Game Theoretic Security 2015

 

Game theory has historically been the province of social sciences such as economics, political science, and psychology. Game theory has developed into an umbrella term for the logical side of science that includes both human and non-human actors like computers. It has been used extensively in wireless networks research to develop understanding of stable operation points for networks made of autonomous/selfish nodes. The nodes are considered as the players. Utility functions are often chosen to correspond to achieved connection rate or similar technical metrics. In security, the computer game framework is used to anticipate and analyze intruder and administrator concurrent interactions within the network. Research cited here was presented in 2015.

---

L. Tom, “Game-Theoretic Approach Towards Network Security: A Review,” Circuit, Power and Computing Technologies (ICCPCT), 2015 International Conference on, Nagercoil, 2015, pp. 1-4. doi: 10.1109/ICCPCT.2015.7159364

Abstract: Advancements in information technology has increased the use of internet. With the pervasiveness of internet, network security has become critical issue in every organization. Network attacks results in massive amount of loss in terms of money, reputation and data confidentiality. Reducing or eliminating the negative effects of any intrusion is a fundamental issue of network security. The network security problem can be represented as a game between the attacker or intruder and the network administrator where both the players try to attain maximum outcome. The network administrator tries to defend the attack and the attacker tries to overcome it and attack the system. Thus network security can be enforced using game theoretic approach. This paper presents a review of game theoretic solutions developed for network security.

Keywords: Internet; game theory; information technology; security of data; ubiquitous computing; game-theoretic approach; network administration; network security; pervasiveness; Communication networks; Computational modeling; Games; Intrusion detection; Nash equilibrium; attack defence (ID#: 16-11069)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7159364&isnumber=7159156

 

D. K. Tosh, S. Sengupta, S. Mukhopadhyay, C. A. Kamhoua and K. A. Kwiat, “Game Theoretic Modeling to Enforce Security Information Sharing Among Firms,” Cyber Security and Cloud Computing (CSCloud), 2015 IEEE 2nd International Conference on, New York, NY, 2015, pp. 7-12. doi: 10.1109/CSCloud.2015.81

Abstract: Robust CYBersecurity information EXchange (CYBEX) infrastructure is envisioned to protect the firms from future cyber attacks via collaborative threat intelligence sharing, which might be difficult to achieve via sole effort. The executive order from the U. S. federal government clearly encourages the firms to share their cybersecurity breach and patch related information among other federal and private firms for strengthening their as well as nation's security infrastructure. In this paper, we present a game theoretic framework to investigate the economic benefits of cyber-threat information sharing and analyze the impacts and consequences of not participating in the game of information exchange. We model the information exchange framework as distributed non-cooperative game among the firms and investigate the implications of information sharing and security investments. The proposed incentive model ensures and self-enforces the firms to share their breach information truthfully for maximization of its gross utility. Theoretical analysis of the incentive framework has been conducted to find the conditions under which firms' net benefit for sharing security information and investment can be maximized. Numerical results verify that the proposed model promotes such sharing, which helps to relieve their total security technology investment too.

Keywords: business data processing; electronic data interchange; game theory; security of data; breach information; cyber-threat information sharing; distributed noncooperative game; firms net benefit; game theoretic framework; gross utility; incentive model; information exchange framework; security information sharing; security investments; Computer security; Games; Information exchange; Information management; Investment; Numerical models; CYBEX; Cyber-threat intelligence; Game theory (ID#: 16-11070)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7371431&isnumber=7371418

 

R. K. Abercrombie and F. T. Sheldon, “Security Analysis of Smart Grid Cyber Physical Infrastructures Using Game Theoretic Simulation,” Computational Intelligence, 2015 IEEE Symposium Series on, Cape Town, 2015, pp. 455-462. doi: 10.1109/SSCI.2015.74

Abstract: Cyber physical computing infrastructures typically consist of a number of interconnected sites including both cyber and physical components. In this analysis we studied the various types and frequency of attacks that may be levied on smart grid cyber physical systems. Our information security analysis utilized a dynamic Agent Based Game Theoretic (ABGT) simulation. Such simulations can be verified using a closed form game theory analytic approach to explore larger scale, real world scenarios involving multiple attackers, defenders, and information assets. We concentrated our study on the electric sector failure scenarios from the NESCOR Working Group Study. We extracted four generic failure scenarios and grouped them into three specific threat categories (confidentiality, integrity, and availability) to the system. These specific failure scenarios serve as a demonstration of our simulation. The analysis using our ABGT simulation demonstrates how to model the electric sector functional domain using a set of rationalized game theoretic rules decomposed from the failure scenarios in terms of how those scenarios might impact the cyber physical infrastructure network with respect to CIA.

Keywords: cyber-physical systems; game theory; power engineering computing; power system security; security of data; smart power grids; ABGT simulation; agent based game theoretic simulation; closed form game theory analytic approach; electric sector failure; electric sector functional domain; information assets; information security analysis; rationalized game theoretic rules; security analysis; smart grid cyber physical computing infrastructures; Analytical models; Computer security; Control systems; Games; Government; Smart grids (ID#: 16-11071)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7376647&isnumber=7376572

 

L. Kwiat, C. A. Kamhoua, K. A. Kwiat, J. Tang and A. Martin, “Security-Aware Virtual Machine Allocation in the Cloud: A Game Theoretic Approach,” Cloud Computing (CLOUD), 2015 IEEE 8th International Conference on, New York City, NY, 2015, pp. 556-563. doi: 10.1109/CLOUD.2015.80

Abstract: With the growth of cloud computing, many businesses, both small and large, are opting to use cloud services compelled by a great cost savings potential. This is especially true of public cloud computing which allows for quick, dynamic scalability without many overhead or long-term commitments. However, one of the largest dissuasions from using cloud services comes from the inherent and unknown danger of a shared platform such as the hyper visor. An attacker can attack a virtual machine (VM) and then go on to compromise the hyper visor. If successful, then all virtual machines on that hyper visor can become compromised. This is the problem of negative externalities, where the security of one player affects the security of another. This work shows that there are multiple Nash equilibria for the public cloud security game. It also demonstrates that we can allow the players' Nash equilibrium profile to not be dependent on the probability that the hyper visor is compromised, reducing the factor externality plays in calculating the equilibrium. Finally, by using our allocation method, the negative externality imposed onto other players can be brought to a minimum compared to other common VM allocation methods.

Keywords: cloud computing; game theory; probability; security of data; virtual machines; cloud services; game theoretic approach; multiple Nash equilibria; negative externality; public cloud computing; public cloud security game; security-aware virtual machine allocation method; Cloud computing; Games; Nash equilibrium; Resource management; Security; Virtual machine monitors; Virtual machining; Cloud Computing; cyber security; externality; virtual machine allocation (ID#: 16-11072)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7214090&isnumber=7212169

 

P. Aggarwal, Z. Maqbool, A. Grover, V. S. C. Pammi, S. Singh and V. Dutt, “Cyber Security: A Game-Theoretic Analysis of Defender and Attacker Strategies in Defacing-Website Games,” Cyber Situational Awareness, Data Analytics and Assessment (CyberSA), 2015 International Conference on, London, 2015, pp. 1-8. doi: 10.1109/CyberSA.2015.7166127

Abstract: The rate at which cyber-attacks are increasing globally portrays a terrifying picture upfront. The main dynamics of such attacks could be studied in terms of the actions of attackers and defenders in a cyber-security game. However currently little research has taken place to study such interactions. In this paper we use behavioral game theory and try to investigate the role of certain actions taken by attackers and defenders in a simulated cyber-attack scenario of defacing a website. We choose a Reinforcement Learning (RL) model to represent a simulated attacker and a defender in a 2×4 cyber-security game where each of the 2 players could take up to 4 actions. A pair of model participants were computationally simulated across 1000 simulations where each pair played at most 30 rounds in the game. The goal of the attacker was to deface the website and the goal of the defender was to prevent the attacker from doing so. Our results show that the actions taken by both the attackers and defenders are a function of attention paid by these roles to their recently obtained outcomes. It was observed that if attacker pays more attention to recent outcomes then he is more likely to perform attack actions. We discuss the implication of our results on the evolution of dynamics between attackers and defenders in cyber-security games.

Keywords: Web sites; computer crime; computer games; game theory; learning (artificial intelligence); RL model; attacker strategies; attacks dynamics; behavioral game theory; cyber-attacks; cyber-security game; defacing Website games; defender strategies; game-theoretic analysis; reinforcement learning; Cognitive science; Computational modeling; Computer security; Cost function; Games; Probabilistic logic; attacker; cognitive modeling; cyber security; defender; reinforcement-learning model (ID#: 16-11073)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7166127&isnumber=7166109

 

G. Rontidis, E. Panaousis, A. Laszka, T. Dagiuklas, P. Malacaria and T. Alpcan, “A Game-Theoretic Approach for Minimizing Security Risks in the Internet-of-Things,” Communication Workshop (ICCW), 2015 IEEE International Conference on, London, 2015, pp. 2639-2644. doi: 10.1109/ICCW.2015.7247577

Abstract: In the Internet-of-Things (IoT), users might share part of their data with different IoT prosumers, which offer applications or services. Within this open environment, the existence of an adversary introduces security risks. These can be related, for instance, to the theft of user data, and they vary depending on the security controls that each IoT prosumer has put in place. To minimize such risks, users might seek an “optimal” set of prosumers. However, assuming the adversary has the same information as the users about the existing security measures, he can then devise which prosumers will be preferable (e.g., with the highest security levels) and attack them more intensively. This paper proposes a decision-support approach that minimizes security risks in the above scenario. We propose a non-cooperative, two-player game entitled Prosumers Selection Game (PSG). The Nash Equilibria of PSG determine subsets of prosumers that optimize users' payoffs. We refer to any game solution as the Nash Prosumers Selection (NPS), which is a vector of probabilities over subsets of prosumers. We show that when using NPS, a user faces the least expected damages. Additionally, we show that according to NPS every prosumer, even the least secure one, is selected with some non-zero probability. We have also performed simulations to compare NPS against two different heuristic selection algorithms. The former is proven to be approximately 38% more effective in terms of security-risk mitigation.

