A Game-Theoretic Framework for Optimum Decision Fusion in the Presence of Byzantines

Optimum decision fusion in the presence of malicious nodes - often referred to as Byzantines - is hindered by the necessity of exactly knowing the statistical behavior of Byzantines. By focusing on a simple, yet widely studied, set-up in which a Fusion Center (FC) is asked to make a binary decision about a sequence of system states by relying on the possibly corrupted decisions provided by local nodes, we propose a game-theoretic framework which permits to exploit the superior performance provided by optimum decision fusion, while limiting the amount of a-priori knowledge required. We first derive the optimum decision strategy by assuming that the statistical behavior of the Byzantines is known. Then we relax such an assumption by casting the problem into a game-theoretic framework in which the FC tries to guess the behavior of the Byzantines, which, in turn, must fix their corruption strategy without knowing the guess made by the FC. We use numerical simulations to derive the equilibrium of the game, thus identifying the optimum behavior for both the FC and the Byzantines, and to evaluate the achievable performance at the equilibrium. We analyze several different setups, showing that in all cases the proposed solution permits to improve the accuracy of data fusion. We also show that, in some instances, it is preferable for the Byzantines to minimize the mutual information between the status of the observed system and the reports submitted to the FC, rather than always flipping the decision made by the local nodes as it is customarily assumed in previous works

