7,976 research outputs found
A Diversity-based Substation Cyber Defense Strategy utilizing Coloring Games
Growing cybersecurity risks in the power grid require that utilities
implement a variety of security mechanism (SM) composed mostly of VPNs,
firewalls, or other custom security components. While they provide some
protection, they might contain software vulnerabilities which can lead to a
cyber-attack. In this paper, the severity of a cyber-attack has been decreased
by employing a diverse set of SM that reduce repetition of a single
vulnerability. This paper focuses on the allocation of diverse SM and tries to
increase the security of the cyber assets located within the electronic
security perimeter(ESP) of a substation. We have used a graph-based coloring
game in a distributed manner to allocate diverse SM for protecting the cyber
assets. The vulnerability assessment for power grid network is also analyzed
using this game theoretic method. An improved, diversified SMs for worst-case
scenario has been demonstrated by reaching the Nash equilibrium of graph
coloring game. As a case study, we analyze the IEEE-14 and IEEE-118 bus system,
observe the different distributed coloring algorithm for allocating diverse SM
and calculating the overall network criticality.Comment: 8 pages, 6 tables and 8 figure
The topology of covert conflict
Often an attacker tries to disconnect a network by destroying nodes or edges,
while the defender counters using various resilience mechanisms. Examples
include a music industry body attempting to close down a peer-to-peer
file-sharing network; medics attempting to halt the spread of an infectious
disease by selective vaccination; and a police agency trying to decapitate a
terrorist organisation. Albert, Jeong and Barabasi famously analysed the static
case, and showed that vertex-order attacks are effective against scale-free
networks. We extend this work to the dynamic case by developing a framework
based on evolutionary game theory to explore the interaction of attack and
defence strategies. We show, first, that naive defences don't work against
vertex-order attack; second, that defences based on simple redundancy don't
work much better, but that defences based on cliques work well; third, that
attacks based on centrality work better against clique defences than
vertex-order attacks do; and fourth, that defences based on complex strategies
such as delegation plus clique resist centrality attacks better than simple
clique defences. Our models thus build a bridge between network analysis and
evolutionary game theory, and provide a framework for analysing defence and
attack in networks where topology matters. They suggest definitions of
efficiency of attack and defence, and may even explain the evolution of
insurgent organisations from networks of cells to a more virtual leadership
that facilitates operations rather than directing them. Finally, we draw some
conclusions and present possible directions for future research.Comment: University of Cambridge Technical Repor
A Game-Theoretic Taxonomy and Survey of Defensive Deception for Cybersecurity and Privacy
Cyberattacks on both databases and critical infrastructure have threatened
public and private sectors. Ubiquitous tracking and wearable computing have
infringed upon privacy. Advocates and engineers have recently proposed using
defensive deception as a means to leverage the information asymmetry typically
enjoyed by attackers as a tool for defenders. The term deception, however, has
been employed broadly and with a variety of meanings. In this paper, we survey
24 articles from 2008-2018 that use game theory to model defensive deception
for cybersecurity and privacy. Then we propose a taxonomy that defines six
types of deception: perturbation, moving target defense, obfuscation, mixing,
honey-x, and attacker engagement. These types are delineated by their
information structures, agents, actions, and duration: precisely concepts
captured by game theory. Our aims are to rigorously define types of defensive
deception, to capture a snapshot of the state of the literature, to provide a
menu of models which can be used for applied research, and to identify
promising areas for future work. Our taxonomy provides a systematic foundation
for understanding different types of defensive deception commonly encountered
in cybersecurity and privacy.Comment: To Appear in ACM Cumputing Surveys (CSUR
On Game-Theoretic Risk Management (Part Three) - Modeling and Applications
The game-theoretic risk management framework put forth in the precursor
reports "Towards a Theory of Games with Payoffs that are
Probability-Distributions" (arXiv:1506.07368 [q-fin.EC]) and "Algorithms to
Compute Nash-Equilibria in Games with Distributions as Payoffs"
(arXiv:1511.08591v1 [q-fin.EC]) is herein concluded by discussing how to
integrate the previously developed theory into risk management processes. To
this end, we discuss how loss models (primarily but not exclusively
non-parametric) can be constructed from data. Furthermore, hints are given on
how a meaningful game theoretic model can be set up, and how it can be used in
various stages of the ISO 27000 risk management process. Examples related to
advanced persistent threats and social engineering are given. We conclude by a
discussion on the meaning and practical use of (mixed) Nash equilibria
equilibria for risk management
Facing Multiple Attacks in Adversarial Patrolling Games with Alarmed Targets
We focus on adversarial patrolling games on arbitrary graphs, where the
Defender can control a mobile resource, the targets are alarmed by an alarm
system, and the Attacker can observe the actions of the mobile resource of the
Defender and perform different attacks exploiting multiple resources. This
scenario can be modeled as a zero-sum extensive-form game in which each player
can play multiple times. The game tree is exponentially large both in the size
of the graph and in the number of attacking resources. We show that when the
number of the Attacker's resources is free, the problem of computing the
equilibrium path is NP-hard, while when the number of resources is fixed, the
equilibrium path can be computed in poly-time. We provide a dynamic-programming
algorithm that, given the number of the Attacker's resources, computes the
equilibrium path requiring poly-time in the size of the graph and exponential
time in the number of the resources. Furthermore, since in real-world scenarios
it is implausible that the Defender knows the number of attacking resources, we
study the robustness of the Defender's strategy when she makes a wrong guess
about that number. We show that even the error of just a single resource can
lead to an arbitrary inefficiency, when the inefficiency is defined as the
ratio of the Defender's utilities obtained with a wrong guess and a correct
guess. However, a more suitable definition of inefficiency is given by the
difference of the Defender's utilities: this way, we observe that the higher
the error in the estimation, the higher the loss for the Defender. Then, we
investigate the performance of online algorithms when no information about the
Attacker's resources is available. Finally, we resort to randomized online
algorithms showing that we can obtain a competitive factor that is twice better
than the one that can be achieved by any deterministic online algorithm
Optimal Secure Multi-Layer IoT Network Design
With the remarkable growth of the Internet and communication technologies
over the past few decades, Internet of Things (IoTs) is enabling the ubiquitous
connectivity of heterogeneous physical devices with software, sensors, and
actuators. IoT networks are naturally two-layer with the cloud and cellular
networks coexisting with the underlaid device-to-device (D2D) communications.