Keywords: Internet of Things; game theory; security of data; Nash equilibrium; Nash prosumers selection; decision support; noncooperative game; optimal prosumer set; prosumers selection Game; security risk minimization; two player game; user data theft; Cascading style sheets; Conferences; Game theory; Games; Internet of things; Security; Silicon (ID#: 16-11074)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7247577&isnumber=7247062

 

M. Ghorbani and M. R. Hashemi, “Networked IDS Configuration in Heterogeneous Networks — A Game Theory Approach,” Electrical Engineering (ICEE), 2015 23rd Iranian Conference on, Tehran, 2015, pp. 1000-1005. doi: 10.1109/IranianCEE.2015.7146357

Abstract: Intrusion Detection Systems (IDSs) are an essential component of any network security architecture. Their importance is emphasized in today's heterogeneous and complex networks, where a variety of network assets are constantly subject to a large number of attacks. As the network traffic increases, the importance of proper IDS configuration is reinforced. For instance, the larger the number of detection libraries are, the larger number of attacks is expected to be detected. A larger number of libraries implies that the computational complexity is increased, which may reduce system performance. There is always a tradeoff between security enforcement level and system performance. Many papers in the literature have exploited Game theory to address this problem by including different factors in their proposed models. In this paper, we propose a game theoretic approach to determine the networked IDS configuration in heterogeneous networks. We utilize a more efficient way to tune IDS configuration, including library selection, based on the type and value of protected network assets; the interdependencies between assets are considered in the model. Unlike most existing methods, in the proposed game model the impact of each particular attack is considered to be different for each asset. The problem has been modeled as a non-cooperative multi-person nonzero-sum stochastic game. The existence of stationary Nash equilibrium for this game has been demonstrated.

Keywords: computational complexity; computer network security; game theory; stochastic processes; telecommunication traffic; complex networks; detection libraries; game model; game theory approach; heterogeneous networks; intrusion detection systems; library selection; network assets; network security architecture; network traffic; networked IDS configuration; noncooperative multiperson nonzero-sum stochastic game; security enforcement level; stationary Nash equilibrium; Conferences; Decision support systems; Electrical engineering; IDS; Nash equilibrium; Network Security; Stochastic Games (ID#: 16-11075)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7146357&isnumber=7146167

 

S. Wei et al., “On Effectiveness of Game Theoretic Modeling and Analysis Against Cyber Threats for Avionic Systems,” Digital Avionics Systems Conference (DASC), 2015 IEEE/AIAA 34th, Prague, 2015, pp. 4B2-1-4B2-13. doi: 10.1109/DASC.2015.7311417

Abstract: Cyber-attack defense requires network security situation awareness through distributed collaborative monitoring, detection, and mitigation. An issue of developing and demonstrating innovative and effective situational awareness techniques for avionics has increased in importance in the last decade. In this paper, we first conducted a game theoretical based modeling and analysis to study the interaction between an adversary and a defender. We then introduced the implementation of game-theoretic analysis on an Avionics Sensor-based Defense System (ASDS), which consists of distributed passive and active network sensors. A trade-off between defense and attack strategy was studied via existing tools for game theory (Gambit). To further enhance the defense and mitigate attacks, we designed and implemented a multi-functional web display to integrate the game theocratic analysis. Our simulation validates that the game theoretical modeling and analysis can help the Avionics Sensor-based Defense System (ASDS) adapt detection and response strategies to efficiently and dynamically deal with various cyber threats.

Keywords: aerospace computing; avionics; distributed sensors; game theory; security of data; ASDS; Gambit; active network sensors; avionic systems; avionics sensor-based defense system; cyber threats; cyber-attack defense; distributed collaborative detection; distributed collaborative mitigation; distributed collaborative monitoring; distributed passive network sensors; game theoretic modeling; multifunctional Web display; network security situation awareness techniques; Monitoring (ID#: 16-11076)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7311417&isnumber=7311321

 

L. Luu, R. Saha, I. Parameshwaran, P. Saxena and A. Hobor, “On Power Splitting Games in Distributed Computation: The Case of Bitcoin Pooled Mining,” Computer Security Foundations Symposium (CSF), 2015 IEEE 28th, Verona, 2015, pp. 397-411. doi: 10.1109/CSF.2015.34

Abstract: Several new services incentivize clients to compete in solving large computation tasks in exchange for financial rewards. This model of competitive distributed computation enables every user connected to the Internet to participate in a game in which he splits his computational power among a set of competing pools -- the game is called a computational power splitting game. We formally model this game and show its utility in analyzing the security of pool protocols that dictate how financial rewards are shared among the members of a pool. As a case study, we analyze the Bitcoin crypto currency which attracts computing power roughly equivalent to billions of desktop machines, over 70% of which is organized into public pools. We show that existing pool reward sharing protocols are insecure in our game-theoretic analysis under an attack strategy called the “block withholding attack”. This attack is a topic of debate, initially thought to be ill-incentivized in today's pool protocols: i.e., causing a net loss to the attacker, and later argued to be always profitable. Our analysis shows that the attack is always well-incentivized in the long-run, but may not be so for a short duration. This implies that existing pool protocols are insecure, and if the attack is conducted systematically, Bitcoin pools could lose millions of dollars’ worth in months. The equilibrium state is a mixed strategy -- that is -- in equilibrium all clients are incentivized to probabilistically attack to maximize their payoffs rather than participate honestly. As a result, the Bitcoin network is incentivized to waste a part of its resources simply to compete.

Keywords: cryptographic protocols; data mining; electronic money; game theory; Bitcoin crypto currency; Bitcoin network; Bitcoin pool; Internet; attack strategy; bitcoin pooled mining; block withholding attack; competitive distributed computation; computational power splitting game; desktop machine; financial reward; game-theoretic analysis; mixed strategy; pool protocol; public pool; Analytical models; Computational modeling; Cryptography; Games; Online banking; Protocols; Bitcoin; Cryptocurrency; Distributed computation (ID#: 16-11077)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7243747&isnumber=7243713

 

A. Al-Talabani, A. Nallanathan and H. X. Nguyen, “Enhancing Secrecy Rate in Cognitive Radio via Game Theory,” 2015 IEEE Global Communications Conference (GLOBECOM), San Diego, CA, 2015, pp. 1-6. doi: 10.1109/GLOCOM.2015.7417698

Abstract: This paper investigates the game theory based cooperation method to optimize the PHY security in both primary and secondary transmissions of a cognitive radio network (CRN) that include a primary transmitter (PT), a primary receiver (PR), a secondary transmitter (ST), a secondary receiver (SR) and an eavesdropper (ED). In CRNs, the primary terminals may decide to lease its own given bandwidth for a fraction of time to the secondary nodes in exchange for appropriate remuneration. We consider the ST as a trusted relay for primary transmission in the presence of the ED. The ST forwards the source message in a decode-and-forward (DF) fashion and, at the same time, allows part of its available power to be used to transmit an artificial noise (i.e., jamming signal) to enhance secrecy rates and avoid the employment of a separate jammer. In order to allocate power between message and jamming signals, we formulate and solve optimization problem of maximizing the primary secrecy rate (PSR) and secondary secrecy rate (SSR). We then analyse the cooperation between the primary and secondary transmitters from a game-theoretic perspective, where we model their interaction as a Stackelberg game. Finally, we apply numerical examples to illustrate the impact of the Stackelberg game on the achievable PSR and SSR. It shows that spectrum leasing based on trading secondary access for cooperation by means of relay and jammer is a promising framework for enhancing secrecy rate in cognitive radio.

Keywords: cognitive radio; decode and forward communication; game theory; jamming; optimisation; radio receivers; radio spectrum management; radio transmitters; CRN primary transmission; CRN secondary transmission; DF fashion; PHY security optimization; Stackelberg game theory; cognitive radio network; decode-and-forward fashion; eavesdropper; jammer employment; optimization problem; primary receiver; primary secrecy rate; primary transmitter; secondary receiver; secondary secrecy rate; secondary transmitter; secrecy rate enhancement; source message forwarding; spectrum leasing; Games; Jamming; Optimization; Radio transmitters; Receivers; Relays; Security (ID#: 16-11078)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7417698&isnumber=7416057

 

R. Muthukkumar, D. Manimegalai and A. Siva Santhiya, “Game-Theoretic Approach to Detect Selfish Attacker in Cognitive Radio Ad-Hoc Networks,” Signal Processing, Communication and Networking (ICSCN), 2015 3rd International Conference on, Chennai, 2015, pp. 1-5. doi: 10.1109/ICSCN.2015.7219888

Abstract: In wireless communication, spectrum resources are utilized by authorities in particular fields. Most of the elements in spectrum are idle. Cognitive radio is a promising technique for allocating the idle spectrum into unlicensed users. Security shortage is a major challenging issue in cognitive radio ad-hoc networks (CRAHNs) that makes performance degradation on spectrum sensing and sharing. A selfish user pre-occupies the accessible bandwidth for their prospect usage and prohibits the progress secondary users whose makes the requirement for spectrum utility. Game theoretic model is proposed to detect the selfish attacker in CRAHNs. Channel state information (CSI) is considered to inform each user's channel handing information. The two strategy of Nash Equilibrium game model such as pure and mixed strategy for secondary users (SUs) and selfish secondary users (SSUs) are investigated and the selfish attacker is detected. Moreover a novel belief updating system is also proposed to the secondary users for knowing the CSI of the primary user. A simulation result shows that, game theoretic model is achieved to increase the detection rate of selfish attackers.