Distributed Inference and Learning with Byzantine Data

We are living in an increasingly networked world with sensing networks of varying shapes and sizes: the network often comprises of several tiny devices (or nodes) communicating with each other via different topologies. To make the problem even more complicated, the nodes in the network can be unreliable due to a variety of reasons: noise, faults and attacks, thus, providing corrupted data. Although the area of statistical inference has been an active area of research in the past, distributed learning and inference in a networked setup with potentially unreliable components has only gained attention recently. The emergence of big and dirty data era demands new distributed learning and inference solutions to tackle the problem of inference with corrupted data. Distributed inference networks (DINs) consist of a group of networked entities which acquire observations regarding a phenomenon of interest (POI), collaborate with other entities in the network by sharing their inference via different topologies to make a global inference. The central goal of this thesis is to analyze the effect of corrupted (or falsified) data on the inference performance of DINs and design robust strategies to ensure reliable overall performance for several practical network architectures. Specifically, the inference (or learning) process can be that of detection or estimation or classification, and the topology of the system can be parallel, hierarchical or fully decentralized (peer to peer). Note that, the corrupted data model may seem similar to the scenario where local decisions are transmitted over a Binary Symmetric Channel (BSC) with a certain cross over probability, however, there are fundamental differences. Over the last three decades, research community has extensively studied the impact of transmission channels or faults on the distributed detection system and related problems due to its importance in several applications. However, corrupted (Byzantine) data models considered in this thesis, are philosophically different from the BSC or the faulty sensor cases. Byzantines are intentional and intelligent, therefore, they can optimize over the data corruption parameters. Thus, in contrast to channel aware detection, both the FC and the Byzantines can optimize their utility by choosing their actions based on the knowledge of their opponent’s behavior. Study of these practically motivated scenarios in the presence of Byzantines is of utmost importance, and is missing from the channel aware detection and fault tolerant detection literature. This thesis advances the distributed inference literature by providing fundamental limits of distributed inference with Byzantine data and provides optimal counter-measures (using the insights provided by these fundamental limits) from a network designer’s perspective. Note that, the analysis of problems related to strategical interaction between Byzantines and network designed is very challenging (NP-hard is many cases). However, we show that by utilizing the properties of the network architecture, efficient solutions can be obtained. Specifically, we found that several problems related to the design of optimal counter-measures in the inference context are, in fact, special cases of these NP-hard problems which can be solved in polynomial time. First, we consider the problem of distributed Bayesian detection in the presence of data falsification (or Byzantine) attacks in the parallel topology. Byzantines considered in this thesis are those nodes that are compromised and reprogrammed by an adversary to transmit false information to a centralized fusion center (FC) to degrade detection performance. We show that above a certain fraction of Byzantine attackers in the network, the detection scheme becomes completely incapable (or blind) of utilizing the sensor data for detection. When the fraction of Byzantines is not sufficient to blind the FC, we also provide closed form expressions for the optimal attacking strategies for the Byzantines that most degrade the detection performance. Optimal attacking strategies in certain cases have the minimax property and, therefore, the knowledge of these strategies has practical significance and can be used to implement a robust detector at the FC. In several practical situations, parallel topology cannot be implemented due to limiting factors, such as, the FC being outside the communication range of the nodes and limited energy budget of the nodes. In such scenarios, a multi-hop network is employed, where nodes are organized hierarchically into multiple levels (tree networks). Next, we study the problem of distributed inference in tree topologies in the presence of Byzantines under several practical scenarios. We analytically characterize the effect of Byzantines on the inference performance of the system. We also look at the possible counter-measures from the FC’s perspective to protect the network from these Byzantines. These counter-measures are of two kinds: Byzantine identification schemes and Byzantine tolerant schemes. Using learning based techniques, Byzantine identification schemes are designed that learn the identity of Byzantines in the network and use this information to improve system performance. For scenarios where this is not possible, Byzantine tolerant schemes, which use game theory and error-correcting codes, are developed that tolerate the effect of Byzantines while maintaining a reasonably good inference performance in the network. Going a step further, we also consider scenarios where a centralized FC is not available. In such scenarios, a solution is to employ detection approaches which are based on fully distributed consensus algorithms, where all of the nodes exchange information only with their neighbors. For such networks, we analytically characterize the negative effect of Byzantines on the steady-state and transient detection performance of conventional consensus-based detection schemes. To avoid performance deterioration, we propose a distributed weighted average consensus algorithm that is robust to Byzantine attacks. Next, we exploit the statistical distribution of the nodes’ data to devise techniques for mitigating the influence of data falsifying Byzantines on the distributed detection system. Since some parameters of the statistical distribution of the nodes’ data might not be known a priori, we propose learning based techniques to enable an adaptive design of the local fusion or update rules. The above considerations highlight the negative effect of the corrupted data on the inference performance. However, it is possible for a system designer to utilize the corrupted data for network’s benefit. Finally, we consider the problem of detecting a high dimensional signal based on compressed measurements with secrecy guarantees. We consider a scenario where the network operates in the presence of an eavesdropper who wants to discover the state of the nature being monitored by the system. To keep the data secret from the eavesdropper, we propose to use cooperating trustworthy nodes that assist the FC by injecting corrupted data in the system to deceive the eavesdropper. We also design the system by determining the optimal values of parameters which maximize the detection performance at the FC while ensuring perfect secrecy at the eavesdropper

The Trojan Horse in Your Head: Cognitive Threats and How to Counter Them

Vulnerabilities of the human mind caused by the way it is designed to process information have always been exploited in warfare, since the dawn of humanity. History is marked with frequent use of deceits and manipulations over the centuries, with examples ranging from the use of the Trojan Horse to Facebook’s user-profiling. While largely used over time, these tactics, that I call cognitive threats, have not been collectively examined. I hypothesize that they pose a security issue to which prevention strategies on different levels could be successfully applied. The research questions that this study asks are what the characteristics of these cognitive threats, and what specific techniques could be employed to counter them. To respond to them and to contribute to filling the gap in the literature, I describe four case studies that illustrate some of the most common types of cognitive threats in the 21st century - the case with Maria Butina, the case with Russian disinformation, the case with ISIS recruitment, and the case with Cambridge Analytica. Then I analyze them and suggest different approaches that are fit to respond to the contemporary political and psychological features of these cognitive threats. The findings from the study, the policy recommendations, and the additional measures I propose are grouped into six categories: creating alternatives, narrative change, official government statements, legislative measures, education, and awareness

