Analysis of network attack and defense strategies based on pareto optimum

Abstract

Improving network security is a difficult problem that requires balancing several goals, such as defense cost and need for network efficiency, to achieve proper results. Modeling the network as a game and using optimization problems to select the best move in such a game can assist network administrators in determining an ideal defense strategy. However, most approaches for determining optimal game solutions tend to focus on either single objective games or merely scalarize the multiple objectives to a single of objective. In this paper, we devise a method for modeling network attacks in a zero-sum multi-objective game without scalarizing the objectives. We use Pareto Fronts to determine the most harmful attacks and Pareto Optimization to find the best defense against those attacks. By determining the optimal solutions through those means, we allow network administrators to make the final defense decision from a much smaller set of defense options. The included experiment uses minimum distance as selection method and compares the results with a minimax algorithm for the determination of the Nash Equilibrium. The proposed algorithm should help network administrators in search of a hands-on method of improving network security.