Keywords: cognitive radio; game theory; radio spectrum management; Nash Equilibrium game model; channel state information; cognitive radio ad-hoc networks; game-theoretic approach; security shortage; selfish attacker; selfish secondary users; spectrum resources; spectrum sensing; spectrum sharing; Ad hoc networks; Cognitive radio; Games; Nash equilibrium; Security; Sensors; Channel state information; Cognitive Radio; Game theoretical model (ID#: 16-11079)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7219888&isnumber=7219823

 

M. H. R. Khouzani, P. Mardziel, C. Cid and M. Srivatsa, “Picking vs. Guessing Secrets: A Game-Theoretic Analysis,” Computer Security Foundations Symposium (CSF), 2015 IEEE 28th, Verona, 2015, pp. 243-257. doi: 10.1109/CSF.2015.24

Abstract: Choosing a hard-to-guess secret is a prerequisite in many security applications. Whether it is a password for user authentication or a secret key for a cryptographic primitive, picking it requires the user to trade-off usability costs with resistance against an adversary: a simple password is easier to remember but is also easier to guess, likewise, a shorter cryptographic key may require fewer computational and storage resources but it is also easier to attack. A fundamental question is how one can optimally resolve this trade-off. A big challenge is the fact that an adversary can also utilize the knowledge of such usability vs. security trade-offs to strengthen its attack. In this paper, we propose a game-theoretic framework for analyzing the optimal trade-offs in the face of strategic adversaries. We consider two types of adversaries: those limited in their number of tries, and those that are ruled by the cost of making individual guesses. For each type, we derive the mutually-optimal decisions as Nash Equilibria, the strategically pessimistic decisions as maximin, and optimal commitments as Strong Stackelberg Equilibria of the game. We establish that when the adversaries are faced with a capped number of guesses, the user's optimal trade-off is a uniform randomization over a subset of the secret domain. On the other hand, when the attacker strategy is ruled by the cost of making individual guesses, Nash Equilibria may completely fail to provide the user with any level of security, signifying the crucial role of credible commitment for such cases. We illustrate our results using numerical examples based on real-world samples and discuss some policy implications of our work.

Keywords: game theory; message authentication; private key cryptography; Nash equilibria; attacker strategy; cryptographic key; cryptographic primitive; game-theoretic analysis; maximin; mutually-optimal decisions; optimal commitments; password; pessimistic decisions; secret guessing; secret key; secret picking; security applications; strategic adversaries; strong Stackelberg equilibria; uniform randomization; usability costs; user authentication; Authentication; Cryptography; Dictionaries; Games; Probability distribution; Usability; Attacker-Defender Games; Decision Theory; Game Theory; Maximin; Nash Equilibrium; Password Attacks; Strong Stackelberg Equilibrium; Usability-Security Trade-off (ID#: 16-11080)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7243737&isnumber=7243713

 

L. Wei, A. H. Moghadasi, A. Sundararajan and A. I. Sarwat, “Defending Mechanisms for Protecting Power Systems Against Intelligent Attacks,” System of Systems Engineering Conference (SoSE), 2015 10th, San Antonio, TX, 2015, pp. 12-17. doi: 10.1109/SYSOSE.2015.7151941

Abstract: The power system forms the backbone of a modern society, and its security is of paramount importance to nation's economy. However, the power system is vulnerable to intelligent attacks by attackers who have enough knowledge of how the power system is operated, monitored and controlled. This paper proposes a game theoretic approach to explore and evaluate strategies for the defender to protect the power systems against such intelligent attacks. First, a risk assessment is presented to quantify the physical impacts inflicted by attacks. Based upon the results of the risk assessment, this paper represents the interactions between the attacker and the defender by extending the current zero-sum game model to more generalized game models for diverse assumptions concerning the attacker's motivation. The attacker and defender's equilibrium strategies are attained by solving these game models. In addition, a numerical illustration is demonstrated to warrant the theoretical outcomes.

Keywords: game theory; power system protection; defending mechanisms; generalized game models; intelligent attacks; risk assessment; zero-sum game model; Games; Load modeling; Nash equilibrium; Numerical models; Power systems; Power system security (ID#: 16-11081)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7151941&isnumber=7151900

 

M. Emami-Taba, M. Amoui and L. Tahvildari, “Strategy-Aware Mitigation Using Markov Games for Dynamic Application-Layer Attacks,” High Assurance Systems Engineering (HASE), 2015 IEEE 16th International Symposium on, Daytona Beach Shores, FL, 2015, pp. 134-141. doi: 10.1109/HASE.2015.28

Abstract: Targeted and destructive natures of strategies used by attackers to break down the system require mitigation approaches with dynamic awareness. In the domain of adaptive software security, the adaptation manager of a self-protecting software is responsible for selecting countermeasures to prevent or mitigate attacks immediately. Making a right decision in each and every situation is one of the most challenging aspects of engineering self-protecting software systems. Inspired by the game theory, in this research work, we model the interactions between the attacker and the adaptation manager as a two-player zero-sum Markov game. Using this game-theoretic approach, the adaptation manager can refine its strategies in dynamic attack scenarios by utilizing what has learned from the system's and adversary's actions. We also present how this approach can be fitted to the well-known MAPE-K architecture model. As a proof of concept, this research conducts a study on a case of dynamic application-layer denial of service attacks. The simulation results demonstrate how our approach performs while encountering different attack strategies.

Keywords: Markov processes; game theory; security of data; MAPE-K architecture model; adaptation manager; adaptive software security domain; application-layer denial of service attacks; attack strategy; dynamic application-layer attacks; dynamic attack scenario; game-theoretic approach; self-protecting software systems; strategy-aware mitigation approach; two-player zero-sum Markov game; Adaptation models; Computer crime; Game theory; Games;  Adaptive Security; Dynamic Application-Layer Attacks; Game Theory; Markov Games (ID#: 16-11082)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7027424&isnumber=7027398

 

S. Nardi, C. Della Santina, D. Meucci and L. Pallottino, “Coordination of Unmanned Marine Vehicles for Asymmetric Threats Protection,” OCEANS 2015 - Genova, Genoa, 2015, pp. 1-7. doi: 10.1109/OCEANS-Genova.2015.7271413

Abstract: A coordination protocol for systems of unmanned marine vehicles is proposed for protection against asymmetric threats. The problem is first modelled in a game theoretic framework, as a potential game. Then an extension of existing learning algorithms is proposed to address the problem of tracking the possibly moving threat. The approach is evaluated in scenarios of different geometric complexity such as open sea, bay, and harbours. Performance of the approach is evaluated in terms of a security index that will allow us to obtain a tool for team sizing. The tool provides the minimum number of marine vehicles to be used in the system, given a desired security level to be guaranteed and the maximum threat velocity.

Keywords: autonomous underwater vehicles; game theory; learning (artificial intelligence); oceanographic techniques; protocols; security; asymmetric threat protection; coordination protocol; game theoretic framework; geometric complexity; learning algorithm; maximum threat velocity; security index; unmanned marine vehicle coordination; Games; Heuristic algorithms; Monitoring; Robot kinematics; Robot sensing systems (ID#: 16-11083)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7271413&isnumber=7271237

 

C. A. Kamhoua, A. Ruan, A. Martin and K. A. Kwiat, “On the Feasibility of an Open-Implementation Cloud Infrastructure: A Game Theoretic Analysis,” 2015 IEEE/ACM 8th International Conference on Utility and Cloud Computing (UCC), Limassol, 2015,

pp. 217-226. doi: 10.1109/UCC.2015.38

Abstract: Trusting a cloud infrastructure is a hard problem, which urgently needs effective solutions. There are increasing demands for switching to the cloud in the sectors of financial, healthcare, or government etc., where data security protections are among the highest priorities. But most of them are left unsatisfied, due to the current cloud infrastructures' lack of provable trustworthiness. Trusted Computing (TC) technologies implement effective mechanisms for attesting to the genuine behaviors of a software platform. Integrating TC with cloud infrastructure shows a promising method for verifying the cloud's behaviors, which may in turn facilitate provable trustworthiness. However, the side effect of TC also brings concerns: exhibiting genuine behaviors might attract targeted attacks. Consequently, current Trusted Cloud proposals only integrate limited TC capabilities, which hampers the effective and practical trust establishment. In this paper, we aim to justify the benefits of a fully Open-Implementation cloud infrastructure, which means that the cloud's implementation and configuration details can be inspected by both the legitimate and malicious cloud users. We applied game theoretic analysis to discover the new dynamics formed between the Cloud Service Provider (CSP) and cloud users, when the Open-Implementation strategy is introduced. We conclude that, even though Open-Implementation cloud may facilitate attacks, vulnerabilities or misconfiguration are easier to discover, which in turn reduces the total security threats. Also, cyber threat monitoring and sharing are made easier in an Open-Implementation cloud. More importantly, the cloud's provable trustworthiness will attract more legitimate users, which increases CSP's revenue and helps lowering the price. This eventually creates a virtuous cycle, which will benefit both the CSP and legitimate users.

