Data Mining Practical Machine Learning Tools and Techniques

We will review some of the major results in random graphs and some of the more challenging open problems. We will cover algorithmic and structural questions. We will touch on newer models, including those related to the WWW.

Random graphs

Preface 1. Decision-Theoretic Foundations 1.1 Game Theory, Rationality, and Intelligence 1.2 Basic Concepts of Decision Theory 1.3 Axioms 1.4 The Expected-Utility Maximization Theorem 1.5 Equivalent Representations 1.6 Bayesian Conditional-Probability Systems 1.7 Limitations of the Bayesian Model 1.8 Domination 1.9 Proofs of the Domination Theorems Exercises 2. Basic Models 2.1 Games in Extensive Form 2.2 Strategic Form and the Normal Representation 2.3 Equivalence of Strategic-Form Games 2.4 Reduced Normal Representations 2.5 Elimination of Dominated Strategies 2.6 Multiagent Representations 2.7 Common Knowledge 2.8 Bayesian Games 2.9 Modeling Games with Incomplete Information Exercises 3. Equilibria of Strategic-Form Games 3.1 Domination and Ratonalizability 3.2 Nash Equilibrium 3.3 Computing Nash Equilibria 3.4 Significance of Nash Equilibria 3.5 The Focal-Point Effect 3.6 The Decision-Analytic Approach to Games 3.7 Evolution. Resistance. and Risk Dominance 3.8 Two-Person Zero-Sum Games 3.9 Bayesian Equilibria 3.10 Purification of Randomized Strategies in Equilibria 3.11 Auctions 3.12 Proof of Existence of Equilibrium 3.13 Infinite Strategy Sets Exercises 4. Sequential Equilibria of Extensive-Form Games 4.1 Mixed Strategies and Behavioral Strategies 4.2 Equilibria in Behavioral Strategies 4.3 Sequential Rationality at Information States with Positive Probability 4.4 Consistent Beliefs and Sequential Rationality at All Information States 4.5 Computing Sequential Equilibria 4.6 Subgame-Perfect Equilibria 4.7 Games with Perfect Information 4.8 Adding Chance Events with Small Probability 4.9 Forward Induction 4.10 Voting and Binary Agendas 4.11 Technical Proofs Exercises 5. Refinements of Equilibrium in Strategic Form 5.1 Introduction 5.2 Perfect Equilibria 5.3 Existence of Perfect and Sequential Equilibria 5.4 Proper Equilibria 5.5 Persistent Equilibria 5.6 Stable Sets 01 Equilibria 5.7 Generic Properties 5.8 Conclusions Exercises 6. Games with Communication 6.1 Contracts and Correlated Strategies 6.2 Correlated Equilibria 6.3 Bayesian Games with Communication 6.4 Bayesian Collective-Choice Problems and Bayesian Bargaining Problems 6.5 Trading Problems with Linear Utility 6.6 General Participation Constraints for Bayesian Games with Contracts 6.7 Sender-Receiver Games 6.8 Acceptable and Predominant Correlated Equilibria 6.9 Communication in Extensive-Form and Multistage Games Exercises Bibliographic Note 7. Repeated Games 7.1 The Repeated Prisoners Dilemma 7.2 A General Model of Repeated Garnet 7.3 Stationary Equilibria of Repeated Games with Complete State Information and Discounting 7.4 Repeated Games with Standard Information: Examples 7.5 General Feasibility Theorems for Standard Repeated Games 7.6 Finitely Repeated Games and the Role of Initial Doubt 7.7 Imperfect Observability of Moves 7.8 Repeated Wines in Large Decentralized Groups 7.9 Repeated Games with Incomplete Information 7.10 Continuous Time 7.11 Evolutionary Simulation of Repeated Games Exercises 8. Bargaining and Cooperation in Two-Person Games 8.1 Noncooperative Foundations of Cooperative Game Theory 8.2 Two-Person Bargaining Problems and the Nash Bargaining Solution 8.3 Interpersonal Comparisons of Weighted Utility 8.4 Transferable Utility 8.5 Rational Threats 8.6 Other Bargaining Solutions 8.7 An Alternating-Offer Bargaining Game 8.8 An Alternating-Offer Game with Incomplete Information 8.9 A Discrete Alternating-Offer Game 8.10 Renegotiation Exercises 9. Coalitions in Cooperative Games 9.1 Introduction to Coalitional Analysis 9.2 Characteristic Functions with Transferable Utility 9.3 The Core 9.4 The Shapkey Value 9.5 Values with Cooperation Structures 9.6 Other Solution Concepts 9.7 Colational Games with Nontransferable Utility 9.8 Cores without Transferable Utility 9.9 Values without Transferable Utility Exercises Bibliographic Note 10. Cooperation under Uncertainty 10.1 Introduction 10.2 Concepts of Efficiency 10.3 An Example 10.4 Ex Post Inefficiency and Subsequent Oilers 10.5 Computing Incentive-Efficient Mechanisms 10.6 Inscrutability and Durability 10.7 Mechanism Selection by an Informed Principal 10.8 Neutral Bargaining Solutions 10.9 Dynamic Matching Processes with Incomplete Information Exercises Bibliography Index

