# Individual Security and Network Design with Malicious Nodes

^{1}

^{2}

^{*}

## Abstract

**:**

## 1. Introduction

#### 1.1. The Motivation

#### 1.2. Contribution

#### 1.3. Related Work

## 2. The Model

- The types of the nodes are realized.
- D chooses a network $G\in \mathcal{G}(V)$, where $\mathcal{G}(V)$ is the set of all undirected networks over V.
- Nodes from V observe G and choose, simultaneously and independently, whether to protect (what we denote by 1) or not (denoted by 0). This determines the set of protected nodes $\mathsf{\Delta}$. The protection of the byzantine nodes is fake and, when attacked, such a node gets infected and transmits the infection to all her neighbors.
- $\mathrm{A}$ observes the protected network $(G,\mathsf{\Delta})$ and chooses a subset $I\subseteq V$ consisting of $\left|I\right|={n}_{A}\ge 1$ nodes to infect. The infection spreads and eliminates all unprotected or byzantine nodes reachable from I in G via a path that does not contain a genuine protected node from $\mathsf{\Delta}$. This leads to the residual network obtained from G by removing all the infected nodes.

**Remark**

**1.**

#### 2.1. Remarks on the Model

## 3. The Analysis

#### 3.1. Centralized Defense

**Definition**

**1**

**Proposition**

**1.**

- (i)
- G has at most three connected components.
- (ii)
- If $k\ge 3$ and $n\phantom{\rule{0.277778em}{0ex}}mod\phantom{\rule{0.277778em}{0ex}}k\ne 1$, then G is a generalized k-star with protected core and unprotected periphery.
- (iii)
- If $k\ge 3$ and $n\phantom{\rule{0.277778em}{0ex}}mod\phantom{\rule{0.277778em}{0ex}}k=1$, then G is composed of a generalized k-star of size $(n-1)$ with protected core and unprotected periphery and a single unprotected node.
- (iv)
- If $k=0$ and $n\phantom{\rule{0.277778em}{0ex}}mod\phantom{\rule{0.277778em}{0ex}}6\ne 3$, then G has two connected components of size $\lfloor n/2\rfloor $ and, if $n\phantom{\rule{0.277778em}{0ex}}mod\phantom{\rule{0.277778em}{0ex}}2=1$, a single unprotected node.
- (v)
- If $k=0$ and $n\phantom{\rule{0.277778em}{0ex}}mod\phantom{\rule{0.277778em}{0ex}}6=3$, then G either has the structure described in Proposition 1 or G is composed of three components of size $n/3$, depending on the term achieving the maximum in Equation (4).
- (vi)
- If $k=2$, then G is composed of a generalized 2-star with protected core and unprotected periphery, an unprotected component of size $q\in \{0,\dots ,n-2\}$ and, possibly, a single unprotected node. The size q is the number achieving maximum in Equation (6). The existence of a single unprotected node depends on the term achieving maximum in Equation (5).

**Example**

**1.**

**Remark**

**2.**

#### 3.2. Decentralized Defense

**Proposition**

**2.**

**Proof.**

**Proposition**

**3.**

- all genuine nodes use pure strategies,
- if $c<f(1)$, then all genuine nodes are protected,
- if $f(1)<c<\frac{f(x)}{x}$, then all genuine core nodes are protected and all genuine periphery nodes are not protected,
- if $\frac{f(y)}{y}<c$, then all genuine nodes are not protected.

**Theorem**

**1.**

**Proof.**

**Remark**

**3.**

## 4. Extensions of the Model

## 5. Conclusions

## Author Contributions

## Funding

## Acknowledgments

## Conflicts of Interest

## Appendix A. Characterization of Equilibria in the Centralized Defense Model

**Lemma**

**A1.**

**Proof.**

**Lemma**

**A2.**

**Proof.**

**Corollary**

**A1.**

**Proof.**

**Lemma**

**A3.**

**Proof.**

**Figure A1.**Transforming a network into a generalized star. Protected nodes are depicted in bold. In the left picture, we have ${V}_{1}=\{1,7,8,9,10,11,12\}$, ${V}_{3}=\{3,5,6,7,8,9,10,11,12\}$, and ${V}_{5}=\left\{5\right\}$. The node 7 is reachable from 4 in $G-{V}_{5}$. In the right picture, the nodes $\{7,8,9,10,11,12\}$ have degree 1 and are connected to node 1. The node 7 is still reachable from 4 in $\tilde{G}-{\tilde{V}}_{5}$.

