A Dynamic Game Approach to Strategic Design of Secure and Resilient Infrastructure Network

Infrastructure networks are vulnerable to both cyber and physical attacks. Building a secure and resilient networked system is essential for providing reliable and dependable services. To this end, we establish a two-player three-stage game framework to capture the dynamics in the infrastructure protection and recovery phases. Specifically, the goal of the infrastructure network designer is to keep the network connected before and after the attack, while the adversary aims to disconnect the network by compromising a set of links. With costs for creating and removing links, the two players aim to maximize their utilities while minimizing the costs. In this paper, we use the concept of subgame perfect equilibrium (SPE) to characterize the optimal strategies of the network defender and attacker. We derive the SPE explicitly in terms of system parameters. We further investigate the resilience planning of the defender and the strategic timing of attack of the adversary. Finally, we use case studies of UAV-enabled communication networks for disaster recovery to corroborate the obtained analytical results.

[1]  Enrico Zio,et al.  Resilience-Based Component Importance Measures for Critical Infrastructure Network Systems , 2016, IEEE Transactions on Reliability.

[2]  Athanasios V. Vasilakos,et al.  Differential Game-Based Strategies for Preventing Malware Propagation in Wireless Sensor Networks , 2014, IEEE Transactions on Information Forensics and Security.

[3]  A. Robert Calderbank,et al.  The Effect of Eavesdroppers on Network Connectivity: A Secrecy Graph Approach , 2011, IEEE Transactions on Information Forensics and Security.

[4]  Tansu Alpcan,et al.  Network Security , 2010 .

[5]  D. Newth,et al.  Optimizing complex networks for resilience against cascading failure , 2007 .

[6]  S. Goyal,et al.  Attack, Defence, and Contagion in Networks , 2014 .

[7]  Mohammed Saeed Al-kahtani,et al.  Survey on security attacks in Vehicular Ad hoc Networks (VANETs) , 2012, 2012 6th International Conference on Signal Processing and Communication Systems.

[8]  Wei Li,et al.  Cascading Failures in Interdependent Lattice Networks: The Critical Role of the Length of Dependency Links , 2012, Physical review letters.

[9]  Quanyan Zhu,et al.  A Dynamic Game Analysis and Design of Infrastructure Network Protection and Recovery: 125 , 2017, PERV.

[10]  Quanyan Zhu,et al.  Resilient and decentralized control of multi-level cooperative mobile networks to maintain connectivity under adversarial environment , 2015, 2016 IEEE 55th Conference on Decision and Control (CDC).

[11]  Jie Li,et al.  Resilience of Routing in Parallel Link Networks , 2016, GameSec.

[12]  Massimo Marchiori,et al.  Model for cascading failures in complex networks. , 2004, Physical review. E, Statistical, nonlinear, and soft matter physics.

[13]  Gerald G. Brown,et al.  Defending Critical Infrastructure , 2006, Interfaces.

[14]  F. Harary THE MAXIMUM CONNECTIVITY OF A GRAPH. , 1962, Proceedings of the National Academy of Sciences of the United States of America.

[15]  Quanyan Zhu,et al.  Hybrid Learning in Stochastic Games and Its Application in Network Security , 2013 .

[16]  Quanyan Zhu,et al.  A Large-Scale Markov Game Approach to Dynamic Protection of Interdependent Infrastructure Networks , 2017, GameSec.

[17]  Quanyan Zhu,et al.  iSTRICT: An Interdependent Strategic Trust Mechanism for the Cloud-Enabled Internet of Controlled Things , 2018, IEEE Transactions on Information Forensics and Security.

[18]  Quanyan Zhu,et al.  Heterogeneous Multi-Layer Adversarial Network Design for the IoT-Enabled Infrastructures , 2017, GLOBECOM 2017 - 2017 IEEE Global Communications Conference.

[19]  Liang Zhang,et al.  Attack vulnerability of scale-free networks due to cascading failures , 2008 .

[20]  Walid Saad,et al.  Colonel Blotto Game for Secure State Estimation in Interdependent Critical Infrastructure , 2017, ArXiv.

[21]  Jun Zhao,et al.  On Resilience and Connectivity of Secure Wireless Sensor Networks Under Node Capture Attacks , 2017, IEEE Transactions on Information Forensics and Security.

[22]  Corinne Touati,et al.  Optimal Design and Defense of Networks Under Link Attacks , 2017 .

[23]  Marcin Dziubinski,et al.  Network Design and Defence , 2012, Games Econ. Behav..

[24]  Quanyan Zhu,et al.  Interdependent Strategic Security Risk Management With Bounded Rationality in the Internet of Things , 2019, IEEE Transactions on Information Forensics and Security.

[25]  Zhu Han,et al.  Joint Relay and Jammer Selection for Secure Two-Way Relay Networks , 2012, IEEE Trans. Inf. Forensics Secur..

[26]  Quanyan Zhu,et al.  Interdependent network formation games with an application to critical infrastructures , 2016, 2016 American Control Conference (ACC).

[27]  Quanyan Zhu,et al.  Optimal Secure Two-Layer IoT Network Design , 2017, IEEE Transactions on Control of Network Systems.

[28]  Quanyan Zhu,et al.  A dynamic game-theoretic approach to resilient control system design for cascading failures , 2012, HiCoNS '12.

[29]  G. Manimaran,et al.  Cybersecurity for Critical Infrastructures: Attack and Defense Modeling , 2010, IEEE Transactions on Systems, Man, and Cybernetics - Part A: Systems and Humans.

[30]  T. Lewis Critical Infrastructure Protection in Homeland Security: Defending a Networked Nation , 2006 .

[31]  Kenneth A. Loparo,et al.  Cascading Failure Attacks in the Power System: A Stochastic Game Perspective , 2017, IEEE Internet of Things Journal.

[32]  Sanjeev Goyal,et al.  A Noncooperative Model of Network Formation , 2000 .

[33]  Norman Biggs Algebraic Graph Theory: The tree-number , 1974 .

[34]  Quanyan Zhu,et al.  Deceptive Routing in Relay Networks , 2012, GameSec.

[35]  Quanyan Zhu,et al.  Game-Theoretic Methods for Robustness, Security, and Resilience of Cyberphysical Control Systems: Games-in-Games Principle for Optimal Cross-Layer Resilient Control Systems , 2015, IEEE Control Systems.

[36]  Srikanth V. Krishnamurthy,et al.  Denial of Service Attacks in Wireless Networks: The Case of Jammers , 2011, IEEE Communications Surveys & Tutorials.

[37]  Quanyan Zhu,et al.  Security as a Service for Cloud-Enabled Internet of Controlled Things Under Advanced Persistent Threats: A Contract Design Approach , 2017, IEEE Transactions on Information Forensics and Security.

[38]  Quanyan Zhu,et al.  Robust and resilient control design for cyber-physical systems with an application to power systems , 2011, IEEE Conference on Decision and Control and European Control Conference.

[39]  Leonardo Dueñas-Osorio,et al.  Cascading failures in complex infrastructure systems , 2009 .

[40]  Gurkan Tuna,et al.  Unmanned aerial vehicle-aided communications system for disaster recovery , 2014, J. Netw. Comput. Appl..

[41]  Bernhard Plattner,et al.  Network resilience: a systematic approach , 2011, IEEE Communications Magazine.