A Comprehensive Insight into Game Theory in relevance to Cyber Security

The progressively ubiquitous connectivity in the present information systems pose newer challenges tosecurity. The conventional security mechanisms have come a long way in securing the well-definedobjectives of confidentiality, integrity, authenticity and availability. Nevertheless, with the growth in thesystem complexities and attack sophistication, providing security via traditional means can beunaffordable. A novel theoretical perspective and an innovative approach are thus required forunderstanding security from decision-making and strategic viewpoint. One of the analytical tools whichmay assist the researchers in designing security protocols for computer networks is game theory. Thegame-theoretic concept finds extensive applications in security at different levels, including thecyberspace and is generally categorized under security games. It can be utilized as a robust mathematicaltool for modelling and analyzing contemporary security issues. Game theory offers a natural frameworkfor capturing the defensive as well as adversarial interactions between the defenders and the attackers.Furthermore, defenders can attain a deep understanding of the potential attack threats and the strategiesof attackers by equilibrium evaluation of the security games. In this paper, the concept of game theoryhas been presented, followed by game-theoretic applications in cybersecurity including cryptography.Different types of games, particularly those focused on securing the cyberspace, have been analysed andvaried game-theoretic methodologies including mechanism design theories have been outlined foroffering a modern foundation of the science of cybersecurity

Military and Security Applications: Cybersecurity (Encyclopedia of Optimization, Third Edition)

The domain of cybersecurity is growing as part of broader military and security applications, and the capabilities and processes in this realm have qualities and characteristics that warrant using solution methods in mathematical optimization. Problems of interest may involve continuous or discrete variables, a convex or non-convex decision space, differing levels of uncertainty, and constrained or unconstrained frameworks. Cyberattacks, for example, can be modeled using hierarchical threat structures and may involve decision strategies from both an organization or individual and the adversary. Network traffic flow, intrusion detection and prevention systems, interconnected human-machine interfaces, and automated systems – these all require higher levels of complexity in mathematical optimization modeling and analysis. Attributes such as cyber resiliency, network adaptability, security capability, and information technology flexibility – these require the measurement of multiple characteristics, many of which may involve both quantitative and qualitative interpretations. And for nearly every organization that is invested in some cybersecurity practice, decisions must be made that involve the competing objectives of cost, risk, and performance. As such, mathematical optimization has been widely used and accepted to model important and complex decision problems, providing analytical evidence for helping drive decision outcomes in cybersecurity applications. In the paragraphs that follow, this chapter highlights some of the recent mathematical optimization research in the body of knowledge applied to the cybersecurity space. The subsequent literature discussed fits within a broader cybersecurity domain taxonomy considering the categories of analyze, collect and operate, investigate, operate and maintain, oversee and govern, protect and defend, and securely provision. Further, the paragraphs are structured around generalized mathematical optimization categories to provide a lens to summarize the existing literature, including uncertainty (stochastic programming, robust optimization, etc.), discrete (integer programming, multiobjective, etc.), continuous-unconstrained (nonlinear least squares, etc.), continuous-constrained (global optimization, etc.), and continuous-constrained (nonlinear programming, network optimization, linear programming, etc.). At the conclusion of this chapter, research implications and extensions are offered to the reader that desires to pursue further mathematical optimization research for cybersecurity within a broader military and security applications context

Game Theory Meets Network Security: A Tutorial at ACM CCS

The increasingly pervasive connectivity of today's information systems brings up new challenges to security. Traditional security has accomplished a long way toward protecting well-defined goals such as confidentiality, integrity, availability, and authenticity. However, with the growing sophistication of the attacks and the complexity of the system, the protection using traditional methods could be cost-prohibitive. A new perspective and a new theoretical foundation are needed to understand security from a strategic and decision-making perspective. Game theory provides a natural framework to capture the adversarial and defensive interactions between an attacker and a defender. It provides a quantitative assessment of security, prediction of security outcomes, and a mechanism design tool that can enable security-by-design and reverse the attacker's advantage. This tutorial provides an overview of diverse methodologies from game theory that includes games of incomplete information, dynamic games, mechanism design theory to offer a modern theoretic underpinning of a science of cybersecurity. The tutorial will also discuss open problems and research challenges that the CCS community can address and contribute with an objective to build a multidisciplinary bridge between cybersecurity, economics, game and decision theory

Adaptive Cyber-Defense for Unmanned Aerial Vehicles: A Modular Simulation Model with Dynamic Performance Management