**Proof**

**of**

**Proposition**

**1.**

- Case I:
- Suppose that ${s}_{2}\ge 2\left(\right)open="\lceil "\; close="\rceil ">\frac{{s}_{1}}{k}$. We then have ${T}_{2}\ge {P}_{1}$ by the inequality$$\begin{array}{cc}\hfill f({s}_{1}+{s}_{2}& -\left(\right)open="\lceil "\; close="\rceil ">\frac{{s}_{1}+{s}_{2}}{k})\ge f\left(\right)open="("\; close=")">{s}_{1}+{s}_{2}-\left(\right)open="\lceil "\; close="\rceil ">\frac{{s}_{1}}{k}\hfill & -\left(\right)open="\lceil "\; close="\rceil ">\frac{{s}_{2}}{k}\end{array}+\frac{{s}_{2}}{2}$$
- Case II:
- Suppose that $2\le {s}_{2}\le {s}_{1}-\left(\right)open="\lceil "\; close="\rceil ">\frac{{s}_{1}}{k}$. In this case, by Corollary A1,$$f\left(\right)open="("\; close=")">{s}_{1}-\left(\right)open="\lceil "\; close="\rceil ">\frac{{s}_{1}}{k}\ge f\left(\right)open="("\; close=")">{s}_{1}-\left(\right)open="\lceil "\; close="\rceil ">\frac{{s}_{1}}{k}$$
- Case III:
- Suppose that ${s}_{1}-\left(\right)open="\lceil "\; close="\rceil ">\frac{{s}_{1}}{k}$ and ${s}_{2}\ge 2$. Let ${s}_{1}=kl+r$, where $0\le r<k$ and $l\ge 1$. If $r=0$, then we have $kl-l<2l$, which is impossible for $k\ge 3$. Hence, $r\ge 1$ and we have $kl+r-l-1<{s}_{2}<2l+2$. Note that the open interval $(kl+r-l-1,2l+2)$ contains an integer number if and only if $(2l+2)-(kl+r-l-1)\ge 2\iff 3l+1\ge kl+r$. This condition is satisfied only for $k=3$ and $r=1$. Hence, we have ${s}_{1}=3l+1$ and ${s}_{2}=2l+1$ for some $l\ge 1$. We want to prove that ${T}_{2}\ge {P}_{1}$ or, equivalently,$$f\left(\right)open="("\; close=")">5l+2-\left(\right)open="\lceil "\; close="\rceil ">\frac{5l+2}{3}\ge f(3l+1)\phantom{\rule{0.166667em}{0ex}}.$$