Keywords: cloud computing; game theory; open systems; security of data; trusted computing; CSP revenue; TC technologies; cloud details; cloud service provider; cloud trustworthiness; cyber threat monitoring; data security protections; fully open-implementation cloud infrastructure; game theoretic analysis; legitimate cloud users; malicious cloud users; open-implementation cloud; open-implementation cloud strategy; software platform; total security threats; trusted computing technologies; Cloud computing; Computational modeling; Games; Hardware; Security; Virtual machine monitors; Cloud Computing; Game Analysis; Trusted Computing (ID#: 16-11084)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7431413&isnumber=7431374

 

Z. Wang, J. Wu, G. Cheng and Y. Jiang, “Mutine: A Mutable Virtual Network Embedding with Game-Theoretic Stochastic Routing,” 2015 IEEE Global Communications Conference (GLOBECOM), San Diego, CA, 2015, pp. 1-6. doi: 10.1109/GLOCOM.2015.7417811

Abstract: In network virtualization, virtual network embedding is mostly static, which maps each virtual link onto a single predictable path, thus offering a significant advantage for adversaries to eavesdrop or intercept a certain virtual network. However, existing works on multipath embedding just focus on performance and survivability, instead of maximizing the routing unpredictability to avoid link attacks. In this paper, we present a mutable virtual network embedding framework which maps each virtual link onto a set of substrate links with a game-theoretic optimal stochastic routing policy. Firstly, we model the virtual network embedding in the context of stochastic routing with its effectiveness quantified by game theory. Then, in node mapping algorithm, we define a security capacity matrix to evaluate substrate nodes, thus overcoming two disadvantages of existing resource capacity metric. In link mapping algorithm, we work out the optimal stochastic routing policies with satisfying capacity, delay and cycle-free constraints. The simulation results indicate that our framework can significantly improve the probability that packets are not attacked, with little expense of request acceptance ratio and average routing hops.

Keywords: computer network reliability; stochastic games; telecommunication network routing; virtualisation; Mutine; game theoretic stochastic routing; link mapping algorithm; multipath embedding; mutable virtual network embedding; network virtualization; optimal stochastic routing policy; substrate links; virtual network mapping; Delays; Game theory; Resource management; Routing; Security; Stochastic processes; Substrates (ID#: 16-11085)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7417811&isnumber=7416057

 

B. Li, “Secure Learning and Mining in Adversarial Environments [Extended Abstract],” 2015 IEEE International Conference on Data Mining Workshop (ICDMW), Atlantic City, NJ, 2015, pp. 1538-1539. doi: 10.1109/ICDMW.2015.44

Abstract: Machine learning and data mining have become ubiquitous tools in modern computing applications and large enterprise systems benefit from its adaptability and intelligent ability to infer patterns that can be used for prediction or decision-making. Great success has been achieved by applying machine learning and data mining to the security settings for large dataset, such as in intrusion detection, virus detection, biometric identity recognition, and spam filtering. However, the strengths of the learning systems, such as the adaptability and ability to infer patterns, can also become their vulnerabilities when there are adversarial manipulations during the learning and predicting process. Considering the fact that the traditional learning strategies could potentially introduce security faults into the learning systems, robust machine learning techniques against the sophisticated adversaries need to be studied, which is referred to as secure learning and mining through this abstract. Based on the goal of secure learning and mining, I aim to analyze the behavior of learning systems in adversarial environments by studying different kinds of attacks against the learning systems. Then design robust learning algorithms to counter the corresponding malicious behaviors based on the evaluation and prediction of the adversaries' goal and capabilities. The interactions between the defender and attackers are modeled as different forms of games, therefore game theoretic analysis are applied to evaluate and predict the constraints for both participants to deal with the real world large dataset.

Keywords: data mining; game theory; learning (artificial intelligence); game theoretic analysis; machine learning; robust learning algorithm; secure learning; ubiquitous tool; Analytical models; Cost function; Data mining; Electronic mail; Games; Learning systems; Robustness; adversarial learning (ID#: 16-11086)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7395856&isnumber=7395635

 

E. Moiseeva and M. R. Hesamzadeh, “Strategic Bidding by a Risk-Averse Firm with a Portfolio of Renewable Resources,” PowerTech, 2015 IEEE Eindhoven, Eindhoven, 2015, pp. 1-6. doi: 10.1109/PTC.2015.7232550

Abstract: The possibility of market power abuse in the systems with a high amount of flexible power sources (hydro units and energy storage) is believed to be very low. However, in practice strategic owners of these resources may limit the ramping rate whenever the price spikes occur. This is particularly relevant for the power systems with a high penetration of wind power, due to the high levels of uncertainty. In this paper we propose a bilevel game-theoretic model to investigate the effect of this type of strategic bidding. The lower-level is a security-constrained economic dispatch carried out by the system operator. The upper-level is a profit-maximization problem solved by a risk-averse company owning a varied portfolio of energy sources: energy storage, hydro power units, wind generators, as well as traditional generators. We represent the uncertainty affecting the decision making by introducing a set of wind power scenarios and variable competitors' price bids. The resulting mathematical problem with equilibrium constraints (MPEC) is recast as a single-stage mixed-integer linear program (MILP) and solved with CPLEX. In the case study we demonstrate the effect of withholding the ramp-rate on the social welfare.

Keywords: game theory; Integer programming; linear programming; power generation dispatch; power generation economics; power markets; wind power plants; CPLEX; MILP; MPEC; bilevel game-theoretic model; energy storage; hydro power units; profit-maximization problem; renewable resources portfolio; risk-averse company; risk-averse firm; security-constrained economic dispatch; single-stage mixed-integer linear program; strategic bidding; wind generators; wind power scenarios; Companies; Electricity supply industry; Generators; Portfolios; Production; Uncertainty; Wind power generation (ID#: 16-11087)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7232550&isnumber=7232233

 

F. Gabry, R. Thobaben and M. Skoglund, “Secrecy Games in Cognitive Radio Networks with Multiple Secondary Users,” Communications and Network Security (CNS), 2015 IEEE Conference on, Florence, 2015, pp. 143-148. doi: 10.1109/CNS.2015.7346822

Abstract: In this paper we investigate secrecy games in cognitive radio networks with multiple secondary pairs and secrecy constraints. We consider the cognitive channel model with multiple secondary pairs where the secondary receivers are treated as eavesdroppers with respect to the primary transmission. For this novel network model, we derive achievable rate regions when secondary pairs are allowed to use the channel simultaneously. We then investigate the spectrum sharing mechanisms using several game theoretic models, namely 1) a single-leader multiple-follower Stackelberg game with the primary transmitter as the leader and the secondary transmitters as followers; 2) a non-cooperative power control game between the secondary transmitters if they can access the channel simultaneously; and 3) an auction between a primary auctioneer and secondary bidders which allows the primary transmitter to exploit the competitive interaction between the secondary transmitters. We illustrate through numerical simulations the equilibrium outcomes of the analyzed games and the impact of the competition between the secondary transmitters on the utility performance of every node in the cognitive radio network.

Keywords: cognitive radio; game theory; numerical analysis; power control; radio receivers; radio spectrum management; radio transmitters; telecommunication control; Stackelberg game; cognitive radio networks; game theoretic models; multiple secondary pairs; multiple secondary users; noncooperative power control game; numerical simulations; primary auctioneer; primary transmitter; secondary bidders; secondary receivers; secondary transmitters; secrecy constraints; secrecy games; single-leader multiple-follower; spectrum sharing; Data communication; Games; Jamming; Radio transmitters; Receivers; Security (ID#: 16-11088)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7346822&isnumber=7346791

 

G. Gianini, M. Cremonini, A. Rainini, G. L. Cota and L. G. Fossi, “A Game Theoretic Approach to Vulnerability Patching,” Information and Communication Technology Research (ICTRC), 2015 International Conference on, Abu Dhabi, 2015, pp. 88-91. doi: 10.1109/ICTRC.2015.7156428

Abstract: Patching vulnerabilities is one of the key activities in security management. For most commercial systems however the number of relevant vulnerabilities is very high; as a consequence only a subset of them can be actually fixed: due to bounded resources, choosing them according to some optimal criterium is a critical challenge for the security manager. One has also to take into account, though, that even delivering attacks on vulnerabilities requires a non-negligible effort: also a potential attacker will always be constrained by bounded resources. Choosing which vulnerabilities to attack according to some optimality criterium is also a difficult challenge for a hacker. Here we argue that if both types of players are rational, wishing to maximize their ROI and aware of the two sides of the problem, their respective strategies can be discussed more naturally within a Game Theory (GT) framework. We develop the fact that the above described attack/defense scenario can be mapped onto a variant of GT models known as Search Games: we call this variant Enhanced Vulnerability Patching game. Under the hypothesis of rationality of the players, GT provides a prediction for their behavior in terms of a probability distribution over the possible choices: this result can help in supporting a semi-automatic choice of patch management with constrained resources. In this work we model and solve few prototypical instances of this class of games and outline the path towards more realistic and accurate GT models.

