An attack-defense game on interdependent networks

This paper analyzes the optimal strategies for an attacker and a defender in an attack-defense game on a network consisting of interdependent subnetworks. The defender moves first and allocates its resource to protect the network nodes. The attacker then moves and allocates its resources to attack the network nodes. The binary decision diagram is employed to obtain all potential states of the network system after attack. Considering each of its opponent’s strategies, the game player tries to maximize its own cumulative prospect value. The backward induction method is employed to obtain the game players’ optimal strategies, respectively. Different resource relationships are analyzed to testify the robustness of the main conclusions and players’ risk attitudes are also investigated. Numerical examples are used to illustrate the analysis

Optimal defence-attack strategies between one defender and two attackers

This paper analyses the optimal strategies for one defender and two attackers in a defence-attack game, where a) the defender allocates its resource into defending against and attacking the two attackers, and b) the two attackers, after observing the action of the defender, allocate their resources into attacking and defending against the defender, on either a cooperative or non-cooperative basis. On a cooperative basis, for each of the defender’s given strategies, the two attackers work together to maximise the sum of their cumulative prospect values while anticipating the eight possible game outcomes. On a non-cooperative basis, for each of the defender’s given strategies, each attacker simultaneously yet independently tries to maximise their own cumulative prospect value. In both cases, the defender maximises its cumulative prospect value while anticipating the attackers’ actions. Backward induction is employed to obtain the optimal defence and attack strategies for all scenarios. Numerical examples are performed to illustrate the applications of the strategies. In general, we find two opposing effects considering the attackers’ strategies and analyse the alteration of strategies for the participants under two different risk preferences: risk-averse and risk seeking. The reasons for the alteration are also performed to illustrate the practical applications

Approaches to the Security Analysis of Power Systems: Defence Strategies Against Malicious Threats

This report is intended to provide a conceptual framework for assessing the security risk to power systems assets and operations related to malicious attacks. The problem is analysed with reference to all the actors involved and the possible targets. The specific nature of the malicious attacks is discussed and representations in terms of strategic interaction are proposed. Models based on Game Theory and Multi Agent Systems techniques specifically developed for the representation of malicious attacks against power systems are presented and illustrated with reference to applications to small-scale test systems.JRC.G.6-Sensors, radar technologies and cybersecurit

Risk-attitude-based defense strategy considering proactive strike, preventive strike and imperfect false targets

This paper analyzes the optimal strategies for the attacker and the defender in an attack–defense game, considering the risk attitudes of both parties. The defender moves first, allocating its limited resources to three different measures: launching a proactive strike or preventive strike, building false targets, and protecting its genuine object. It is assumed that (a) launching a proactive strike has limited effectiveness on its rival and does not expose the genuine object itself, (b) a false target might be correctly identified as false, and (c) launching a preventive strike consumes less resources than a proactive strike and might expose the genuine object. The attacker moves after observing the defender's movements, allocating its limited resources to three measures: protecting its own base from a proactive strike or preventive strike, building false bases, and attacking the defender's genuine object. For each of the defender's given strategies, the attacker chooses the attack strategy that maximizes its cumulative prospect value, which accounts for the players’ risk attitudes. Similarly, the defender maximizes its cumulative prospect value by anticipating that the attacker will always choose the strategy combination that maximizes its own cumulative prospect value. Backward induction is used to obtain the optimal defense, attack strategies, and their corresponding cumulative prospect values. Our results show that the introduction of risk attitudes leads the game to a lose-lose situation under some circumstances and benefits one party in other cases

APPROACHES TO VULNERABILITY ANALYSIS FOR DISCOVERING THE CRITICAL ROUTES IN ROADWAY NETWORKS

All modes of transportation are vulnerable to disruptions caused by natural disasters and/or man-made events (e.g., accidents), which may have temporary or permanent consequences. Identifying crucial links where failure could have significant effects is an important component of transportation network vulnerability assessments, and the risk of such occurrences cannot be underestimated. The ability to recognize critical segments in a transportation network is essential for designing resilient networks and improving traffic conditions in scenarios like link failures, which can result in partial or full capacity reductions in the system. This study proposes two approaches for identifying critical links for both single and multiple link disruptions. New hybrid link ranking measures are proposed, and their accuracy is compared with the existing traffic-based measures. These new ranking measures integrate aspects of traffic equilibrium and network topology. The numerical study revealed that three of the proposed measures generate valid findings while consuming much less computational power and time than full-scan analysis measures. To cover various disruption possibilities other than single link failure, an optimization model based on a game theory framework and a heuristic algorithm to solve the mathematical formulation is described in the second part of this research. The proposed methodology is able to identify critical sets of links under different disruption scenarios including major and minor interruptions, non-intelligent and intelligent attackers, and the effect of presenting defender. Results were evaluated with both full scan analysis techniques and hybrid ranking measures, and the comparison demonstrated that the proposed model and algorithm are reliable at identifying critical sets of links for random and specially targeted attacks based on the adversary\u27s link selection in both partial and complete link closure scenarios, while significantly reducing computational complexity. The findings indicate that identifying critical sets of links is highly dependent on the adversary\u27s inelegancy, the presence of defenders, and the disruption scenario. Furthermore, this research indicates that in disruptions of multiple links, there is a complex correlation between critical links and simply combining the most critical single links significantly underestimates the network\u27s vulnerability

