Strategic Trust in Cloud-Enabled Cyber-Physical Systems With an Application to Glucose Control

Advances in computation, sensing, and networking have led to interest in the Internet of Things (IoT) and cyber-physical systems (CPS). Developments concerning the IoT and CPS will improve critical infrastructure, vehicle networks, and personal health products. Unfortunately, these systems are vulnerable to attack. Advanced persistent threats (APTs) are a class of long-term attacks in which well-resourced adversaries infiltrate a network and use obfuscation to remain undetected. In a CPS under APTs, each device must decide whether to trust other components that may be compromised. In this paper, we propose a concept of trust (strategic trust) that uses game theory to capture the adversarial and strategic nature of CPS security. Specifically, we model an interaction between the administrator of a cloud service, an attacker, and a device that decides whether to trust signals from the vulnerable cloud. Our framework consists of a simultaneous signaling game and the FlipIt game. The equilibrium outcome in the signaling game determines the incentives in the FlipIt game. In turn, the equilibrium outcome in the FlipIt game determines the prior probabilities in the signaling game. The Gestalt Nash equilibrium (GNE) characterizes the steady state of the overall macro-game. The novel contributions of this paper include proofs of the existence, uniqueness, and stability of the GNE. We also apply GNEs to strategically design a trust mechanism for a cloud-assisted insulin pump. Without requiring the use of historical data, the GNE obtains a risk threshold beyond which the pump should not trust messages from the cloud. Our framework contributes to a modeling paradigm called games-of-games.

[1]  Quanyan Zhu,et al.  Optimal Contract Design Under Asymmetric Information for Cloud-Enabled Internet of Controlled Things , 2016, GameSec.

[2]  Aesha Drozdowski,et al.  Standards of medical care in diabetes. , 2004, Diabetes care.

[3]  J. Initiative SP 800-39. Managing Information Security Risk: Organization, Mission, and Information System View , 2011 .

[4]  Peng Ning,et al.  False data injection attacks against state estimation in electric power grids , 2011, TSEC.

[5]  Marimuthu Palaniswami,et al.  An Information Framework for Creating a Smart City Through Internet of Things , 2014, IEEE Internet of Things Journal.

[6]  Radha Poovendran,et al.  AMOEBA: Robust Location Privacy Scheme for VANET , 2007, IEEE Journal on Selected Areas in Communications.

[7]  Helen Gill,et al.  Cyber-Physical Systems , 2019, 2019 IEEE International Conference on Mechatronics (ICM).

[8]  Stephanie Stuck,et al.  Eric M. Uslaner: The moral foundations of trust , 2004 .

[9]  Ronald L. Rivest,et al.  FlipIt: The Game of “Stealthy Takeover” , 2012, Journal of Cryptology.

[10]  B. J. Fogg,et al.  The elements of computer credibility , 1999, CHI '99.

[11]  Quanyan Zhu,et al.  Flip the Cloud: Cyber-Physical Signaling Games in the Presence of Advanced Persistent Threats , 2015, GameSec.

[12]  E. Kraegen,et al.  Insulin responses to varying profiles of subcutaneous insulin infusion: kinetic modelling studies , 1984, Diabetologia.

[13]  MS Ibbini,et al.  A semiclosed-loop optimal control system for blood glucose level in diabetics , 2004, Journal of medical engineering & technology.

[14]  Quanyan Zhu,et al.  Deception by Design: Evidence-Based Signaling Games for Network Defense , 2015, WEIS.

[15]  Bo An,et al.  PROTECT: a deployed game theoretic system to protect the ports of the United States , 2012, AAMAS.

[16]  Tharam S. Dillon,et al.  Cloud Computing: Issues and Challenges , 2010, 2010 24th IEEE International Conference on Advanced Information Networking and Applications.

[17]  Jonathan M. Spring,et al.  Cyber Security via Signaling Games: Toward a Science of Cyber Security , 2014, ICDCIT.