The connectivity of IoTs plays an important role in information dissemination
for mission-critical and civilian applications. However, IoT communication
networks are vulnerable to cyber attacks including the denial-of-service (DoS)
and jamming attacks, resulting in link removals in IoT network. In this work,
we develop a heterogeneous IoT network design framework in which a network
designer can add links to provide additional communication paths between two
nodes or secure links against attacks by investing resources. By anticipating
the strategic cyber attacks, we characterize the optimal design of secure IoT
network by first providing a lower bound on the number of links a secure
network requires for a given budget of protected links, and then developing a
method to construct networks that satisfy the heterogeneous network design
specifications. Therefore, each layer of the designed heterogeneous IoT network
is resistant to a predefined level of malicious attacks with minimum resources.
Finally, we provide case studies on the Internet of Battlefield Things (IoBT)
to corroborate and illustrate our obtained results.Comment: 12 pages, to appear in IEEE Transactions on Control of Network
System
Physically-interpretable classification of biological network dynamics for complex collective motions
Understanding biological network dynamics is a fundamental issue in various
scientific and engineering fields. Network theory is capable of revealing the
relationship between elements and their propagation; however, for complex
collective motions, the network properties often transiently and complexly
change. A fundamental question addressed here pertains to the classification of
collective motion network based on physically-interpretable dynamical
properties. Here we apply a data-driven spectral analysis called graph dynamic
mode decomposition, which obtains the dynamical properties for collective
motion classification. Using a ballgame as an example, we classified the
strategic collective motions in different global behaviours and discovered
that, in addition to the physical properties, the contextual node information
was critical for classification. Furthermore, we discovered the label-specific
stronger spectra in the relationship among the nearest agents, providing
physical and semantic interpretations. Our approach contributes to the
understanding of principles of biological complex network dynamics from the
perspective of nonlinear dynamical systems.Comment: 42 pages with 7 figures and 3 tables. The latest version is published
in Scientific Reports, 202
Time Critical Social Mobilization: The DARPA Network Challenge Winning Strategy
It is now commonplace to see the Web as a platform that can harness the
collective abilities of large numbers of people to accomplish tasks with
unprecedented speed, accuracy and scale. To push this idea to its limit, DARPA
launched its Network Challenge, which aimed to "explore the roles the Internet
and social networking play in the timely communication, wide-area
team-building, and urgent mobilization required to solve broad-scope,
time-critical problems." The challenge required teams to provide coordinates of
ten red weather balloons placed at different locations in the continental
United States. This large-scale mobilization required the ability to spread
information about the tasks widely and quickly, and to incentivize individuals
to act. We report on the winning team's strategy, which utilized a novel
recursive incentive mechanism to find all balloons in under nine hours. We
analyze the theoretical properties of the mechanism, and present data about its
performance in the challenge.Comment: 25 pages, 6 figure
Periodic Patrols on the Line and Other Networks
We consider a patrolling game on a graph recently introduced by Alpern et al.
(2011) where the Patroller wins if he is at the attacked node while the attack
is taking place. This paper studies the periodic patrolling game in the case
that the attack duration is two periods. We show that if the Patroller's period
is even, the game can be solved on any graph by finding the fractional covering
number and fractional independence number of the graph. We also give a complete
solution to the periodic patrolling game on line graphs of arbitrary size,
extending the work of Papadaki et al. (2016) to the periodic domain. This
models the patrolling problem on a border or channel, which is related to a
classical problem of operational research going back to Morse and Kimball
(1951). A periodic patrol is required to start and end at the same location,
for example the place where the Patroller leaves his car to begin a foot
patrol
BASCPS: How does behavioral decision making impact the security of cyber-physical systems?
We study the security of large-scale cyber-physical systems (CPS) consisting
of multiple interdependent subsystems, each managed by a different defender.
Defenders invest their security budgets with the goal of thwarting the spread
of cyber attacks to their critical assets. We model the security investment
decisions made by the defenders as a security game. While prior work has used
security games to analyze such scenarios, we propose behavioral security games,
in which defenders exhibit characteristics of human decision making that have
been identified in behavioral economics as representing typical human cognitive
biases. This is important as many of the critical security decisions in our
target class of systems are made by humans.
We provide empirical evidence for our behavioral model through a controlled
subject experiment. We then show that behavioral decision making leads to a
suboptimal pattern of resource allocation compared to non-behavioral decision
making. We illustrate the effects of behavioral decision making using two
representative real-world interdependent CPS. In particular, we identify the
effects of the defenders' security budget availability and distribution, the
degree of interdependency among defenders, and collaborative defense
strategies, on the degree of suboptimality of security outcomes due to
behavioral decision making. In this context, the adverse effects of behavioral
decision making are most severe with moderate defense budgets. Moreover, the
impact of behavioral suboptimal decision making is magnified as the degree of
the interdependency between subnetworks belonging to different defenders
increases. We also observe that selfish defense decisions together with
behavioral decisions significantly increase security risk.Comment: 32 page
- …