Automated Game-Theoretic Verification of Security Systems

Chunyan Mu

Automated Game-Theoretic Verification of Security Systems

Research output: Contribution to conference › Paper

124 Downloads (Pure)

Abstract

Security-sensitive computerised communication systems are of increasing importance, however checking that they function correctly can be non-trivial. We propose automated verification techniques for the formal analysis of quantitative properties of such systems. Since communication networks typically require the collaboration of their participants to work effectively, we adopt a game-theoretic approach. Utility functions for each player, such as the degree of security offered
and the communication costs incurred, are formally specified using quantitative temporal logics. Then, building upon probabilistic verification techniques for parametric Markov chains, we develop methods to identify Nash equilibria representing stable strategies for the participants. We implement our methods as an extension of the PRISM model checker, and illustrate their applicability by studying anonymity-cost trade-offs in the Crowds anonymity protocol.

Original language	English
Publication status	Published - 10 Sep 2019
Event	16th International Conference on Quantitative Evaluation of SysTems - Glasgow, United Kingdom Duration: 10 Sep 2019 → 12 Sep 2019

Conference

Conference	16th International Conference on Quantitative Evaluation of SysTems
Abbreviated title	QEST 2019
Country	United Kingdom
City	Glasgow
Period	10/09/19 → 12/09/19

Fingerprint

Cite this

Mu, C. (2019). Automated Game-Theoretic Verification of Security Systems. Paper presented at 16th International Conference on Quantitative Evaluation of SysTems , Glasgow, United Kingdom.

@conference{0c49e7ca5bcb4f09ab7048e6c71f5422,

title = "Automated Game-Theoretic Verification of Security Systems",

abstract = "Security-sensitive computerised communication systems are of increasing importance, however checking that they function correctly can be non-trivial. We propose automated verification techniques for the formal analysis of quantitative properties of such systems. Since communication networks typically require the collaboration of their participants to work effectively, we adopt a game-theoretic approach. Utility functions for each player, such as the degree of security offeredand the communication costs incurred, are formally specified using quantitative temporal logics. Then, building upon probabilistic verification techniques for parametric Markov chains, we develop methods to identify Nash equilibria representing stable strategies for the participants. We implement our methods as an extension of the PRISM model checker, and illustrate their applicability by studying anonymity-cost trade-offs in the Crowds anonymity protocol.",

author = "Chunyan Mu",

year = "2019",

month = sep,

day = "10",

language = "English",

note = "16th International Conference on Quantitative Evaluation of SysTems , QEST 2019 ; Conference date: 10-09-2019 Through 12-09-2019",

}

TY - CONF

T1 - Automated Game-Theoretic Verification of Security Systems

AU - Mu, Chunyan

PY - 2019/9/10

Y1 - 2019/9/10

N2 - Security-sensitive computerised communication systems are of increasing importance, however checking that they function correctly can be non-trivial. We propose automated verification techniques for the formal analysis of quantitative properties of such systems. Since communication networks typically require the collaboration of their participants to work effectively, we adopt a game-theoretic approach. Utility functions for each player, such as the degree of security offeredand the communication costs incurred, are formally specified using quantitative temporal logics. Then, building upon probabilistic verification techniques for parametric Markov chains, we develop methods to identify Nash equilibria representing stable strategies for the participants. We implement our methods as an extension of the PRISM model checker, and illustrate their applicability by studying anonymity-cost trade-offs in the Crowds anonymity protocol.

AB - Security-sensitive computerised communication systems are of increasing importance, however checking that they function correctly can be non-trivial. We propose automated verification techniques for the formal analysis of quantitative properties of such systems. Since communication networks typically require the collaboration of their participants to work effectively, we adopt a game-theoretic approach. Utility functions for each player, such as the degree of security offeredand the communication costs incurred, are formally specified using quantitative temporal logics. Then, building upon probabilistic verification techniques for parametric Markov chains, we develop methods to identify Nash equilibria representing stable strategies for the participants. We implement our methods as an extension of the PRISM model checker, and illustrate their applicability by studying anonymity-cost trade-offs in the Crowds anonymity protocol.

M3 - Paper

T2 - 16th International Conference on Quantitative Evaluation of SysTems

Y2 - 10 September 2019 through 12 September 2019

ER -

Access to Document

Full textAccepted author manuscript, 274 KBLicence: CC BY-NC-ND