Keywords: computer crime; game theory; search problems; statistical distributions; GT models; ROI; bounded resources; enhanced vulnerability patching game; game theoretic approach; hacker; optimality criterium; patch management; probability distribution; search games; security management; security manager; Computer hacking; Game theory; Games; Linear systems; Mathematical model (ID#: 16-11089)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7156428&isnumber=7156393

 

J. Abegunde, H. Xiao and J. Spring, “Resilient Tit-For-Tat (RTFT) A Game Solution for Wireless Misbehaviour,” Wireless Communications and Mobile Computing Conference (IWCMC), 2015 International, Dubrovnik, 2015, pp. 904-909. doi: 10.1109/IWCMC.2015.7289203

Abstract: The vulnerability of wireless networks to selfish and misbehaving nodes is a well known problem. The Tit-For-Tat (TFT) strategy has been proposed as a game theoretic solution to the problem, however the TFT suffers from a deadlock vulnerability. We present a modified TFT algorithm, the Resilient Tit-For-Tat (RTFT) algorithm in which we introduce the concept of alternative strategies to complement the default strategy. This combination enables us to model a non-cooperative game in which nodes are able change their strategies in order to maximize their utilities in selfish and misbehaviour scenarios. We demonstrate the viability of our proposal with simulation results.

Keywords: game theory; telecommunication security; wireless LAN; RTFT algorithm; Tit-For-Tat strategy; deadlock vulnerability; game theoretic solution; misbehaving nodes; noncooperative game; resilient Tit-For-Tat algorithm; selfish nodes; wireless misbehaviour; wireless networks vulnerability; Games; IEEE 802.11 Standard; Mathematical model; Media Access Protocol; Thin film transistors; Throughput; Game Theory; IEEE 802.11; MAC Layer Security; Resilient MAC Protocol; Tit-For-Tat; Wireless Networks (ID#: 16-11090)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7289203&isnumber=7288920

 

M. Chessa, J. Grossklags and P. Loiseau, “A Game-Theoretic Study on Non-monetary Incentives in Data Analytics Projects with Privacy Implications,” Computer Security Foundations Symposium (CSF), 2015 IEEE 28th, Verona, 2015, pp. 90-104. doi: 10.1109/CSF.2015.14

Abstract: The amount of personal information contributed by individuals to digital repositories such as social network sites has grown substantially. The existence of this data offers unprecedented opportunities for data analytics research in various domains of societal importance including medicine and public policy. The results of these analyses can be considered a public good which benefits data contributors as well as individuals who are not making their data available. At the same time, the release of personal information carries perceived and actual privacy risks to the contributors. Our research addresses this problem area. In our work, we study a game-theoretic model in which individuals take control over participation in data analytics projects in two ways: 1) individuals can contribute data at a self-chosen level of precision, and 2) individuals can decide whether they want to contribute at all (or not). From the analyst's perspective, we investigate to which degree the research analyst has flexibility to set requirements for data precision, so that individuals are still willing to contribute to the project, and the quality of the estimation improves. We study this tradeoffs scenario for populations of homogeneous and heterogeneous individuals, and determine Nash equilibrium that reflect the optimal level of participation and precision of contributions. We further prove that the analyst can substantially increase the accuracy of the analysis by imposing a lower bound on the precision of the data that users can reveal.

Keywords: data analysis; data privacy; game theory; incentive schemes; social networking (online); Nash equilibrium; data analytics; digital repositories; game theoretic study; nonmonetary incentives; personal information; privacy implications; social network sites; Data privacy; Estimation; Games; Noise; Privacy; Sociology; Statistics; Non-cooperative game; non-monetary incentives; population estimate; privacy; public good (ID#: 16-11091)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7243727&isnumber=7243713

 

D. Tosh, S. Sengupta, C. Kamhoua, K. Kwiat and A. Martin, “An Evolutionary Game-Theoretic Framework for Cyber-Threat Information Sharing,” Communications (ICC), 2015 IEEE International Conference on, London, 2015, pp. 7341-7346. doi: 10.1109/ICC.2015.7249499

Abstract: The initiative to protect against future cyber crimes requires a collaborative effort from all types of agencies spanning industry, academia, federal institutions, and military agencies. Therefore, a Cybersecurity Information Exchange (CYBEX) framework is required to facilitate breach/patch related information sharing among the participants (firms) to combat cyber attacks. In this paper, we formulate a non-cooperative cybersecurity information sharing game that can guide: (i) the firms (players)1 to independently decide whether to “participate in CYBEX and share” or not; (ii) the CYBEX framework to utilize the participation cost dynamically as incentive (to attract firms toward self-enforced sharing) and as a charge (to increase revenue). We analyze the game from an evolutionary game-theoretic strategy and determine the conditions under which the players' self-enforced evolutionary stability can be achieved. We present a distributed learning heuristic to attain the evolutionary stable strategy (ESS) under various conditions. We also show how CYBEX can wisely vary its pricing for participation to increase sharing as well as its own revenue, eventually evolving toward a win-win situation.

Keywords: evolutionary computation; game theory; security of data; CYBEX framework; ESS; academia; collaborative effort; combat cyber attacks; cyber crimes; cyber threat information sharing; cybersecurity information exchange; evolutionary game theoretic framework; evolutionary game theoretic strategy; evolutionary stable strategy; federal institutions; military agencies; self-enforced evolutionary stability; spanning industry; Computer security; Games; Information management; Investment; Sociology; Statistics; CYBEX; Cybersecurity; Evolutionary Game Theory; Incentive Model; Information Sharing (ID#: 16-11092)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7249499&isnumber=7248285

 

S. Salimi, E. A. Jorswieck, M. Skoglund and P. Papadimitratos, “Key Agreement over an Interference Channel with Noiseless Feedback: Achievable Region & Distributed Allocation,” Communications and Network Security (CNS), 2015 IEEE Conference on, Florence, 2015, pp. 59-64. doi: 10.1109/CNS.2015.7346811

Abstract: Secret key establishment leveraging the physical layer as a source of common randomness has been investigated in a range of settings. We investigate the problem of establishing, in an information-theoretic sense, a secret key between a user and a base-station (BS) (more generally, part of a wireless infrastructure), but for two such user-BS pairs attempting the key establishment simultaneously. The challenge in this novel setting lies in that a user can eavesdrop another BS-user communications. It is thus paramount to ensure the two keys are established with no leakage to the other user, in spite the interference across neighboring cells. We model the system with BS-user communication through an interference channel and user-BS communication through a public channel. We find the region including achievable secret key rates for the general case that the interference channel (IC) is discrete and memoryless. Our results are examined for a Gaussian IC. In this setup, we investigate the performance of different transmission schemes for power allocation. The chosen transmission scheme by each BS essentially affects the secret key rate of the other BS-user. Assuming base stations are trustworthy but that they seek to maximize the corresponding secret key rate, a game-theoretic setting arises to analyze the interaction between the base stations. We model our key agreement scenario in normal form for different power allocation schemes to understand performance without cooperation. Numerical simulations illustrate the inefficiency of the Nash equilibrium outcome and motivate further research on cooperative or coordinated schemes.

Keywords: Gaussian channels; channel allocation; game theory; private key cryptography; radiofrequency interference; wireless channels; BS-user communication; Gaussian IC; Nash equilibrium; Noiseless Feedback; base station; game theoretic; interference channel allocation; key agreement; power allocation; public channel; secret key establishment; Base stations; Downlink; Interference channels; Resource management; Security; Yttrium (ID#: 16-11093)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7346811&isnumber=7346791

 

W. Tong and S. Zhong, “Resource Allocation in Pollution Attack and Defense: A Game-Theoretic Perspective,” Communications (ICC), 2015 IEEE International Conference on, London, 2015, pp. 3057-3062. doi: 10.1109/ICC.2015.7248793

Abstract: Pollution attacks can cause severe damages in network coding systems. Many approaches have been proposed to defend against pollution attacks. However, the current approaches implicitly assume that the defender has adequate resources to defend against pollution attacks. When the resources of the defender are limited, they provide no information for the defender to allocate the resources to get better defense performance. In this paper, we consider the case that the defender's resources are limited and study how the defender allocates resources to defend against pollution attacks. We first propose a two-player strategic game to model the interactions between the defender and the attacker. Then, two algorithms are proposed to find the best response strategy for the defender. Finally, we conducted extensive simulations to evaluate the proposed algorithms. The results demonstrate that our algorithms can significantly improve the utility of the defender, with reasonable computation time.

