Game Theory for Cyber Deception: A Tutorial

Deceptive and anti-deceptive technologies have been developed for various specific applications. But there is a significant need for a general, holistic, and quantitative framework of deception. Game theory provides an ideal set of tools to develop such a framework of deception. In particular, game theory captures the strategic and self-interested nature of attackers and defenders in cybersecurity. Additionally, control theory can be used to quantify the physical impact of attack and defense strategies. In this tutorial, we present an overview of game-theoretic models and design mechanisms for deception and counter-deception. The tutorial aims to provide a taxonomy of deception and counter-deception and understand how they can be conceptualized, quantified, and designed or mitigated. This tutorial gives an overview of diverse methodologies from game theory that includes games of incomplete information, dynamic games, mechanism design theory to offer a modern theoretic underpinning of cyberdeception. The tutorial will also discuss open problems and research challenges that the HoTSoS community can address and contribute with an objective to build a multidisciplinary bridge between cybersecurity, economics, game and decision theory.Comment: arXiv admin note: substantial text overlap with arXiv:1808.0806

Cyber Insurance

This chapter will first present a principal-agent game-theoretic model to capture the interactions between one insurer and one user. The insurer is deemed as the principal who does not have incomplete information about user's security policies. The user, which refers to the infrastructure operator or the customer, implements his local protection and pays a premium to the insurer. The insurer designs an incentive compatible insurance mechanism that includes the premium and the coverage policy, while the user determines whether to participate in the insurance and his effort to defend against attacks. The chapter will also focus on an attack-aware cyber insurance model by introducing the adversarial behaviors into the framework. The behavior of an attacker determines the type of cyber threats, e.g. denial of service (DoS) attacks, data breaches, phishing and spoofing. The distinction of threat types plays a role in determining the type of losses and the coverage policies. The data breaches can lead to not only financial losses but also damage of the reputations. The coverage may only cover certain agreed percentage of the financial losses

Differentially Private Collaborative Intrusion Detection Systems For VANETs

Vehicular ad hoc network (VANET) is an enabling technology in modern transportation systems for providing safety and valuable information, and yet vulnerable to a number of attacks from passive eavesdropping to active interfering. Intrusion detection systems (IDSs) are important devices that can mitigate the threats by detecting malicious behaviors. Furthermore, the collaborations among vehicles in VANETs can improve the detection accuracy by communicating their experiences between nodes. To this end, distributed machine learning is a suitable framework for the design of scalable and implementable collaborative detection algorithms over VANETs. One fundamental barrier to collaborative learning is the privacy concern as nodes exchange data among them. A malicious node can obtain sensitive information of other nodes by inferring from the observed data. In this paper, we propose a privacy-preserving machine-learning based collaborative IDS (PML-CIDS) for VANETs. The proposed algorithm employs the alternating direction method of multipliers (ADMM) to a class of empirical risk minimization (ERM) problems and trains a classifier to detect the intrusions in the VANETs. We use the differential privacy to capture the privacy notation of the PML-CIDS and propose a method of dual variable perturbation to provide dynamic differential privacy. We analyze theoretical performance and characterize the fundamental tradeoff between the security and privacy of the PML-CIDS. We also conduct numerical experiments using the NSL-KDD dataset to corroborate the results on the detection accuracy, security-privacy tradeoffs, and design

Quantitative Models of Imperfect Deception in Network Security using Signaling Games with Evidence

Deception plays a critical role in many interactions in communication and network security. Game-theoretic models called "cheap talk signaling games" capture the dynamic and information asymmetric nature of deceptive interactions. But signaling games inherently model undetectable deception. In this paper, we investigate a model of signaling games in which the receiver can detect deception with some probability. This model nests traditional signaling games and complete information Stackelberg games as special cases. We present the pure strategy perfect Bayesian Nash equilibria of the game. Then we illustrate these analytical results with an application to active network defense. The presence of evidence forces majority-truthful behavior and eliminates some pure strategy equilibria. It always benefits the deceived player, but surprisingly sometimes also benefits the deceiving player.Comment: IEEE Communications and Network Security (IEEE CNS) 201

A Game-Theoretic Framework for Resilient and Distributed Generation Control of Renewable Energies in Microgrids

The integration of microgrids that depend on the renewable distributed energy resources with the current power systems is a critical issue in the smart grid. In this paper, we propose a non-cooperative game-theoretic framework to study the strategic behavior of distributed microgrids that generate renewable energies and characterize the power generation solutions by using the Nash equilibrium concept. Our framework not only incorporates economic factors but also takes into account the stability and efficiency of the microgrids, including the power flow constraints and voltage angle regulations. We develop two decentralized update schemes for microgrids and show their convergence to a unique Nash equilibrium. Also, we propose a novel fully distributed PMU-enabled algorithm which only needs the information of voltage angle at the bus. To show the resiliency of the distributed algorithm, we introduce two failure models of the smart grid. Case studies based on the IEEE 14-bus system are used to corroborate the effectiveness and resiliency of the proposed algorithms.Comment: 11 pages; This paper has been accepted to publish in IEEE Transactions on Smart Grid. This is the final versio

