400 likes | 577 Views
Inoculation Strategies for Victims of Viruses and the Sum-of-Squares Partition Problem. Kevin Chang Joint work with James Aspnes and Aleksandr Yampolskiy (Yale University). Motivation Our Model Nash Strategies Optimum Strategies Sum-of-Squares Partition Problem Conclusion. Outline.
E N D
Inoculation Strategies for Victims of Viruses and the Sum-of-Squares Partition Problem Kevin Chang Joint work with James Aspnes and Aleksandr Yampolskiy (Yale University)
Motivation Our Model Nash Strategies Optimum Strategies Sum-of-Squares Partition Problem Conclusion Outline
Question: Will you install anti-virus software? Norton AntiVirus 2005 = $49.95 Value of your data = $350.00 Infection probability = 1/10 Expected loss = $35.00
Answer: Probably not. Norton AntiVirus 2005 = $49.95 Value of your data = $350.00 Infection probability = 1/10 Expected loss = $35.00
This selfish behavior… • …fails to achieve the social optimum.
What if instead… • …a benevolent dictator decided which computers install an anti-virus? Center node must install an anti-virus or else!
Outline • Motivation • Our Model • Nash Strategies • Optimum Strategies • Sum-of-Squares Partition Problem • Conclusion
Our Model • The network is an undirected graph G = (V,E). • Installing anti-virus software is a single round non-cooperative game. • The players are the network nodes: V = {0,1,…,n-1}.
Our Model : Strategies • Each node has two actions: do nothing or inoculate itself. • ai = probability that node i installs anti-virus software. Write the strategies of all n players as vector
Our Model : Attack Model • After the nodes choose their strategies, the adversary picks a starting point for infection uniformly at random • Node i gets infected if it has no anti-virus software installed and if any of its neighbors become infected.
Our Model : Attack Model (cont.) • Example: Only node 3 installs anti-virus software. Adversary chooses to infect node 2. 0 1 2 3 4 5
Our Model : Attack Graph Attack Graph: subgraph of G induced by removing nodes that install antivirus 0 1 0 1 2 3 2 3 4 5 4 5 network graph G attack graph Ga= G - Ia
Our Model : Individual Costs • Anti-virus software costs C. Loss from infection is L. • Cost of strategy to node i: • Here, pi( ) = Pr[i is infected | i does not install an anti-virus]
Our Model : Social Cost • Social cost of is simply a sum of individual costs:
Outline • Motivation • Our Model • Nash Strategies • Optimum Strategies • Sum-of-Squares Partition Problem • Conclusion
Nash Strategies: Quick definition • Def: Strategy profileis in Nash equilibrium if no node can improve its payoff by switching to a different strategy.
Nash Strategies: Some intuition • Some Intuition: Suppose ai=0, but node i expects that it will lie in component of size greater than t=Cn/L in attack graph. • Prob[i infected] = t/n. • Then its expected loss from infection is >L·(Cn/L)/n = C and it will switch to ai = 1.
Nash Strategies: Characterization Thm: There is a threshold t=Cn/L such that each node in a Nash equilibrium • will install an anti-virus if it would otherwise end up in a component of expected size > t in the attack graph. • will not install an anti-virus if it would end up in a component of expected size < t in the attack graph. • is indifferent between installing and not installing when the expected size = t in the attack graph.
Nash Strategies (cont.) • Example: Let C=0.5,L=1 so that t=Cn/L=2.5. Then is not a Nash equilibrium. 0 1 0 1 2 3 2 3 4 5 4 5 network graph G attack graph Ga= G - Ia
Nash Strategies (cont.) • Thm: It is NP-hard to compute a pure Nash equilibrium with lowest (resp., highest) cost. • Thm: There exists a pure Nash equilibrium, which can be achieved by a distributed, iterative process in 2n steps.
Price of Anarchy • Price of anarchy measures how far away a Nash equilibrium can be from the social optimum • Formally, it is the worst-case ratio between cost of Nash equilibrium and cost of social optimum • For network G and costs C, L, we denote it:
1 n-1 2 n-2 3 0 … G = K1,n A lower bound Consider a star graph K1,n. Let C=L(n-1)/n so that t=n-1.
1 n-1 2 n-2 3 0 … G = K1,n Price of Anarchy (cont.) Then, is an optimum strategy with cost C+L(n-1)/n. 1 n-1 2 n-2 3 0 … Ga*
1 n-1 2 n-2 3 0 … G = K1,n Price of Anarchy (cont.) And is worst-cost Nash with cost C+L(n-1)2/n. 1 n-1 2 n-2 3 0 … Ga*
Price of Anarchy (cont.) { Lower Bound: For a star graph K1,n, (G, C, L) = n/2. Upper Bound: For any graph G and any C, L, (G, C, L)≤ n. Thm: Price of anarchy in our game is (G, C, L) = (n).
Outline • Motivation • Our Model • Nash Strategies • Optimum Strategies • Sum-of-Squares Partition Problem • Conclusion
Optimum Strategies • So, allowingusers toselfishly choose whether or not to install anti-virus software may be very inefficient • Instead, let’s have a benevolent dictatorcomputeand impose asolution maximizing overall welfare
Optimum Strategies (cont.) • Unfortunately, Thm: It is NP-hard to compute an optimum strategy. • Fortunately, Thm: a strategy with cost at most O(log2 n) OPT can be computed in polytime.
Outline • Motivation • Our Model • Nash Strategies • Optimum Strategies • Sum-of-Squares Partition Problem • Conclusion
Sum-of-Squares Partition • We can reduce the network security problem to the following. • Problem: By removing a set of at most m nodes, partition the graph into mutually disconnected components {Hi}, such that i |Hi|2 is minimum.
Sum-of-Squares Partition (cont.) Thm: We can find a set of O(log2 n)m nodes whose removal partitions the graph into components {Hi} such that i |Hi|2 = O(1)OPT. Proof sketch: The approach is similar to greedy log n approximation algorithm for set cover. We recursively partition the graph by repeatedly removing the node cut that gives the best “per-node benefit.”
Sum-of-squares partition (cont.) • Suppose we remove node set R to cut a graph H into components Hi and Hj. • cost effectiveness of cut R is: (|H|2-|Hi|2- |Hj|2)/|R| • Lemma: Leighton-Rao algorithm for node cuts will find a cut with cost effectiveness within O(log n) of best cost effectiveness. O(log0.5 n) algorithms do not extend to directed cuts, and thus cannot be used for node cuts.
Rough Outline of Algorithm • In first iteration, partition the graph G into H1,H2 by removing a sparse node cut. G
Rough Outline of Algorithm • In first iteration, partition the graph G into H1,H2 by removing a sparse node cut. H1 H2
Rough Outline of Algorithm • In subsequent iterations, cut the Hi for which we find the cut with the best cost effectiveness. H1 H2
Rough Outline of Algorithm • Complete details can be found in full version: http://www.cs.yale.edu/~aspnes/inoculation-abstract.html H1 H2 H3
Outline • Motivation • Our Model • Nash Strategies • Optimum Strategies • Sum-of-Squares Partition Problem • Conclusion
Conclusion • We proposed a simple game for modeling containment of viruses in a network. • Nash equilibria of our game have a simple characterization. • We showed that, in the worst case, they can be far off from the optimum solution. • However, a near-optimum deployment of anti-virus software can be computed by reduction to the sum-of-squares partition problem.
Open Problems • Introduce a discount (or taxation) mechanism into the system. • Consider a “smart” adversary who targets the biggest component in the attack graph. • Is there an approximation algorithm for the sum-of-squares partition problem that removes fewer nodes or has a better approximation ratio?