[18]  H. Vincent Poor,et al.  Cloud Storage Defense Against Advanced Persistent Threats: A Prospect Theoretic Study , 2017, IEEE Journal on Selected Areas in Communications.

[19]  Ariel Rubinstein,et al.  A Course in Game Theory , 1995 .

[20]  David M. Kreps,et al.  Signaling Games and Stable Equilibria , 1987 .

[21]  Ben Shneiderman,et al.  Designing trust into online experiences , 2000, CACM.

[22]  Sarvapali D. Ramchurn,et al.  Trust in multi-agent systems , 2004, The Knowledge Engineering Review.

[23]  Quanyan Zhu,et al.  Cross-layer secure cyber-physical control system design for networked 3D printers , 2016, 2016 American Control Conference (ACC).

[24]  T. Basar,et al.  A game theoretic approach to decision and analysis in network intrusion detection , 2003, 42nd IEEE International Conference on Decision and Control (IEEE Cat. No.03CH37475).

[25]  J. Nash Equilibrium Points in N-Person Games. , 1950, Proceedings of the National Academy of Sciences of the United States of America.

[26]  R. Bergman,et al.  Physiologic evaluation of factors controlling glucose tolerance in man: measurement of insulin sensitivity and beta-cell glucose sensitivity from the response to intravenous glucose. , 1981, The Journal of clinical investigation.

[27]  Melanie Swan,et al.  Sensor Mania! The Internet of Things, Wearable Computing, Objective Metrics, and the Quantified Self 2.0 , 2012, J. Sens. Actuator Networks.

[28]  Colin Tankard,et al.  Advanced Persistent threats and how to monitor and deter them , 2011, Netw. Secur..

[29]  M. Hoagland,et al.  Feedback Systems An Introduction for Scientists and Engineers SECOND EDITION , 2015 .

[30]  Tamer Basar,et al.  With the Capacity 0.461(bits) and the Optimal Opd Being 'q = , 1998 .

[31]  Ping Chen,et al.  A Study on Advanced Persistent Threats , 2014, Communications and Multimedia Security.

[32]  F. Wolf Standards of Medical Care in Diabetes—2014 , 2013, Diabetes Care.

[33]  Sarit Kraus,et al.  Deployed ARMOR protection: the application of a game theoretic model for security at the Los Angeles International Airport , 2008, AAMAS 2008.

[34]  S. Kakutani A generalization of Brouwer’s fixed point theorem , 1941 .

[35]  Antonio Iera,et al.  The Internet of Things: A survey , 2010, Comput. Networks.

[36]  Leyla Bilge,et al.  Before we knew it: an empirical study of zero-day attacks in the real world , 2012, CCS.

[37]  Jie Zhang,et al.  A Multifaceted Approach to Modeling Agent Trust for Effective Communication in the Application of Mobile Ad Hoc Vehicular Networks , 2011, IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews).

[38]  Sangkyum Kim,et al.  Tru-Alarm: Trustworthiness Analysis of Sensor Networks in Cyber-Physical Systems , 2010, 2010 IEEE International Conference on Data Mining.

[39]  Ronald L. Rivest,et al.  Defending against the Unknown Enemy: Applying FlipIt to System Security , 2012, GameSec.

[40]  N. Clark,et al.  Standards of Medical Care in Diabetes: Response to Power , 2006 .

[41]  G V Gill,et al.  Impaired subcutaneous absorption of insulin in 'brittle' diabetics. , 1982, Acta endocrinologica.

[42]  Andrea Zanella,et al.  Padova Smart City: An urban Internet of Things experimentation , 2014, Proceeding of IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks 2014.

[43]  Rui Zhang,et al.  Secure and resilient distributed machine learning under adversarial environments , 2015, 2015 18th International Conference on Information Fusion (Fusion).

[44]  J. Shaw,et al.  Global estimates of diabetes prevalence for 2013 and projections for 2035. , 2014, Diabetes Research and Clinical Practice.