Keywords: game theory; network coding; radiocommunication; resource allocation; telecommunication security; defender resources; network coding systems; pollution attack; two-player strategic game; Games; Pollution (ID#: 16-11094)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7248793&isnumber=7248285

 

Bing Wang, Wenjing Lou and Y. T. Hou, “Modeling the Side-Channel Attacks in Data Deduplication with Game Theory,” Communications and Network Security (CNS), 2015 IEEE Conference on, Florence, 2015, pp. 200-208. doi: 10.1109/CNS.2015.7346829

Abstract: The cross-user data deduplication improves disk space efficiency of cloud storage by keeping only one copy of same files among all service users. As a result, the cloud storage service is able to offer a considerable amount of storage at an attractive price. Therefore, people begin to use cloud storage such as Dropbox and Google Drive not only as data backup but also as their primary storage for everyday usage. However, the cross-user data deduplication also rises data privacy concerns. A side-channel attack called “confirmation-of-a-file” and its variant “learn-the-remaining-information” breach the user data privacy through observing the deduplication operation of the cloud storage server. These attacks allow malicious users to pinpoint specific files if they exist in the cloud. The existing solutions sacrifice either the network bandwidth efficiency or the storage efficiency to defend the side-channel attacks without analyzing the defensive cost from the standpoint of cloud storage providers. Because profit is the key factor that motivates cloud service providers, the question that how to defend the side-channel attacks efficiently in terms of cost is not only important but also practical. However, this question remains unanswered. In this paper, we try to address this problem using game theory. We model the interaction between the attacker and the defender, i.e., the cloud storage server, using a game-theoretic framework. Our framework captures underlying complexity of the side-channel attack problem under several practical assumptions. We prove there exists a unique solution of the problem, i.e., a mixed-strategy Nash equilibrium. Our simulation results show the efficiency of our scheme.

Keywords: cloud computing; cryptography; data privacy; game theory; storage management; cloud service providers; cloud storage; data deduplication; side-channel attacks; Cloud computing; Data privacy; Encryption; Game theory; Servers (ID#: 16-11095)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7346829&isnumber=7346791

 

W. Lausenhammer, D. Engel and R. Green, “A Game Theoretic Software Framework for Optimizing Demand Response,” Innovative Smart Grid Technologies Conference (ISGT), 2015 IEEE Power & Energy Society, Washington, DC, 2015, pp. 1-5. doi: 10.1109/ISGT.2015.7131861

Abstract: Demand response (DR) is a crucial and necessary aspect of the smart grid, particularly when considering the optimization of both, power consumption and generation. While many benefits of DR are currently under study, an issue of particular concern is optimizing end-users' power consumption profiles at various levels. This study proposes a fundamental, game theoretic software framework for DR simulation that is capable of investigating the effect of optimizing multiple electric appliances by utilizing game theoretic algorithms. Initial results show that by shifting the switch-on time of three household appliances provides a savings of up to 6%.

Keywords: domestic appliances; game theory; power consumption; smart power grids; DR simulation; demand response optimization; electric household appliance; game theoretic software framework; power generation; smart grid; Game theory; Games; Home appliances; Load management; Load modeling; Schedules; Smart grids (ID#: 16-11096)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7131861&isnumber=7131775

 

T. -W. Chiang and J.- H. R. Jiang, “Property-Directed Synthesis of Reactive Systems from Safety Specifications,” Computer-Aided Design (ICCAD), 2015 IEEE/ACM International Conference on, Austin, TX, 2015, pp. 794-801. doi: 10.1109/ICCAD.2015.7372652

Abstract: Reactive system synthesis from safety specifications is a promising approach to the correct-by-construction methodology. The synthesis process is often divided into two separate steps: First, check specification realizability by computing the winning region of states under a game-theoretic interpretation; second, synthesize the implementation circuit based on the computed winning region if the specification is realizable. Moreover, recent results suggest that methods based on satisfiability (SAT) solving outperform those based on Binary Decision Diagrams (BDDs) especially on large benchmark instances. In this paper, we focus on the the winning region computation and propose a SAT-based algorithm. By adopting the concepts from the state-of-the-art model checking algorithm property directed reachability (PDR, a.k.a. IC3), we aim at devising an efficient computation method for automatic controller synthesis. Experimental results on the benchmarks from the synthesis competition (SyntComp 2014) show that our proposed algorithm outperforms the existing SAT-based and QBF-based methods by some margin.

Keywords: binary decision diagrams; computability; formal specification; game theory; security of data; QBF-based methods; SAT-based algorithm; correct-by-construction methodology; game-theoretic interpretation; model checking algorithm; property directed reachability; property-directed synthesis; reactive system synthesis; reactive systems; safety specifications; satisfiability; Arrays; Benchmark testing; Boolean functions; Games; Input variables; Safety (ID#: 16-11097)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7372652&isnumber=7372533

 

A. Ashok and M. Govindarasu, “Cyber-Physical Risk Modeling and Mitigation for the Smart Grid Using A Game-Theoretic Approach,” Innovative Smart Grid Technologies Conference (ISGT), 2015 IEEE Power & Energy Society, Washington, DC, 2015, pp. 1-5. doi: 10.1109/ISGT.2015.7131842

Abstract: Traditional probabilistic risk assessment approaches do not capture 'threats' in the risk modeling. In this paper, we propose a game-theoretic approach for cyber-physical risk modeling and mitigation that allows modeling of 'threats' by including attacker behavior, and can be adapted for dynamic attack scenarios. We also introduce a cyber-physical cost modeling framework that captures attacker actions in the cyber layer, attack impacts on the physical layer, and defender actions both in cyber and physical layer. We provide some insights into the benefits of applying game theory for cyber-physical risk modeling and mitigation through a simple, intuitive case study on a 3-bus power system. Finally, we identify some practical challenges and limitations for applying game theory to large systems and conclude the paper with some directions for future work.

Keywords: power engineering computing; power system security; risk analysis; smart power grids; Cyber-physical risk modeling; cyber-physical cost modeling; dynamic attack; game theoretic approach; physical layer; power system; probabilistic risk assessment approach; smart grid; Game theory; Games; Mathematical model; Physical layer; Security; Smart grids (ID#: 16-11098)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7131842&isnumber=7131775

 

F. Farhidi and K. Madani, “A Game Theoretic Analysis of the Conflict over Iran's Nuclear Program,” Systems, Man, and Cybernetics (SMC), 2015 IEEE International Conference on, Kowloon, 2015, pp. 617-622. doi: 10.1109/SMC.2015.118

Abstract: Investigation of the contradictory aspects of modern diplomacy is essential to a valid understanding of the working of the political system. Among these aspects, uncertainty infuses the norms of response to the conflicts. Iran's nuclear program is an example, which has intensified a lot of clashes in the region. Here, we develop a stylized strategic model to address the process of conflict resolution in the current negotiation. Reaching an agreement has been challenging due to the conflict of interests of the players in this game. While the Western countries are worried about Iran's nuclear program, and the potential problems that can be incremented in the region, Iran claims that it is a peaceful program that pursues no threats to its neighbors. The proposed game theory model tries to verify and rationalize the announced framework agreement in negotiation to identify the potential agreement options between Iran and P5+1 countries.

Keywords: game theory; nuclear explosions; politics; weapons; Iran nuclear program; P5+1 countries; Western countries; conflict resolution process; game theoretic analysis; game theory model; political system; stylized strategic model; Analytical models; Economics; Energy resolution; Game theory; Games; Mathematical model; Security; Conflict resolution; Game theory; International politics; Iran; Nuclear program (ID#: 16-11099)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7379250&isnumber=7379111

 

N. Kitajima, N. Yanai, T. Nishide, G. Hanaoka and E. Okamoto, “Constructions of Fail-Stop Signatures for Multi-Signer Setting,” Information Security (AsiaJCIS), 2015 10th Asia Joint Conference on, Kaohsiung, 2015, pp. 112-123. doi: 10.1109/AsiaJCIS.2015.26

Abstract: Fail-stop signatures (FSS) provide the security for a signer against a computationally unbounded adversary by enabling the signer to provide a proof of forgery. Conventional FSS schemes are for a single-signer setting, but in the real world, there is a case where a countersignature of multiple signers (e.g. A signature between a bank, a user, and a consumer) is required. In this work, we propose a framework of FSS capturing a multi-signer setting and call the primitive fail-stop multisignatures (FSMS). We propose a generic construction of FSMS via the bundling homomorphisms proposed by Pfitzmann and then propose a provably secure instantiation of the FSMS scheme from the factoring assumption. Our proposed schemes can be also extended to fail-stop aggregate signatures (FSAS).

Keywords: digital signatures; FSAS; FSMS scheme; bundling homomorphisms; fail-stop aggregate signatures; generic construction; multisigner setting; primitive fail-stop multisignatures; proof of forgery; single-signer setting; Adaptation models; Computational modeling; Forgery; Frequency selective surfaces; Games; Public key; Fail-stop multisignatures; Fail-stop signatures; Family of bundling homomorphisms; Information-theoretic security (ID#: 16-11100)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7153945&isnumber=7153836

 

B. Fang, Z. Qian, W. Shao, W. Zhong and T. Yin, “Game-Theoretic Precoding for Cooperative MIMO SWIPT Systems with Secrecy Consideration,” 2015 IEEE Global Communications Conference (GLOBECOM), San Diego, CA, 2015, pp. 1-5. doi: 10.1109/GLOCOM.2015.7417614

Abstract: In this paper, we study the secrecy precoding problem for simultaneous wireless information and power transfer (SWIPT) in a multiple-input multiple-output (MIMO) relay network. The problem is formulated as a noncooperative game, where the network utility, defined as the nonnegative sum of the achievable secrecy rate and the harvested energy, is regarded as the common payoff, and the source and the relay are assumed as two rational game players. The formulated game is proven to be a potential game, which always processes at least one pure-strategy Nash equilibrium (NE), and the optimal transmit strategy profile that maximizes the network utility also constitutes a pure-strategy NE of it. Since the best-response problems of the proposed game constitute difference convex (DC)-type programming problems, we solve them by employing a successive convex approximation (SCA) method. With the SCA method, the two best-response problems can be iteratively solved through successive convex programming of their convexified versions. Then, based on the best-response dynamic, a distributed precoding algorithm is developed to obtain a feasible NE solution the proposed game. Numerical simulations are further provided to demonstrate it. Results show that our algorithm can converge fast to a near-optimal solution with guaranteed convergence.

