Keywords:
Computer System Security, Multi-agent System, Machine Learning

Abstract:
The requirements for security, cost, performance and functionality usually conflict with one another in an open computing environment. On one hand, excessive security control may increase the cost, reduce the performance and restrict the functionality of a system so as to impair its usability. On the other hand, inadequate security measures may expose system to attackers thus bringing losses to users. Therefore, it is highly desirable that a system can tailor its security measures according to the potential threats to which it is exposed. Unfortunately, this is hard to achieve due to the uncertainty about such threats in a dynamic environment in which the system runs.

To solve this problem, we propose a novel framework in which computer systems are modeled as multi-agent systems (MAS) from the viewpoint of security. Within this framework, Bayesian belief update process is carried out to help agents to learn properties of the possible threats from the service requestors (users). Then, they can autonomously select proper security strategies according to such belief and knowledge about potential vulnerabilities. Through the interaction with the environment, the general situation of threats from the environment can also be learnt by accumulating the beliefs towards the individual service requestors. This enables the MAS to adapt its configuration to maximize the expected payoff in the long run. To further explore the hypothesis that multi-agent learning is beneficial to the security management of a computing system, an empirical experimental study is carried and initial results are presented.