Escaping from American intelligence : culture, ethnocentrism and the Anglosphere

The United States and its closest allies now spend over $100 billion a year on intelligence. Ten years after 9/11, the intelligence machine is certainly bigger - but not necessarily better. American intelligence continues to privilege old-fashioned strategic analysis for policy-makers and exhibits a technocratic approach to asymmetric security threats, epitomized by the accelerated use of drone strikes and data-mining. Distinguished commentators have focused on the panacea of top-down reform, while politicians and practitioners have created entire new agencies. However these prescriptions for change remain conceptually limited because of underlying Anglo-Saxon presumptions about what intelligence is. Although intelligence is a global business, when we talk about intelligence we tend to use a vocabulary that is narrowly derived from the experiences of America and its English-speaking nebula. This article deploys the notion of strategic culture to explain this why this is. It then explores the cases of China and South Africa to suggest how we might begin to rethink our intelligence communities and their tasks. It argues that the road to success is about individuals, attitudes and cultures rather than organizations. Future improvement will depend on our ability to recognize the changing nature of the security environment and to practice the art of ‘intelligence among the people’. While the United States remains the world’s most significant military power, its strategic culture is unsuited to this new terrain and arguably other countries do these things rather better

Primary user emulation attack mitigation in cognitive radio networks.

M. Sc. Eng. University of KwaZulu-Natal, Durban 2014.The rapid progress in the number of users and applications in wireless communication have led to the problem of growing spectrum scarcity in recent years. This imminent spectrum scarcity problem is in part due to a rapidly increasing demand for wireless services and in part due to the inefficient usage of currently licensed spectrum bands. Cognitive radio (CR) is a new technology that is proposed to improve spectrum efficiency by allowing unlicensed secondary users to access the licensed frequency bands without interfering with the licensed primary users. A malicious secondary user can decide to exploit this spectrum access etiquette by mimicking the spectral characteristics of a primary user, and gain priority access to a wireless channel over other secondary users. This scenario is referred to in literature as Primary User Emulation Attack (PUEA). Though quite a lot of research efforts have been focused on the detection and defense strategy of PUEA in cognitive radio networks, less attention have been given to combating and mitigating PUEA in a cooperative spectrum sensing environment. This dissertation seeks to contribute to research in the field of cognitive radio networks through an investigation into the impacts of Primary User Emulation Attacks (PUEA) on cognitive radio networks, the problem of trust amongst users in the networks and also mitigating the activities of PUEA in the network. An analytical and system model for PUEA in cognitive radio networks is presented and its impacts are also studied using Neyman-Pearson Composite Hypothesis Test. The intention is to evict malicious users from the network and maximize spectrum utilization efficiency. To achieve this, techniques to verify that the source of spectrum occupancy information is from a genuine user are proposed. In a primary user emulation attack, malicious users tend to destruct the spectrum sensing process of a cognitive radio network by imitating the primary signal and deceive other secondary users from accessing vacant frequency bands. An energy detection cooperative spectrum sensing technique is proposed to mitigate this attack. This technique assists in the reduction of errors made by secondary users in detecting primary user signals in frequency bands considering the existence of PUEA in the network. The performance of our proposed method is compared to an existing energy detection spectrum sensing method that does not consider the existence of PUEA in the network. Simulated results show that the proposed method can effectively mitigate PUEA in a cognitive radio network

The future of Cybersecurity in Italy: Strategic focus area

This volume has been created as a continuation of the previous one, with the aim of outlining a set of focus areas and actions that the Italian Nation research community considers essential. The book touches many aspects of cyber security, ranging from the definition of the infrastructure and controls needed to organize cyberdefence to the actions and technologies to be developed to be better protected, from the identification of the main technologies to be defended to the proposal of a set of horizontal actions for training, awareness raising, and risk management