Keywords: MIMO communication; approximation theory; convex programming cooperative communication; game theory; precoding; telecommunication security; DC-type programming problem; NE; SCA method; cooperative MIMO SWIPT system; distributed precoding algorithm; game constitute difference convex-type programming problem; game theoretic precoding; multiple input multiple output relay network; noncooperative game; pure-strategy Nash equilibrium; secrecy consideration; simultaneous wireless information and power transfer; successive convex approximation method; successive convex programming; Erbium; Games; Heuristic algorithms; MIMO; Relays; Security (ID#: 16-11101)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7417614&isnumber=7416057

 

S. D. Bopardikar, A. Speranzon and C. Langbort, “Trusted Computation with an Adversarial Cloud,” American Control Conference (ACC), 2015, Chicago, IL, 2015, pp. 2445-2452. doi: 10.1109/ACC.2015.7171099

Abstract: We consider the problem of computation in a cloud environment where either the data or the computation may be corrupted by an adversary. We assume that a small fraction of the data is stored locally at a client during the upload process to the cloud and that this data is trustworthy. We formulate the problem within a game theoretic framework where the client needs to decide an optimal fusion strategy using both non-trusted information from the cloud and local trusted data, given that the adversary on the cloud is trying to deceive the client by biasing the output to a different value/set of values. We adopt an Iterated Best Response (IBR) scheme for each player to update its action based on the opponent's announced computation. At each iteration, the cloud reveals its output to the client, who then computes the best response as a linear combination of its private local estimate and of the untrusted cloud output. We characterize equilibrium conditions for both the scalar and vector cases of the computed value of interest. Necessary and sufficient conditions for convergence for the IBR are derived and insightful geometric interpretations of such conditions is discussed for the vector case. Numerical results are presented showing the convergence conditions are relatively tight.

Keywords: cloud computing; game theory; geometry; iterative methods; optimisation; security of data; trusted computing; vectors; IBR scheme; adversarial cloud computing; game theoretic framework; geometric interpretation; iterated best response; optimal fusion strategy; trusted computation; vector case; Algorithm design and analysis; Convergence; Cost function; Games; Protocols; Random variables; Security; Adversarial Machine Learning; Equilibrium; Game theory; Trusted Computation (ID#: 16-11102)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7171099&isnumber=7170700

 

B. Kasiri, I. Lambadaris, F. R. Yu and H. Tang, “Privacy-Preserving Distributed Cooperative Spectrum Sensing in Multi-Channel Cognitive Radio MANETs,” Communications (ICC), 2015 IEEE International Conference on, London, 2015, pp. 7316-7321. doi: 10.1109/ICC.2015.7249495

Abstract: Location privacy preservation in multi-channel cognitive radio mobile ad hoc networks (CR-MANETs) is a challenging issue, where the network does not rely on a trusted central entity to impose privacy-preserving protocols. Furthermore, even though the multi-channel CR-MANETs have numerous advantages, utilization of multiple channels degrades the location privacy, by disclosing more information about CRs. In this paper, location privacy is studied for cooperative spectrum sensing (CSS) in multi-channel CR-MANETs.We first quantify the location privacy. Then, we propose a new privacy-preserving distributed cooperative spectrum sensing scheme for multi-channel CR-MANETs. We design a new anonymization method based on random manipulation of the exchanged signal-to-noise ratio (SNR). Afterwards, a coalitional game-theoretic distributed channel assignment is proposed to maximize location privacy and sensing performance over each channel in the network. Simulation results show that the proposed scheme can enhance sensing performance and location privacy over multiple channels.

Keywords: channel allocation; cooperative communication; data privacy; game theory; mobile ad hoc networks; signal detection; telecommunication security; MANET; coalitional game theory; distributed channel assignment; distributed cooperative spectrum sensing; location privacy preservation; multichannel cognitive radio; privacy preserving spectrum sensing; signal-to-noise ratio random manipulation; Bismuth; Channel allocation; Games; Information systems; Privacy; Sensors; Signal to noise ratio; Privacy preservation; cognitive radio; spectrum sensing (ID#: 16-11103)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7249495&isnumber=7248285

 

R. Zhang and Q. Zhu, “Secure and Resilient Distributed Machine Learning Under Adversarial Environments,” Information Fusion (Fusion), 2015 18th International Conference on, Washington, DC, 2015, pp. 644-651. doi: (not provided)

Abstract: With a large number of sensors and control units in networked systems, the decentralized computing algorithms play a key role in scalable and efficient data processing for detection and estimation. The well-known algorithms are vulnerable to adversaries who can modify and generate data to deceive the system to misclassify or misestimate the information from the distributed data processing. This work aims to develop secure, resilient and distributed machine learning algorithms under adversarial environment. We establish a game-theoretic framework to capture the conflicting interests between the adversary and a set of distributed data processing units. The Nash equilibrium of the game allows predicting the outcome of learning algorithms in adversarial environment, and enhancing the resilience of the machine learning through dynamic distributed learning algorithms. We use Spambase Dataset to illustrate and corroborate our results.

Keywords: distributed processing; game theory; learning (artificial intelligence); sensors; Nash equilibrium; Spambase Dataset; adversarial environments; decentralized computing algorithms; distributed data processing units; distributed machine learning algorithms; dynamic distributed learning algorithm; game-theoretic framework; information misclassification; information misestimation; networked systems; sensors; Games; Heuristic algorithms; Machine learning algorithms; Security; Training; Training data (ID#: 16-11104)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7266621&isnumber=7266535

 

Chenguang Zhang and Zeqing Yao, “A Game Theoretic Model of Targeting in Cyberspace,” Estimation, Detection and Information Fusion (ICEDIF), 2015 International Conference on, Harbin, 2015, pp. 335-339. doi: 10.1109/ICEDIF.2015.7280218

Abstract: Targeting is the fundamental work in cyberspace operational plan. This paper investigates the basic tradeoffs and decision processes involved in cyber targeting and proposes a simple game theoretic model for cyberspace targeting to support operational plan. Then an optimal targeting strategy decision algorithm applying the game theoretic model is developed. The key component of this game theoretic model is its ability to predict equilibrium. The paper ends up with an example on showing how the game theoretic model supports targeting decision-making, which demonstrates the simplicity and effectiveness of this decision-making model.

Keywords: Internet; decision making; game theory; security of data; cyber targeting; cyberspace operational plan; cyberspace targeting; decision process; decision-making; game theoretic model; optimal targeting strategy decision algorithm; Analytical models; Biology; Cyberspace; Decision making; Games; Lead; Terrorism; cyberspace; targeting; zero-sum games (ID#: 16-11105)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7280218&isnumber=7280146

 

L. Xu, C. Jiang, J. Wang, Y. Ren, J. Yuan and M. Guizani, “Game Theoretic Data Privacy Preservation: Equilibrium and Pricing,” Communications (ICC), 2015 IEEE International Conference on, London, 2015, pp. 7071-7076. doi: 10.1109/ICC.2015.7249454

Abstract: Privacy issues arising in the process of collecting, publishing and mining individuals' personal data have attracted much attention in recent years. In this paper, we consider a scenario where a data collector collects data from data providers and then publish the data to a data user. To protect data providers' privacy, the data collector performs anonymization on the data. Anonymization usually causes a decline of data utility on which the data user's profit depends, meanwhile, data providers' would provide more data if anonymity is strongly guaranteed. How to make a trade-off between privacy protection and data utility is an important question for data collector. In this paper we model the interactions among data providers/collector/user as a game, and propose a general approach to find the Nash equilibriums of the game. To elaborate the analysis, we also present a specific game formulation which takes k-anonymity as the anonymization method. Simulation results show that the game theoretical analysis can help the data collector to deal with the privacy-utility trade-off.

Keywords: data privacy; game theory; Nash equilibriums; anonymization method; data utility; game theoretic data privacy preservation; privacy issues; Data models; Data privacy; Games; Information systems; Nash equilibrium; Security; data anonymization; privacy preserving (ID#: 16-11106)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7249454&isnumber=7248285

 

D. Niyato, P. Wang, D. I. Kim, Z. Han and L. Xiao, “Game Theoretic Modeling of Jamming Attack in Wireless Powered Communication Networks,” Communications (ICC), 2015 IEEE International Conference on, London, 2015, pp. 6018-6023. doi: 10.1109/ICC.2015.7249281

Abstract: In wireless powered networks, a user can make a request and use the wireless energy transferred from an energy source for its data transmission. However, due to broadcast nature of wireless energy transfer (e.g., RF energy), a malicious node (i.e., an attacker) can also intercept the energy and use it to perform an attack by jamming the data transmission of the user. We consider such a jamming attack where the user and attacker are aware of each other. We formulate a game theoretic model to analyze the energy request and data transmission policy of the user and the attack policy of the attacker when the user and the attacker both want to maximize their own rewards. We use an iterative algorithm designed based on the best response dynamics to obtain the solution defined in terms of the constrained Nash equilibrium. The numerical results show not only the convergence of the proposed algorithm, but also the optimal reward of the user under different energy cost constraints.