A Mean-Field Stackelberg Game Approach for Obfuscation Adoption in Empirical Risk Minimization

Data ecosystems are becoming larger and more complex due to online tracking, wearable computing, and the Internet of Things. But privacy concerns are threatening to erode the potential benefits of these systems. Recently, users have developed obfuscation techniques that issue fake search engine queries, undermine location tracking algorithms, or evade government surveillance. Interestingly, these techniques raise two conflicts: one between each user and the machine learning algorithms which track the users, and one between the users themselves. In this paper, we use game theory to capture the first conflict with a Stackelberg game and the second conflict with a mean field game. We combine both into a dynamic and strategic bi-level framework which quantifies accuracy using empirical risk minimization and privacy using differential privacy. In equilibrium, we identify necessary and sufficient conditions under which 1) each user is incentivized to obfuscate if other users are obfuscating, 2) the tracking algorithm can avoid this by promising a level of privacy protection, and 3) this promise is incentive-compatible for the tracking algorithm.Comment: IEEE Global SIP Symposium on Control & Information Theoretic Approaches to Privacy and Securit

Consensus-based Distributed Discrete Optimal Transport for Decentralized Resource Matching

Optimal transport has been used extensively in resource matching to promote the efficiency of resources usages by matching sources to targets. However, it requires a significant amount of computations and storage spaces for large-scale problems. In this paper, we take a consensus-based approach to decentralize discrete optimal transport problems and develop fully distributed algorithms with alternating direction method of multipliers. We show that our algorithms guarantee certain levels of efficiency and privacy besides the distributed nature. We further derive primal and dual algorithms by exploring the primal and dual problems of discrete optimal transport with linear utility functions and prove the equivalence between them. We verify the convergence, online adaptability, and the equivalence between the primal algorithm and the dual algorithm with numerical experiments. Our algorithms reflect the bargaining between sources and targets on the amounts and prices of transferred resources and reveal an averaging principle which can be used to regulate resource markets and improve resource efficiency

Proactive Defense Against Physical Denial of Service Attacks using Poisson Signaling Games

While the Internet of things (IoT) promises to improve areas such as energy efficiency, health care, and transportation, it is highly vulnerable to cyberattacks. In particular, distributed denial-of-service (DDoS) attacks overload the bandwidth of a server. But many IoT devices form part of cyber-physical systems (CPS). Therefore, they can be used to launch "physical" denial-of-service attacks (PDoS) in which IoT devices overflow the "physical bandwidth" of a CPS. In this paper, we quantify the population-based risk to a group of IoT devices targeted by malware for a PDoS attack. In order to model the recruitment of bots, we develop a "Poisson signaling game," a signaling game with an unknown number of receivers, which have varying abilities to detect deception. Then we use a version of this game to analyze two mechanisms (legal and economic) to deter botnet recruitment. Equilibrium results indicate that 1) defenders can bound botnet activity, and 2) legislating a minimum level of security has only a limited effect, while incentivizing active defense can decrease botnet activity arbitrarily. This work provides a quantitative foundation for proactive PDoS defense.Comment: 2017 Conference on Decision and Game Theory for Security (GameSec2017). arXiv admin note: text overlap with arXiv:1703.0523

Dynamic Privacy For Distributed Machine Learning Over Network

Privacy-preserving distributed machine learning becomes increasingly important due to the recent rapid growth of data. This paper focuses on a class of regularized empirical risk minimization (ERM) machine learning problems, and develops two methods to provide differential privacy to distributed learning algorithms over a network. We first decentralize the learning algorithm using the alternating direction method of multipliers (ADMM), and propose the methods of dual variable perturbation and primal variable perturbation to provide dynamic differential privacy. The two mechanisms lead to algorithms that can provide privacy guarantees under mild conditions of the convexity and differentiability of the loss function and the regularizer. We study the performance of the algorithms, and show that the dual variable perturbation outperforms its primal counterpart. To design an optimal privacy mechanisms, we analyze the fundamental tradeoff between privacy and accuracy, and provide guidelines to choose privacy parameters. Numerical experiments using customer information database are performed to corroborate the results on privacy and utility tradeoffs and design.Comment: 15 pages, 5 figures Corrected typos. Revised argument in section 3, 4, and Appendix, results unchange

Enabling Differentiated Services Using Generalized Power Control Model in Optical Networks

This paper considers a generalized framework to study OSNR optimization-based end-to-end link level power control problems in optical networks. We combine favorable features of game-theoretical approach and central cost approach to allow different service groups within the network. We develop solutions concepts for both cases of empty and nonempty feasible sets. In addition, we derive and prove the convergence of a distributed iterative algorithm for different classes of users. In the end, we use numerical examples to illustrate the novel framework