## Appendix B. Characterization of Equilibria in the Centralized Defense Model

**Lemma**

**A4.**

**Proof.**

**Proof**

**of**

**Proposition**

**3.**

**Lemma**

**A5.**

**Proof.**

## References

- Laszka, A.; Felegyhazi, M.; Buttyán, L. A survey of interdependent information security games. ACM Comput. Surv.
**2015**, 47, 23. [Google Scholar] [CrossRef] [Green Version] - Böhme, R.; Schwartz, G. Modeling cyber-insurance: Towards a unifying framework. In Proceedings of the 9th Workshop on the Economics of Information Security (WEIS 2010), Cambridge, MA, USA, 7–8 June 2010. [Google Scholar]
- Cerdeiro, D.; Dziubiński, M.; Goyal, S. Individual security and network design. In Proceedings of the 15th ACM Conference on Economics and Computation (EC’14), Stanford, CA, USA, 9–12 June 2014; pp. 205–206. [Google Scholar] [CrossRef]
- Cerdeiro, D.; Dziubiński, M.; Goyal, S. Individual security, contagion, and network design. J. Econom. Theory
**2017**, 170, 182–226. [Google Scholar] [CrossRef] - Weaver, N.; Paxson, V.; Staniford, S.; Cunningham, R. A taxonomy of computer worms. Proceedings of Tenth ACM Conference on Computer and Communications Security 2003, Washington, DC, USA, 27–30 October 2003; pp. 11–18. [Google Scholar]
- Zou, C.; Gong, W.; Towsley, D. Code red worm propagation modeling and analysis. In Proceedings of the 9th ACM Conference on Computer and Communications Security, Washington, DC, USA, 18–22 November 2002; pp. 138–147. [Google Scholar]
- Chen, Z.; Gao, L.; Kwiat, K. Modeling the spread of active worms. In Proceedings of the Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE INFOCOM’03), San Francisco, CA, USA, 30 March–3 April 2003; pp. 1890–1900. [Google Scholar]
- Dainotti, A.; Pescape, A.; Ventre, G. Worm Traffic Analysis and Characterization. In Proceedings of the 2007 IEEE International Conference on Communications, Glasgow, Scotland, 24–28 June 2007; pp. 1435–1442. [Google Scholar]
- Shapiro, C.; Varian, H. Information Rules: A Strategic Guide to the Network Economy; Harvard Business School Press: Boston, MA, USA, 2000. [Google Scholar]
- Moscibroda, T.; Schmid, S.; Wattenhofer, R. When selfish meets evil: Byzantine players in a virus inoculation game. In Proceedings of the 25th ACM Symposium on Principles of Distributed Computing (PODC 2006), Denver, CO, USA, 23–26 July 2006; pp. 35–44. [Google Scholar]
- Moscibroda, T.; Schmid, S.; Wattenhofer, R. The price of malice: A game-theoretic framework for malicious behavior. Int. Math.
**2009**, 6, 125–156. [Google Scholar] [CrossRef] - Baccarelli, E.; Naranjo, P.; Shojafar, M.; Scarpiniti, M. Q*: Energy and delay-efficient dynamic queue management in TCP/IP virtualized data centers. Comput. Commun.
**2017**, 102, 89–106. [Google Scholar] [CrossRef] - Pooranian, Z.; Chen, K.; Yu, C.; Conti, M. RARE: Defeating side channels based on data-deduplication in cloud storage. In Proceedings of the IEEE INFOCOM 2018—IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), Honolulu, HI, USA, 15–19 April 2018; pp. 444–449. [Google Scholar]
- Isaac, J.; Zeadally, S.; Cámara, J. Security attacks and solutions for vehicular ad hoc networks. IET Commun.
**2010**, 4, 894–903. [Google Scholar] [CrossRef] - Petrillo, A.; Pescapé, A.; Santini, S. A collaborative approach for improving the security of vehicular scenarios: The case of platooning. Comput. Commun.
**2018**, 122, 59–75. [Google Scholar] [CrossRef] - Dainotti, A.; Pescapé, A.; Ventre, G. A cascade architecture for DoS attacks detection based on the wavelet transform. J. Comput. Security
**2009**, 17, 945–968. [Google Scholar] [CrossRef] - Chen, X.; Makki, K.; Yen, K.; Pissinou, N. Sensor network security: A survey. IEEE Commun. Sur. Tutor.
**2009**, 11, 52–73. [Google Scholar] [CrossRef] - Padmavathi, G.; Shanmugapriya, D. A survey of attacks, security mechanisms and challenges in wireless sensor networks. arXiv, 2009; arXiv:0909.0576. [Google Scholar]
- Castiglione, A.; D’Arco, P.; De Santis, A.; Russo, R. Secure group communication schemes for dynamic heterogeneous distributed computing. Future Gener. Compute. Syst.
**2017**, 74, 313–324. [Google Scholar] [CrossRef] - Kiskani, M.; Sadjadpour, H. A secure approach for caching contents in wireless ad hoc networks. IEEE Trans. Veh. Tech.
**2017**, 66, 10249–10258. [Google Scholar] [CrossRef] - Marti, S.; Giuli, T.; Lai, K.; Baker, M. Mitigating routing misbehavior in mobile ad hoc networks. In Proceedings of the 6th Annual International Conference on Mobile Computing and Networking, Boston, MA, USA, 6–11 August 2000; pp. 255–265. [Google Scholar]
- Michiardi, P.; Molva, R. Core: A Collaborative reputation mechanism to enforce node cooperation in mobile ad hoc networks. In Advanced Communications and Multimedia Security: IFIP TC6/TC11 Sixth Joint Working Conference on Communications and Multimedia Security; Jerman-Blažič, B., Klobučar, T., Eds.; Springer: Boston, MA, USA, 2002; pp. 107–121. [Google Scholar]
- Zhang, Y.; Lee, W.; Huang, Y.A. Intrusion detection techniques for mobile wireless networks. Wirel. Netw.
