Candidate: Mahsa Sadat Emami Taba
Title: A Game-Theoretic Decision-Making Framework for Engineering Self-Protecting Software Systems
Date: June 26, 2018
Time: 1:00 PM
Place: MC 2009
Supervisor(s): Tahvildari, Ladan
Targeted and destructive nature of strategies used by attackers to break down a software system require mitigation approaches with dynamic awareness. Making a right decision, when facing today's sophisticated and dynamic attacks, is one of the most challenging aspects of engineering self-protecting software systems. The challenge is due to: (i) the consideration of the satisfaction of various security and non-security quality goals and their inherit conflicts with each other when selecting a countermeasure, (ii) the proactive and dynamic nature of these security attacks which make their detection and consequently their mitigation challenging, and (iii) the incorporation of uncertainties such as the intention and strategy of the adversary to attack the software system.
These factors motivated the need for a decision-making engine that facilitates adaptive security from a holistic view of the software system and the attacker. Inspired by game theory, in this research work, we model the interactions between the attacker and the software system as a two-player game. Using game-theoretic techniques, the self-protecting software systems is able to: (i) fuse the strategies of attackers into the decision-making model, and (ii) refine the strategies in dynamic attack scenarios by utilizing what has learned from the system's and adversary's interactions.
This PhD research devises a novel framework with three phases: (i) modeling quality (security and non-security) goals aiming at incorporating them into the decision-making engine, (ii) designing game-theoretic techniques in order to build the decision model in the decision-making engine, and (iii) realizing the decision-making engine in the adaptation manager. Modeling quality goals provides the adaptation manager with the knowledge-base required in making a systematic adaptation decision. The framework aims at exhibiting a plug-and-play capability to adapt a game-theoretic technique that suite security goals and requirements of the software.
In order to illustrate the plug-and-play capability of our proposed framework, we have designed and developed three decision-making engines (called ``IBSP", ``MARGIN", and ``UBSP"). Each engine aims at addressing a different challenge in adaptive security. Hence, three distinct techniques are designed: (i) incentive-based, (ii) learning-based, and (iii) uncertainty-based. For each engine, a game-theoretic approach is taken considering the information available to the self-protecting software system. The evaluation of these game-theoretic approaches show the benefits of the proposed framework in terms of satisfaction of security and non-security goals of the software system.
200 University Avenue West
Waterloo, ON N2L 3G1