博弈论 : 矛盾冲突分析 = Game theory : analysis of conflict

Praise for the Third Edition: "This is one of the best books available. Its excellent organizational structure allows quick reference to specific models and its clear presentation . . . solidifies the understanding of the concepts being presented."IIE Transactions on Operations EngineeringThoroughly revised and expanded to reflect the latest developments in the field, Fundamentals of Queueing Theory, Fourth Edition continues to present the basic statistical principles that are necessary to analyze the probabilistic nature of queues. Rather than presenting a narrow focus on the subject, this update illustrates the wide-reaching, fundamental concepts in queueing theory and its applications to diverse areas such as computer science, engineering, business, and operations research.This update takes a numerical approach to understanding and making probable estimations relating to queues, with a comprehensive outline of simple and more advanced queueing models. Newly featured topics of the Fourth Edition include:Retrial queuesApproximations for queueing networksNumerical inversion of transformsDetermining the appropriate number of servers to balance quality and cost of serviceEach chapter provides a self-contained presentation of key concepts and formulae, allowing readers to work with each section independently, while a summary table at the end of the book outlines the types of queues that have been discussed and their results. In addition, two new appendices have been added, discussing transforms and generating functions as well as the fundamentals of differential and difference equations. New examples are now included along with problems that incorporate QtsPlus software, which is freely available via the book's related Web site.With its accessible style and wealth of real-world examples, Fundamentals of Queueing Theory, Fourth Edition is an ideal book for courses on queueing theory at the upper-undergraduate and graduate levels. It is also a valuable resource for researchers and practitioners who analyze congestion in the fields of telecommunications, transportation, aviation, and management science.

Fundamentals of Queueing Theory

A systematic literature review of blockchain-based applications: Current status, classification and open issues

In this paper, we present the use of a category theory based approach to cyber threat information sharing. This choice is motivated by the fact that category theory allows an abstraction that can be used when one has to deal with diverse systems and it is also useful in describing an existing structure like STIX (Structured Threat Information eXpression). STIX will be described, a brief review of category theory as well as its use in data migration is given, the Functorial Query Language (FQL) is introduced and is used to implement the STIX schema. Finally the concept of olog is presented as knowledge representation.

Cyber Threat Information sharing: A category-theoretic approach

Trusting a cloud infrastructure is a hard problem, which urgently needs effective solutions. There are increasing demands for switching to the cloud in the sectors of financial, healthcare, or government etc., where data security protections are among the highest priorities. But most of them are left unsatisfied, due to the current cloud infrastructures' lack of provable trustworthiness. Trusted Computing (TC) technologies implement effective mechanisms for attesting to the genuine behaviors of a software platform. Integrating TC with cloud infrastructure shows a promising method for verifying the cloud's behaviors, which may in turn facilitate provable trustworthiness. However, the side effect of TC also brings concerns: exhibiting genuine behaviors might attract targeted attacks. Consequently, current Trusted Cloud proposals only integrate limited TC capabilities, which hampers the effective and practical trust establishment. In this paper, we aim to justify the benefits of a fully Open-Implementation cloud infrastructure, which means that the cloud's implementation and configuration details can be inspected by both the legitimate and malicious cloud users. We applied game theoretic analysis to discover the new dynamics formed between the Cloud Service Provider (CSP) and cloud users, when the Open-Implementation strategy is introduced. We conclude that, even though Open-Implementation cloud may facilitate attacks, vulnerabilities or misconfiguration are easier to discover, which in turn reduces the total security threats. Also, cyber threat monitoring and sharing are made easier in an Open-Implementation cloud. More importantly, the cloud's provable trustworthiness will attract more legitimate users, which increases CSP's revenue and helps lowering the price. This eventually creates a virtuous cycle, which will benefit both the CSP and legitimate users.

