530 research outputs found
Imitative Follower Deception in Stackelberg Games
Information uncertainty is one of the major challenges facing applications of
game theory. In the context of Stackelberg games, various approaches have been
proposed to deal with the leader's incomplete knowledge about the follower's
payoffs, typically by gathering information from the leader's interaction with
the follower. Unfortunately, these approaches rely crucially on the assumption
that the follower will not strategically exploit this information asymmetry,
i.e., the follower behaves truthfully during the interaction according to their
actual payoffs. As we show in this paper, the follower may have strong
incentives to deceitfully imitate the behavior of a different follower type
and, in doing this, benefit significantly from inducing the leader into
choosing a highly suboptimal strategy. This raises a fundamental question: how
to design a leader strategy in the presence of a deceitful follower? To answer
this question, we put forward a basic model of Stackelberg games with
(imitative) follower deception and show that the leader is indeed able to
reduce the loss due to follower deception with carefully designed policies. We
then provide a systematic study of the problem of computing the optimal leader
policy and draw a relatively complete picture of the complexity landscape;
essentially matching positive and negative complexity results are provided for
natural variants of the model. Our intractability results are in sharp contrast
to the situation with no deception, where the leader's optimal strategy can be
computed in polynomial time, and thus illustrate the intrinsic difficulty of
handling follower deception. Through simulations we also examine the benefit of
considering follower deception in randomly generated games
Stuck in Traffic (SiT) Attacks: A Framework for Identifying Stealthy Attacks that Cause Traffic Congestion
Recent advances in wireless technologies have enabled many new applications
in Intelligent Transportation Systems (ITS) such as collision avoidance,
cooperative driving, congestion avoidance, and traffic optimization. Due to the
vulnerable nature of wireless communication against interference and
intentional jamming, ITS face new challenges to ensure the reliability and the
safety of the overall system. In this paper, we expose a class of stealthy
attacks -- Stuck in Traffic (SiT) attacks -- that aim to cause congestion by
exploiting how drivers make decisions based on smart traffic signs. An attacker
mounting a SiT attack solves a Markov Decision Process problem to find
optimal/suboptimal attack policies in which he/she interferes with a
well-chosen subset of signals that are based on the state of the system. We
apply Approximate Policy Iteration (API) algorithms to derive potent attack
policies. We evaluate their performance on a number of systems and compare them
to other attack policies including random, myopic and DoS attack policies. The
generated policies, albeit suboptimal, are shown to significantly outperform
other attack policies as they maximize the expected cumulative reward from the
standpoint of the attacker
Moving Target Defense Using Live Migration of Docker Containers
abstract: Today the information technology systems have addresses, software stacks and other configuration remaining unchanged for a long period of time. This paves way for malicious attacks in the system from unknown vulnerabilities. The attacker can take advantage of this situation and plan their attacks with sufficient time. To protect our system from this threat, Moving Target Defense is required where the attack surface is dynamically changed, making it difficult to strike.
In this thesis, I incorporate live migration of Docker container using CRIU (checkpoint restore) for moving target defense. There are 460K Dockerized applications, a 3100% growth over 2 years[1]. Over 4 billion containers have been pulled so far from Docker hub. Docker is supported by a large and fast growing community of contributors and users. As an example, there are 125K Docker Meetup members worldwide. As we see industry adapting to Docker rapidly, a moving target defense solution involving containers is beneficial for being robust and fast. A proof of concept implementation is included for studying performance attributes of Docker migration.
The detection of attack is using a scenario involving definitions of normal events on servers. By defining system activities, and extracting syslog in centralized server, attack can be detected via extracting abnormal activates and this detection can be a trigger for the Docker migration.Dissertation/ThesisMasters Thesis Computer Science 201
- …