Using product architecture to maximize environmental performance

None provided

GPS Anomaly Detection And Machine Learning Models For Precise Unmanned Aerial Systems

The rapid development and deployment of 5G/6G networks have brought numerous benefits such as faster speeds, enhanced capacity, improved reliability, lower latency, greater network efficiency, and enablement of new applications. Emerging applications of 5G impacting billions of devices and embedded electronics also pose cyber security vulnerabilities. This thesis focuses on the development of Global Positioning Systems (GPS) Based Anomaly Detection and corresponding algorithms for Unmanned Aerial Systems (UAS). Chapter 1 provides an overview of the thesis background and its objectives. Chapter 2 presents an overview of the 5G architectures, their advantages, and potential cyber threat types. Chapter 3 addresses the issue of GPS dropouts by taking the use case of the Dallas-Fort Worth (DFW) airport. By analyzing data from surveillance drones in the (DFW) area, its message frequency, and statistics on time differences between GPS messages were examined. Chapter 4 focuses on modeling and detecting false data injection (FDI) on GPS. Specifically, three scenarios, including Gaussian noise injection, data duplication, data manipulation are modeled. Further, multiple detection schemes that are Clustering-based and reinforcement learning techniques are deployed and detection accuracy were investigated. Chapter 5 shows the results of Chapters 3 and 4. Overall, this research provides a categorization and possible outlier detection to minimize the GPS interference for UAS enhancing the security and reliability of UAS operations

Locating and Protecting Facilities Subject to Random Disruptions and Attacks

Recent events such as the 2011 Tohoku earthquake and tsunami in Japan have revealed the vulnerability of networks such as supply chains to disruptive events. In particular, it has become apparent that the failure of a few elements of an infrastructure system can cause a system-wide disruption. Thus, it is important to learn more about which elements of infrastructure systems are most critical and how to protect an infrastructure system from the effects of a disruption. This dissertation seeks to enhance the understanding of how to design and protect networked infrastructure systems from disruptions by developing new mathematical models and solution techniques and using them to help decision-makers by discovering new decision-making insights. Several gaps exist in the body of knowledge concerning how to design and protect networks that are subject to disruptions. First, there is a lack of insights on how to make equitable decisions related to designing networks subject to disruptions. This is important in public-sector decision-making where it is important to generate solutions that are equitable across multiple stakeholders. Second, there is a lack of models that integrate system design and system protection decisions. These models are needed so that we can understand the benefit of integrating design and protection decisions. Finally, most of the literature makes several key assumptions: 1) protection of infrastructure elements is perfect, 2) an element is either fully protected or fully unprotected, and 3) after a disruption facilities are either completely operational or completely failed. While these may be reasonable assumptions in some contexts, there may exist contexts in which these assumptions are limiting. There are several difficulties with filling these gaps in the literature. This dissertation describes the discovery of mathematical formulations needed to fill these gaps as well as the identification of appropriate solution strategies

Responsive Contingency Planning for Supply Chain Disruption Risk Mitigation

Contingent sourcing from a backup resource is an effective risk mitigation strategy under major disruptions. The production volumes and speeds of the backup resource are important protection design considerations, as they affect recovery. The objective of this dissertation is to show that cost-effective protection of existing supply networks from major disruptions result from planning appropriate volume and response speeds of a backup production facility prior to the disruptive event by considering operational aspects such as congestion that may occur at facilities. Contingency strategy are more responsive and disruption recovery periods can be shortened through such prior planning. The dissertation focuses on disruption risk arising from intelligent or pre-meditated attacks on supply facilities. An intelligent attacker has the capability to create worst case loss depending on the protection strategy of a given network. Since the attacker seeks the maximum loss and the designer tries to identify the protection scheme which minimizes this maximum loss, there exists an interdependence between attack and protection decisions. Ignoring this characteristic leads to suboptimal mitigation solutions under such disruptions. We therefore develop a mathematical model which utilizes a game theoretic framework of attack and defense involving nested optimization problems. The model is used to decide optimal selection of backup production volume and the response speeds, the facilities to build such capability within the available budget. The reallocation of demands from a disrupted facility to an undisrupted facility in a contingency strategy leads to congestion of the undisrupted facility, which may result in longer lead times and reduced throughput during disruption periods, thereby limiting the effectiveness of a contingency strategy. In the second part of the dissertation, we therefore analyze congestion effects in responsive contingency planning. The congestion cost function is modeled and integrated into the mathematical model of responsive contingency planning developed in the first part of the dissertation. The main contribution of this dissertation is that a decision tool has been developed to plan protection of an existing supply networks considering backup sourcing through gradual capacity acquisition. The solution methodology involving recursive search tree has been implemented which allows exploring protection solutions under a given budget of protection and multiple combinations of response speeds and production capacities of a backup facility. The results and analysis demonstrate the value of planning for responsive contingency in supply chains subject to risks of major disruptions and provide insights to aid managerial decision making