A Game Theoretic Software Test-bed for Cyber Security Analysis of Critical Infrastructure

National critical infrastructures are vital to the functioning of modern societies and economies. The dependence on these infrastructures is so succinct that their incapacitation or destruction has a debilitating and cascading effect on national security. Critical infrastructure sectors ranging from financial services to power and transportation to communications and health care, all depend on massive information communication technology networks. Cyberspace is composed of numerous interconnected computers, servers and databases that hold critical data and allow critical infrastructures to function. Securing critical data in a cyberspace that holds against growing and evolving cyber threats is an important focus area for most countries across the world. A novel approach is proposed to assess the vulnerabilities of own networks against adversarial attackers, where the adversary’s perception of strengths and vulnerabilities are modelled using game theoretic techniques. The proposed game theoretic framework models the uncertainties of information with the players (attackers and defenders) in terms of their information sets and their behaviour is modelled and assessed using a probability and belief function framework. The attack-defence scenarios are exercised on a virtual cyber warfare test-bed to assess and evaluate vulnerability of cyber systems. Optimal strategies for attack and defence are computed for the players which are validated using simulation experiments on the cyber war-games testbed, the results of which are used for security analyses

Protection optimale des réseaux logistiques contre des attaques

L’évolution des réseaux logistiques s'accompagne du risque inquiétant d'attaques intentionnelles et ils deviennent de plus en plus des cibles potentielles. Il est donc essentiel de les protéger contre ces attaques. Cette thèse développe une méthode d’allocation optimale des ressources de défense des entités de réseaux logistiques contre des attaques intentionnelles, dans le contexte de l’optimisation de la localisation des installations. Cette méthode permet de calculer les dégâts, d’évaluer la valeur d'une cible critique et de répartir de façon optimale des ressources limitées de défense, et ce, en tenant compte de la stratégie de l’attaquant. Trois cas de réseaux logistiques sont étudiés dans cette thèse. Nous considérons tout d’abord le contexte de localisation d’installations à capacité illimitée où une stratégie de protection optimale est sélectionnée. Ensuite, la notion de capacité supplémentaire est utilisée comme moyen de protection indirecte, permettant de réduire le dommage encouru. Enfin, comme l'efficacité d’un réseau logistique est largement déterminée par le bon fonctionnement des entrepôts, ces derniers sont également protégés de la même façon que les usines. Alors que l’objectif du défendeur est de minimiser les dégâts, l’attaquant va chercher à maximiser ces dégâts. Dans les trois cas considérés, le problème sera défini comme un jeu non coopératif min-max à deux périodes dans lequel le défendeur joue en premier. Cela signifie que le défendeur choisit une stratégie à la première période qui minimise le dégât maximal que l’attaquant pourrait causer à la seconde période. Dans le but d’estimer les utilités des joueurs, la méthode proposée évalue l’espérance mathématique de plusieurs coûts : le coût nécessaire à la restauration des installations endommagées, les coûts encourus en raison de l'augmentation possible des coûts de transport suite à des attaques, et le coût dû à une rupture de stock. Un algorithme est développé afin de déterminer la solution d'équilibre et la stratégie de défense optimale. Dans chacun des cas étudiés, notre méthode est comparée à d'autres stratégies. Les résultats obtenus montrent clairement l’efficacité de notre modèle et l’apport de la capacité supplémentaire comme moyen de protection indirecte, ainsi que l’importance de protéger les entrepôts.The evolution of logistic networks is accompanied by the worrisome risk of intentional attacks and these networks increasingly become potential targets. It is essential to protect them against these attacks. This thesis develops a method for the optimal allocation of defensive resources among the entities’ logistic networks to protect against intentional attacks in the context of facility location optimization. This method is developed to calculate the expected damage, evaluate the value of a critical target and optimally distribute the limited defensive resources, taking the attacker’s strategy into account. Three cases of logistics networks are studied in this thesis. We first of all consider the context of the uncapacitated fixed-charge location where a strategy of optimal protection is selected. Then, extra-capacity is used as a means for indirect protection, allowing the reduction of the expected damage. Lastly, as the efficiency and effectiveness in any logistics network is largely determined by the correct operation of the warehouses, the latter are also protected in the same way as the plants. Whereas the defender’s objective is to minimize the damage, the attacker seeks to maximize this damage. In the three cases considered the problem formulation as a two-period game where the defender invests in the first period. This means that the defender selects a strategy in the first period that minimizes the maximum loss the attacker may cause in the second period. A method is developed to evaluate the utilities of the players. This method evaluates many expected costs, including the cost needed to restore disabled facilities, the backorder cost, and the cost incurred because of the change in transportation costs after attacks. An algorithm is developed to find the equilibrium solution and the optimal defence strategy. Our method is compared to other suggested strategies. Obtained results clearly indicate the effectiveness of our model and the indirect protection by extra-capacity deployment, as well as the importance of protecting the warehouses

BAYESIAN KERNEL METHODS FOR THE RISK ANALYSIS AND RESILIENCE MODELING OF CRITICAL INFRASTRUCTURE SYSTEMS

The protection of critical infrastructures has recently garnered attention with an emphasis on analyzing the risk and improving the resilience of such systems. With the abundance of data, risk managers should be able to better inform preparedness and recovery decision making under uncertainty. It is important, however, to develop and utilize the necessary methodologies that bridge between data and decisions. The goal of this dissertation is to (i) predict the likelihood of risk, (ii) assess the consequences of a disruption, and (iii) inform preparedness and recovery decision making. This research presents a data-driven analysis of the risk and resilience of critical infrastructure systems. First, a new Bayesian kernel model is developed to predict the frequency of failures and a Beta Bayesian kernel model is deployed to model resilience-based importance measures. Bayesian kernel models were developed for Gaussian distributions and later extended to other continuous probability distributions. This research develops a Poisson Bayesian kernel model to accommodate count data. Second, interdependency models are integrated with decision analysis and resilience quantification techniques to assess the multi-industry economic impact of critical infrastructure resilience and inform preparedness and recovery decision making under uncertainty. Examples of critical infrastructure systems are inland waterways, which are critical elements in the nation’s civil infrastructure and the world’s supply chain. They allow for a cost-effective flow of approximately $150 billion worth of commodities annually across industries and geographic locations, which is why they are called “inland marine highways.” Aging components (i.e., locks and dams) combined with adverse weather conditions, affect the reliability and resilience of inland waterways. Frequent disruptions and lengthy recovery times threaten regional commodity flows, and more broadly, multiple industries that rely on those commodities. While policymakers understand the increasing need for inland waterway rehabilitation and preparedness investment, resources are limited and select projects are funded each year to improve only certain components of the network. As a result, a number of research questions arise. What is the impact of infrastructure systems disruptions, and how to predict them? What metrics should be used to identify critical components and determine the system’s resilience? What are the best risk management strategies in terms of preparedness investment and recovery prioritization? A Poisson Bayesian kernel model is developed and deployed to predict the frequency of locks and dams closures. Economic dynamic interdependency models along with stochastic inoperability multiobjective decision trees and resilience metrics are used to assess the broader impact of a disruption resulting in the closure of a port or a link of the river and impacting multiple interdependent industries. Stochastic resilience-based measures are analyzed to determine the critical waterway components, more specifically locks and dams, that contribute to the overall waterway system resilience. A data-driven case study illustrates these methods to describe commodity flows along the various components of the U.S. Mississippi River Navigation System and employs them to motivate preparedness and recovery strategies