In light of escalating cyber threats, this study tackles the cybersecurity challenges in UAV systems, underscoring the limitations of static defense mechanisms. Traditional security approaches fall short against the sophisticated and evolving nature of cyber-attacks, particularly for UAVs that depend on real-time autonomy. Addressing this deficiency, we introduce an adaptive modular security system tailored for UAVs, enhancing resilience through real-time defensive adaptability. This system integrates scalable, modular components and employs machine learning techniques—specifically, neural networks and anomaly detection algorithm to improve threat prediction and response. Our approach marks a significant leap in UAV cybersecurity, departing from static defenses to a dynamic, context-aware strategy. By employing this system, UAV stakeholders gain the flexibility needed to counteract multifaceted cyber risks in diverse operational scenarios. The paper delves into the system's design and operational efficacy, juxtaposing it with conventional strategies. Experimental evaluations, using varied UAV scenarios, measure defense success rates, computational efficiency, and resource utilization. Findings reveal that our system surpasses traditional models in defense success and computational speed, albeit with a slight increase in resource usage a consideration for deployment in resource-constrained contexts. In closing, this research underscores the imperative for dynamic, adaptable cybersecurity solutions in UAV operations, presenting an innovative and proactive defense framework. It not only illustrates the immediate benefits of such adaptive systems but also paves the way for ongoing enhancements in UAV cyber defense mechanisms

Grammatical Evolution for Detecting Cyberattacks in Internet of Things Environments

The Internet of Things (IoT) is revolutionising nearly every aspect of modern life, playing an ever greater role in both industrial and domestic sectors. The increasing frequency of cyber-incidents is a consequence of the pervasiveness of IoT. Threats are becoming more sophisticated, with attackers using new attacks or modifying existing ones. Security teams must deal with a diverse and complex threat landscape that is constantly evolving. Traditional security solutions cannot protect such sys- tems adequately and so researchers have begun to use Machine Learning algorithms to discover effective defence systems. In this paper, we investigate how one approach from the domain of evolutionary computation - grammatical evolution - can be used to identify cyberattacks in IoT environments. The experiments were conducted on up-to-date datasets and compared with state- of-the-art algorithms. The potential application of evolutionary computation-based approaches to detect unknown attacks is also examined and discusse

A Traffic-Aware Approach for Enabling Unmanned Aerial Vehicles (UAVs) in Smart City Scenarios

In smart cities, vehicular applications require high computation capabilities and low-latency communication. Edge computing offers promising solutions for addressing these requirements because of several features, such as geo-distribution, mobility, low latency, heterogeneity, and support for real-time interactions. To employ network edges, existing fixed roadside units can be equipped with edge computing servers. Nevertheless, there are situations where additional infrastructure units are required to handle temporary high traffic loads during public events, unexpected weather conditions, or extreme traffic congestion. In such cases, the use of flying roadside units are carried by unmanned aerial vehicles (UAVs), which provide the required infrastructure for supporting traffic applications and improving the quality of service. UAVs can be dynamically deployed to act as mobile edges in accordance with traffic events and congestion conditions. The key benefits of this dynamic approach include: 1) the potential for characterizing the environmental requirements online and performing the deployment accordingly, and 2) the ability to move to another location when necessary. We propose a traffic-aware method for enabling the deployment of UAVs in vehicular environments. Simulation results show that our proposed method can achieve full network coverage under different scenarios without extra communication overhead or delay

Deep neural networks in the cloud: Review, applications, challenges and research directions

Deep neural networks (DNNs) are currently being deployed as machine learning technology in a wide range of important real-world applications. DNNs consist of a huge number of parameters that require millions of floating-point operations (FLOPs) to be executed both in learning and prediction modes. A more effective method is to implement DNNs in a cloud computing system equipped with centralized servers and data storage sub-systems with high-speed and high-performance computing capabilities. This paper presents an up-to-date survey on current state-of-the-art deployed DNNs for cloud computing. Various DNN complexities associated with different architectures are presented and discussed alongside the necessities of using cloud computing. We also present an extensive overview of different cloud computing platforms for the deployment of DNNs and discuss them in detail. Moreover, DNN applications already deployed in cloud computing systems are reviewed to demonstrate the advantages of using cloud computing for DNNs. The paper emphasizes the challenges of deploying DNNs in cloud computing systems and provides guidance on enhancing current and new deployments.The EGIA project (KK-2022/00119The Consolidated Research Group MATHMODE (IT1456-22