On the feasibility of an open-implementation cloud infrastructure: a game theoretic analysis

Cyber deception is an approach where the network administrators can deploy a network of decoy assets with the aim to expend adversaries’ resources and time and gather information about the adversaries’ strategies, tactics, capabilities, and intent. The key challenge in this cyber deception approach is the design and placement of network decoys to ensure maximal information uncertainty for the attackers. State-of-the-art approaches to address this design and placement problem assume a static environment and apriori strategies taken by the attacker. In this paper, we propose the design and placement of network decoys considering scenarios where defender’s action influence an attacker to change its strategies and tactics dynamically while maintaining the trade-off between availability and security. The defender maintains a belief consisting of security state and the resultant actions are modeled as Partially Observable Markov Decision Process (POMDP). Our simulation results illustrate the defender’s increasing ability to influence the attacker’s attack path to comprise of fake nodes and networks.

Online Cyber Deception System Using Partially Observable Monte-Carlo Planning Framework

With the increasing sophistication of attacks on cyber-physical systems, deception has emerged as an effective tool to improve system security and safety by obfuscating the attacker's perception. In this paper, we present a solution to the deceptive game in which a control agent is to satisfy a Boolean objective specified by a co-safe temporal logic formula in the presence of an adversary. The agent intentionally introduces asymmetric information to create payoff misperception, which manifests as the misperception of the labeling function in the game model. Thus, the adversary is unable to accurately determine which logical formula is satisfied by a given outcome of the game. We introduce a model called hypergame on graph to capture the asymmetrical information with one-sided payoff misperception. Based on this model, we present the solution of such a hypergame and use the solution to synthesize stealthy deceptive strategies. Specifically, deceptive sure winning and deceptive almost-sure winning strategies are developed by reducing the hypergame to a two-player game and one-player stochastic game with reachability objectives. A running example is introduced to demonstrate the game model and the solution concept used for strategy synthesis.

Deceptive Labeling: Hypergames on Graphs for Stealthy Deception

Botnets are widely considered one of the most dangerous threats on the internet due to their modular and adaptive nature which makes them difficult to defend against. In contrast to previous generations of malicious codes, botnets have a command and control (C2) infrastucture which allows them to be remotely controlled by their masters. A command and control infrastructure based on Internet Relay Chat protocol (IRC-based C2) is one of the most popular C2) infrastructures botnet creators use to deploy their botnets’ malwares (IRC botnets). In this paper, we propose a novel approach to detect and eliminate IRC botnets. Our approach consists of inserting a reconfigurable hardware isolation layer between the network link and the target. Our reconfigurable hardware is an FPGA System-on-Chip (FPGA SoC) that uses both anomaly-based detection and signature-based detection approaches to identify IRC botnets. Since, unlike other viruses, to be able to freely communicate with their masters, botnets’ primary objective is to disable any protection mechanism (firewalls, antivirus applications) found on the target machine; our hardware-based isolation infrastructure presents an improvement over existing software-based solutions.We evaluated our architecture codenamed BotPGA using real-world IRC botnets’ non-encrypted network traces. The results show that BotPGA can detect real-world non-encrypted malicious IRC traffic and botnets with high accuracy.

Charles A. Kamhoua

Papers

Cyber Threat Information sharing: A category-theoretic approach

On the feasibility of an open-implementation cloud infrastructure: a game theoretic analysis

Online Cyber Deception System Using Partially Observable Monte-Carlo Planning Framework

Deceptive Labeling: Hypergames on Graphs for Stealthy Deception

Hardware isolation technique for IRC-based botnets detection