demand resources organizations and individuals use daily. However, any abrupt cyber-attack could disrupt the provisioning of some of the cloud resources fulfilling the needs of customers, industries, and governments. In this work, we introduce a game-theoretic model that assesses the cyber-security risk of cloud networks and informs security experts on the optimal security strategies. Our approach combines game theory, combinatorial optimization, and cyber-security and aims at minimizing the unexpected network disruptions caused by malicious cyber-attacks under uncertainty. Methodologically, our approach consists of a simultaneous and non-cooperative attacker-defender game where each player solves a combinatorial optimization problem parametrized in the variables of the other player. Practically, our approach enables security experts to (i.) assess the security posture of the cloud network, and (ii.) dynamically adapt the level of cyber-protection deployed on the network. We provide a detailed analysis of a real-world cloud network and demonstrate the efficacy of our approach through extensive computational tests.
翻译:云端网络是现代分布式互联网基础设施的骨干,因为它们提供了大多数点燃资源组织和个人每天使用的网络基础设施。然而,任何突发的网络攻击都可能干扰提供满足客户、行业和政府需要的一些云层资源。在这项工作中,我们引入了一个游戏理论模型,评估云网络的网络安全风险,并向安全专家通报最佳安全战略。我们的方法是把游戏理论、组合优化和网络安全结合起来,目的是尽量减少在不确定情况下恶意网络攻击造成的意外网络中断。从方法上讲,我们的方法包括一个同时和不合作的攻击者-破坏者游戏,每个玩家在游戏中解决一个组合式优化问题,将其与其他玩家的变量相匹配。实际上,我们的方法使安全专家能够(一) 评估云端网络的安全态势,(二) 动态地调整网络上部署的网络保护水平。我们详细分析了一个真实世界云层网络,并通过广泛的计算测试来展示我们方法的功效。</s>