Keywords: game theory; inductive power transmission; iterative methods; jamming; telecommunication power management; telecommunication security; attack policy; constrained Nash equilibrium; data transmission policy; energy request; game theoretic modeling; iterative algorithm; jamming attack; malicious node; wireless energy transfer; wireless powered communication networks; Communication system security; Data communication; Energy states; Energy storage; Games; Jamming; Wireless communication; Wireless powered communication networks; constrained stochastic game; wireless jamming (ID#: 16-11107)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7249281&isnumber=7248285

 

B. Rashidi and C. Fung, “A Game-Theoretic Model for Defending Against Malicious Users in RecDroid,” Integrated Network Management (IM), 2015 IFIP/IEEE International Symposium on, Ottawa, ON, 2015, pp. 1339-1344. doi: 10.1109/INM.2015.7140492

Abstract: RecDroid is a smartphone permission response recommendation system which utilizes the responses from expert users in the network to help inexperienced users. However, in such system, malicious users can mislead the recommendation system by providing untruthful responses. Although detection system can be deployed to detect the malicious users, and exclude them from recommendation system, there are still undetected malicious users that may cause damage to RecDroid. Therefore, relying on environment knowledge to detect the malicious users is not sufficient. In this work, we present a game-theoretic model to analyze the interaction (request/response) between RecDroid users and RecDroid system using a static Bayesian game formulation. In the game RecDroid system chooses the best response strategy to minimize its loss from malicious users. We analyze the game model and explain the Nash equilibrium in a static scenario under different conditions. Through the static game model we discuss the strategy that RecDroid can adopt to disincentivize attackers in the system, so that attackers are discouraged to perform malicious users attack. Finally, we discuss several game parameters and their impact on players' outcome.

Keywords: game theory; recommender systems; smart phones; user interfaces; RecDroid; game-theoretic model; malicious users; smartphone permission response recommendation system; Analytical models; Bayes methods; Conferences; Games; Mobile communication; Nash equilibrium; Security (ID#: 16-11108)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7140492&isnumber=7140257

 

C. Kamhoua, A. Martin, D. K. Tosh, K. A. Kwiat, C. Heitzenrater and S. Sengupta, “Cyber-Threats Information Sharing in Cloud Computing: A Game Theoretic Approach,” Cyber Security and Cloud Computing (CSCloud), 2015 IEEE 2nd International Conference on, New York, NY, 2015, pp. 382-389. doi: 10.1109/CSCloud.2015.80

Abstract: Cybersecurity is among the highest priorities in industries, academia and governments. Cyber-threats information sharing among different organizations has the potential to maximize vulnerabilities discovery at a minimum cost. Cyber-threats information sharing has several advantages. First, it diminishes the chance that an attacker exploits the same vulnerability to launch multiple attacks in different organizations. Second, it reduces the likelihood an attacker can compromise an organization and collect data that will help him launch an attack on other organizations. Cyberspace has numerous interconnections and critical infrastructure owners are dependent on each other's service. This well-known problem of cyber interdependency is aggravated in a public cloud computing platform. The collaborative effort of organizations in developing a countermeasure for a cyber-breach reduces each firm's cost of investment in cyber defense. Despite its multiple advantages, there are costs and risks associated with cyber-threats information sharing. When a firm shares its vulnerabilities with others there is a risk that these vulnerabilities are leaked to the public (or to attackers) resulting in loss of reputation, market share and revenue. Therefore, in this strategic environment the firms committed to share cyber-threats information might not truthfully share information due to their own self-interests. Moreover, some firms acting selfishly may rationally limit their cybersecurity investment and rely on information shared by others to protect themselves. This can result in under investment in cybersecurity if all participants adopt the same strategy. This paper will use game theory to investigate when multiple self-interested firms can invest in vulnerability discovery and share their cyber-threat information. We will apply our algorithm to a public cloud computing platform as one of the fastest growing segments of the cyberspace.

Keywords: cloud computing; data protection; game theory; security of data; cyber defense; cyber interdependency; cyber-breach; cyber-threat information; cyber-threat information sharing; cybersecurity investment; cyberspace; data collection; firm investment cost reduction; firm protection; game theoretic approach; public cloud computing platform; strategic environment; vulnerability discovery maximization; Cloud computing; Computer security; Games; Information management; Organizations; Virtual machine monitors; cybersecurity; game theory; information sharing (ID#: 16-11109)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7371511&isnumber=7371418

 

Ting-Hsuan Wu, Mei-Ju Shih and Hung-Yu Wei, “Tiered Licensed-Assisted Access with Paid Prioritization: A Game Theoretic Approach for Unlicensed LTE,” Heterogeneous Networking for Quality, Reliability, Security and Robustness (QSHINE), 2015 11th International Conference on, Taipei, 2015, pp. 346-351. doi: (not provided)

Abstract: The network congestion is caused by the rapidly growing data traffic and the limited wireless radio resources. In addition to the licensed spectrum, the access to unlicensed spectrum (e.g., LAA) brings hope for the service provider (SP) to mitigate the deficiency of radio resources. The premium peering deal with the content providers (CPs) can be an approach to efficiently allocate the scarce radio resources to the CPs with higher traffic load and QoS requirement. This work contributes to a content premium pricing framework for one SP and several CPs, where the SP possesses both LTE and LAA. Through the four-stage Stackelberg game, job market signaling game and second price auction, we derive the optimal bandwidth demand of each CP, the optimal amounts of licensed bandwidth and unlicensed bandwidth required by the SP, the premium access fee and basic access fee. Analysis shows that the CPs and the SP all benefit from the premium access deal. Furthermore, there is a tradeoff between improvement and variability of the SP's profit when introducing LAA.

Keywords: Long Term Evolution; game theory; quality of service; telecommunication traffic; CP; QoS requirement; SP; basic access fee; content providers; data traffic; game theoretic approach; licensed spectrum; network congestion; optimal bandwidth demand; paid prioritization; premium access; radio resources; service provider; tiered licensed assisted access; traffic load; unlicensed LTE; wireless radio resources; Barium; Chlorine; Games; Indium tin oxide; Reliability; Signal to noise ratio (ID#: 16-11110)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7332593&isnumber=7332527

 

Z. Xu and Q. Zhu, “A Cyber-Physical Game Framework for Secure and Resilient Multi-Agent Autonomous Systems,” 2015 54th IEEE Conference on Decision and Control (CDC), Osaka, 2015, pp. 5156-5161. doi: 10.1109/CDC.2015.7403026

Abstract: The increasing integration of autonomous systems with publicly available networks exposes them to cyber attackers. An adversary can launch a man-in-the-middle attack to gain control of the system and inflict maximum damages with collision and suicidal attacks. To address this issue, this work establishes an integrative game and control framework to incorporate security into the automatic designs, and take into account the cyber-physical nature and the real-time requirements of the system. We establish a cyber-physical signaling game to develop an impact-aware cyber defense mechanism and leverage model-predictive control methods to design cyber-aware control strategies. The integrative framework enables the co-design of cyber-physical systems to minimize the inflicted systems, leading to online updating the cyber defense and physical layer control decisions. We use unmanned aerial vehicles (UAVs) to illustrate the algorithm, and corroborate the analytical results in two case studies.

Keywords: autonomous aerial vehicles; game theory; multi-agent systems; predictive control; UAV; autonomous systems; cyber-aware control strategies; cyber-physical game framework; impact-aware cyber defense mechanism; integrated game-theoretic framework; integrative game and control framework; man-in-the-middle attack; model-predictive control methods; multi-agent autonomous systems; suicidal attacks; unmanned aerial vehicles; Control systems; Games; Physical layer; Predictive control; Real-time systems; Receivers; Security (ID#: 16-11111)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7403026&isnumber=7402066

 

L. Maghrabi and E. Pfluegel, “Moving Assets to the Cloud: A Game Theoretic Approach Based on Trust,” Cyber Situational Awareness, Data Analytics and Assessment (CyberSA), 2015 International Conference on, London, 2015, pp. 1-5. doi: 10.1109/CyberSA.2015.7166120

Abstract: Increasingly, organisations and individuals are relying on external parties to store, maintain and protect their critical assets. The use of public clouds is commonly considered advantageous in terms of flexibility, scalability and cost effectiveness. On the other hand, the security aspects are complex and many resulting challenges remain unresolved. In particular, one cannot rule out the existence of internal attacks carried out by a malicious cloud provider. In this paper, we use game theory in order to aid assessing the risk involved in moving critical assets of an IT system to a public cloud. Adopting a user perspective, we model benefits and costs that arise due to attacks on the user's asset, exploiting vulnerabilities on either the user's system or the cloud. A novel aspect of our approach is the use of the trust that the user may have in the cloud provider as an explicit parameter T in the model. For some specific values of T, we show the existence of a pure Nash equilibrium and compute a mixed equilibrium corresponding to an example scenario.

Keywords: cloud computing; critical infrastructures; data protection; game theory; trusted computing; IT system; Nash equilibrium; critical asset protection; Cloud computing; Computational modeling; Games; Nash equilibrium; Risk management; Security (ID#: 16-11112)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7166120&isnumber=7166109

 

---

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.

---