**2003**, 9, 545–556. [Google Scholar] [CrossRef] - Kargl, F.; Klenk, A.; Schlott, S.; Weber, M. Advanced detection of selfish or malicious nodes in ad hoc networks. In Security in Ad-hoc and Sensor Networks; Castelluccia, C., Hartenstein, H., Paar, C., Westhoff, D., Eds.; Springer: Berlin/Heidelberg, Germany, 2005; pp. 152–165. [Google Scholar]
- Nasser, N.; Chen, Y. Enhanced intrusion detection system for discovering malicious nodes in mobile ad hoc networks. In Proceedings of the 2007 IEEE International Conference on Communications, Glasgow, Scotland, 24–28 June 2007; pp. 1154–1159. [Google Scholar]
- Buttyán, L.; Hubaux, J.P. Stimulating cooperation in self-organizing mobile ad hoc networks. Mob. Netw. Appl.
**2003**, 8, 579–592. [Google Scholar] [CrossRef] - Zhong, S.; Chen, J.; Yang, Y. Sprite: A simple, cheat-proof, credit-based system for mobile ad-hoc networks. In Proceedings of the 22nd Annual Joint Conference of the IEEE Computer and Communications Societies, San Francisco, CA, USA, 30 March–3 April 2003; pp. 1987–1997. [Google Scholar]
- Smith, A.; Vorobeychik, Y.; Letchford, J. Multidefender security games on networks. ACM SIGMETRICS Perform. Eval. Rev.
**2014**, 41, 4–7. [Google Scholar] [CrossRef] - Lou, J.; Vorobeychik, Y. Equilibrium analysis of multidefender security games. In Proceedings of the 24th International Conference on Artificial Intelligence (IJCAI’15), Buenos Aires, Argentina, 25–31 July 2015; pp. 596–602. [Google Scholar]
- Lou, J.; Smith, A.; Vorobeychik, Y. Multidefender security games. IEEE Intell. Syst.
**2017**, 32, 50–60. [Google Scholar] [CrossRef] - Kunreuther, H.; Heal, G. Interdependent security. J. Risk Uncertain.
**2003**, 26, 231–249. [Google Scholar] [CrossRef] - Varian, H. System reliability and free riding. In Economics of Information Security; Camp, L.J., Lewis, S., Eds.; Springer: Boston, MA, USA, 2004; pp. 1–15. [Google Scholar] [CrossRef]
- Aspnes, J.; Chang, K.; Yampolskiy, A. Inoculation strategies for victims of viruses and the sum-of-squares partition problem. J. Comput. Syst. Sci.
**2006**, 72, 1077–1093. [Google Scholar] [CrossRef] - Lelarge, M.; Bolot, J. Network externalities and the deployment of security features and protocols in the Internet. ACM SIGMETRICS Perform. Eval. Rev.
**2008**, 36, 37–48. [Google Scholar] [CrossRef] - Lelarge, M.; Bolot, J. A local mean field analysis of security investments in networks. In Proceedings of the 3rd International Workshop on Economics of Networked Systems (NetEcon’08), Seattle, WA, USA, 17–22 August 2008; pp. 25–30. [Google Scholar] [CrossRef]
- Chan, H.; Ceyko, M.; Ortiz, L. Interdependent defense games: modeling interdependent security under deliberate attacks. arXiv, 2012; arXiv:1210.4838. [Google Scholar]
- Acemoglu, D.; Malekian, A.; Ozdaglar, A. Network security and contagion. J. Econom. Theory
**2016**, 166, 536–585. [Google Scholar] [CrossRef] [Green Version] - Gueye, A.; Walrand, J.; Anantharam, V. Design of network topology in an adversarial environment. In Proceedings of the 2010 Conference on Decision and Game Theory for Security (GameSec 2010), Berlin, Germany, 22–23 November 2010; pp. 1–20. [Google Scholar] [CrossRef]
- Gueye, A.; Walrand, J.C.; Anantharam, V. How to choose communication links in an adversarial environment? In Proceedings of the 2nd International Conference on Game Theory for Networks (GameNets 2011), College Park, MD, USA, 14–15 November 2011; pp. 233–248. [Google Scholar]
- Gueye, A.; Marbukh, V.; Walrand, J. Towards a metric for communication network vulnerability to attacks: A game theoretic approach. In Proceedings of the 3rd International Conference on Game Theory for Networks (GameNets 2012), Budapest, Hungary, 5–6 November 2012; pp. 259–274. [Google Scholar] [CrossRef]
- Laszka, A.; Szeszlér, D.; Buttyán, L. Game-theoretic robustness of many-to-one networks. In Proceedings of the 3rd International Conference on Game Theory for Networks (GameNets 2012), Budapest, Hungary, 5–6 November 2012; pp. 88–98. [Google Scholar] [CrossRef] [Green Version]
- Laszka, A.; Szeszlér, D.; Buttyán, L. Linear loss function for the network blocking game: An efficient model for measuring network robustness and link criticality. In Proceedings of the 3rd International Conference on Game Theory for Networks (GameNets 2012), Budapest, Hungary, 5–6 November 2012; pp. 152–170. [Google Scholar] [CrossRef]
- Goyal, S.; Jabbari, S.; Kearns, M.; Khanna, S.; Morgenstern, J. Strategic network formation with attack and immunization. In Proceedings of the 12th Conference on Web and Internet Economics (WINE 2016), Montreal, QC, Canada, 11–14 December 2016; pp. 429–443. [Google Scholar] [CrossRef]
- Aghassi, M.; Bertsimas, D. Robust game theory. Math. Program.
**2006**, 107, 231–273. [Google Scholar] [CrossRef] - Hiriart-Urruty, J.B.; Lemaréchal, C. Convex Analysis and Minimization Algorithms I: Fundamentals; Springer: Berlin/Heidelberg, Germany, 1993. [Google Scholar]

