Dynamic Resilient Network Games with Applications to Multi-Agent Consensus

A cyber security problem in a networked system formulated as a resilient graph problem based on a game-theoretic approach is considered. The connectivity of the underlying graph of the network system is reduced by an attacker who removes some of the edges whereas the defender attempts to recover them. Both players are subject to energy constraints so that their actions are restricted and cannot be performed continuously. For this two-stage game, which is played repeatedly over time, we characterize the optimal strategies for the attacker and the defender in terms of edge connectivity and the number of connected components of the graph. The resilient graph game is then applied to a multi-agent consensus problem. We study how the attacks and the recovery on the edges affect the consensus process. Finally, we also provide numerical simulation to illustrate the results.Comment: 12 pages, 13 figure

Game Theory Meets Network Security and Privacy

This survey provides a structured and comprehensive overview of the research contributions that analyze and solve security and privacy problems in computer networks by game-theoretic approaches. A selected set of works are presented to highlight the application of game theory in order to address different forms of security and privacy problems in computer networks and mobile applications. The presented works are classified into six main categories based on their topics: security of the physical and MAC layers, application layer security in mobile networks, intrusion detection systems, anonymity and privacy, economics of network security, and cryptography. In each category, security problems, players, and game models are identified and the main results of selected works, such as equilibrium analysis and security mechanism designs are summarized. In addition, a discussion on advantages, drawbacks, and the future direction of using game theory in this field is provided. In this survey, we aim to provide a better understanding of the different research approaches for applying game theory to network security. This survey can also help researchers from various fields develop game-theoretic solutions to current and emerging security problems in computer networking

Dynamic Quantized Consensus of General Linear Multi-agent Systems under Denial-of-Service Attacks

In this paper, we study multi-agent consensus problems under Denial-of-Service (DoS) attacks with data rate constraints. We first consider the leaderless consensus problem and after that we briefly present the analysis of leader-follower consensus. The dynamics of the agents take general forms modeled as homogeneous linear time-invariant systems. In our analysis, we derive lower bounds on the data rate for the multi-agent systems to achieve leaderless and leader-follower consensus in the presence of DoS attacks, under which the issue of overflow of quantizer is prevented. The main contribution of the paper is the characterization of the trade-off between the tolerable DoS attack levels for leaderless and leader-follower consensus and the required data rates for the quantizers during the communication attempts among the agents. To mitigate the influence of DoS attacks, we employ dynamic quantization with zooming-in and zooming-out capabilities for avoiding quantizer saturation

Data-centric trust in ephemeral networks

New network types require new security concepts. Surprisingly, trust – the ultimate goal of security – has not evolved as much as other concepts. In particular, the traditional notion of building trust in entities seems inadequate in an ephemeral environment where contacts among nodes are often short-lived and non-recurrent. It is actually the trustworthiness of the data that entities generate that matters most in these ephemeral networks. And what makes things more interesting is the continuous "humanization" of devices, by making them reflect more closely their owners' preferences, including the human sense of costs. Hence, in this thesis we study the notion of data-centric trust in an ephemeral network of rational nodes. The definition of a new notion requires specifying the corresponding basis, measures, and raison d'être. In the following chapters, we address these issues. We begin by defining the system and security models of an example ephemeral network, namely a vehicular network. Next, we delve into the subject of revocation in vehicular networks, before creating and analyzing a game-theoretic model of revocation, where the notion of cost-aware devices makes its first appearance in this thesis. This model not only makes possible the comparison of different revocation mechanisms in the literature, but also leads to the design of an optimal solution, the RevoGame protocol. With the security architecture in place, we formally define data-centric trust and compare several mechanisms for evaluating it. Notably, we apply the Dempster-Shafer Theory to cases of high uncertainty. Last but not least, we show that data-centric trust can reduce the privacy loss resulting from the need to establish trust. We first create a model of the trust-privacy tradeoff and then analyze it with game theory, in an environment of privacy-preserving entities. Our analysis shows that proper incentives can achieve this elusive tradeoff

Heterogeneous Multi-Layer Adversarial Network Design for the IoT-Enabled Infrastructures

International audienceThe emerging Internet of Things (IoT) applications that leverage ubiquitous connectivity and big data are facilitating the realization of smart everything initiatives. IoT-enabled infras-tructures can be naturally divided into two layers including the existing infrastructure layer and the underlaid device network. The connectivity between different components in the infrastructure networks plays an important role in delivering real-time information and ensuring a high-level situational awareness. However, IoT-enabled infrastructures face cyber threats due to the wireless nature of communications. Therefore, maintaining the network connectivity in the presence of adversaries is a critical task for the infrastructure network operators. In this paper, we establish a three-player three-stage game-theoretic framework including two network operators and one attacker to capture the secure design of multi-layer infrastructure networks by allocating limited resources. We use subgame perfect Nash equilibrium (SPE) to characterize the strategies of players with sequential moves. In addition, we assess the efficiency of the equilibrium network by comparing with its team optimal solution counterparts in which two network operators can coordinate to design a secure network. We further design a scalable algorithm to construct the equilibrium secure IoT-enabled infrastructure networks. Finally, we use case studies on Internet of Battlefield Things (IoBT) to corroborate the obtained results

Generalized asset integrity games

Generalized assets represent a class of multi-scale adaptive state-transition systems with domain-oblivious performance criteria. The governance of such assets must proceed without exact specifications, objectives, or constraints. Decision making must rapidly scale in the presence of uncertainty, complexity, and intelligent adversaries. This thesis formulates an architecture for generalized asset planning. Assets are modelled as dynamical graph structures which admit topological performance indicators, such as dependability, resilience, and efficiency. These metrics are used to construct robust model configurations. A normalized compression distance (NCD) is computed between a given active/live asset model and a reference configuration to produce an integrity score. The utility derived from the asset is monotonically proportional to this integrity score, which represents the proximity to ideal conditions. The present work considers the situation between an asset manager and an intelligent adversary, who act within a stochastic environment to control the integrity state of the asset. A generalized asset integrity game engine (GAIGE) is developed, which implements anytime algorithms to solve a stochastically perturbed two-player zero-sum game. The resulting planning strategies seek to stabilize deviations from minimax trajectories of the integrity score. Results demonstrate the performance and scalability of the GAIGE. This approach represents a first-step towards domain-oblivious architectures for complex asset governance and anytime planning