a game-theoretic model for defending against malicious users in recdroid bahman rashidi december 5...
TRANSCRIPT
A Game-Theoretic Model for Defending Against Malicious Users in RecDroid
Bahman Rashidi
December 5th, 2014
1
Overview
- Introduction
- RecDroid system
- Game theoretic model
- Nash equilibrium
- Discussion
- Conclusion
2
RecDroid system
- What is RecDroid?
- A framework, to improve and assist mobile (smartphone) users to control their
resource and privacy through crowd sourcing.
- Android OS permission granting All-or-Nothing
- Two app installation modes:
- Probation
- Trusted
- Real-time resource granting decisions
- Expert and peer recommendation system
4
RecDroid system (cont.)
- RecDroid Functionalities:
1. Collecting permission-request responses
2. Analyzing the responses
3. Recommend low-risk responses to permission requests
4. Expanding expert user base
5. Ranking the apps
5
RecDroid system (cont.)
- RecDroid’s Components
Verification system
Environment Knowledge
Expert users
Users
Malicious Regular
6
RecDroid system (cont.)
- Verification system
Environment knowledge
Previous responses
User behavior
App developer
Game model
Users’ type prediction Security improvement
7
Game Theoretic Model
- Normal- Form Representation
2 Players
Users (Malicious, Regular) RecDroid system
Strategies space
Users Malicious (Malicious, Not Malicious) Regular (Not malicious)
RecDroid (Verify, Not verify)
8
Game Theoretic Model (cont.)
- Normal- Form Representation
Payoff
Common parameters Special parameters
𝜔 :- Security value
- Equal to gain/loss (both of them)- Loss of reputation (RecDroid)- Loss of secrecy (Malicious users)
Cost of verification (RecDroid)
Cost of responding (Maliciously)
Recognition rate (true positive) of the RecDroid
False alarm rate (false positive rate)
𝑐𝑚:
𝛼 :𝛽 :
10
Game Theoretic Model (cont.)
- Extensive form
Node N represents a “nature” node, who determines the type of player i (Attacker or Regular user)
Assumption: is a common prior
Player i knows RecDroid’s belief of
11
Game Theoretic Model (cont.)
- Bayesian Nash equilibrium
(Malicious (malicious user), Not malicious (regular user))
→
(Malicious, Verify), Not BNE
→if (Malicious, Verify)
(Malicious, Not Verify), Pure strategy BNE →
12
Game Theoretic Model (cont.)
- Bayesian Nash equilibrium
(Not Malicious (malicious user), Not malicious (regular user))
Regardless of :
RecDroid’s best strategy: Not verify (dominant)
Malicious user’s best strategy: Malicious
Reduces to the previous case (Not BNE)
13
Game Theoretic Model (cont.)
- Bayesian Nash equilibrium
We analyzed all the existing strategy combinations
No pure-strategy when
Mixed-strategy
14
Game Theoretic Model (cont.)
- Bayesian Nash equilibrium
Mixed-strategy
p : user plays Maliciousq : RecDroid plays Verify
→
(( if Malicious user, Not malicious if regular), , ) is the mixed-strategy
15
Discussion
- Impact of parameters
- Impact of : detection rate (true positive rate)
- is high- Depends on
- Impact of
- Impact on p is high
- Impact of : false alarm rate (false positive rate)
- When malicious user plays Not malicious and RecDroid plays Verify
p is high, RecDroid has a high outcome
p is low, User has a high outcome
→
16
Conclusion
- Modeling the RecDroid system as a game
- Interaction between the system and users
- Making the verification system more effective
- Environment knowledge + Game model as a tool
- More improvement : Dynamic Bayesian game
- Multi stage game
- Improving the and