Notation | Definition |
---|---|

n | number of nodes |

${n}_{B}$ | number of byzantine nodes |

${n}_{A}$ | number of nodes infected by the adversary |

f | component value function |

G | network |

$\mathsf{\Delta}$ | set of protected nodes |

${u}^{\mathrm{D}},{u}^{\mathrm{A}},{u}^{j}$ | payoff to the designer, the adversary, and a node |

${\widehat{U}}^{\mathrm{D}},{\widehat{U}}^{j}$ | pessimistic payoff to the designer and a node |

$n=50$ | |||||

$n=30$ | $c<3.88$ | 50-star | |||

$c<3.80$ | 30-star | $c\in (3.88,11.875)$ | 25-star | ||

$n=12$ | $c\in (3.80,11)$ | 15-star | $c\in (11.875,23.25)$ | 17-star | |

$c<3.50$ | 12-star | $c\in (11,26)$ | 10-star | $c\in (23.25,30.(3))$ | 13-star |

$c\in (3.50,9.50)$ | 6-star | $c\in (26,49)$ | 6-star | $c\in (30.(3),85)$ | 10-star |

$c\in (9.50,11.25)$ | 4-star | $c\in (49,70.20)$ | 5-star | $c\in (85,195)$ | 5-star |

$c>11.25$ | two disconnected components of equal size | $c>70.20$ | two disconnected components of equal size | $c>195$ | two disconnected components of equal size |

© 2018 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).

## Share and Cite

**MDPI and ACS Style**

Janus, T.; Skomra, M.; Dziubiński, M.
Individual Security and Network Design with Malicious Nodes. *Information* **2018**, *9*, 214.
https://doi.org/10.3390/info9090214

**AMA Style**

Janus T, Skomra M, Dziubiński M.
Individual Security and Network Design with Malicious Nodes. *Information*. 2018; 9(9):214.
https://doi.org/10.3390/info9090214

**Chicago/Turabian Style**

Janus, Tomasz, Mateusz Skomra, and Marcin Dziubiński.
2018. "Individual Security and Network Design with Malicious Nodes" *Information* 9, no. 9: 214.
https://doi.org/10.3390/info9090214