Towards an Iterated Game Model with Multiple Adversaries in Smart-World Systems †

Diverse and varied cyber-attacks challenge the operation of the smart-world system that is supported by Internet-of-Things (IoT) (smart cities, smart grid, smart transportation, etc.) and must be carefully and thoughtfully addressed before widespread adoption of the smart-world system can be fully realized. Although a number of research efforts have been devoted to defending against these threats, a majority of existing schemes focus on the development of a specific defensive strategy to deal with specific, often singular threats. In this paper, we address the issue of coalitional attacks, which can be launched by multiple adversaries cooperatively against the smart-world system such as smart cities. Particularly, we propose a game-theory based model to capture the interaction among multiple adversaries, and quantify the capacity of the defender based on the extended Iterated Public Goods Game (IPGG) model. In the formalized game model, in each round of the attack, a participant can either cooperate by participating in the coalitional attack, or defect by standing aside. In our work, we consider the generic defensive strategy that has a probability to detect the coalitional attack. When the coalitional attack is detected, all participating adversaries are penalized. The expected payoff of each participant is derived through the equalizer strategy that provides participants with competitive benefits. The multiple adversaries with the collusive strategy are also considered. Via a combination of theoretical analysis and experimentation, our results show that no matter which strategies the adversaries choose (random strategy, win-stay-lose-shift strategy, or even the adaptive equalizer strategy), our formalized game model is capable of enabling the defender to greatly reduce the maximum value of the expected average payoff to the adversaries via provisioning sufficient defensive resources, which is reflected by setting a proper penalty factor against the adversaries. In addition, we extend our game model and analyze the extortion strategy, which can enable one participant to obtain more payoff by extorting his/her opponents. The evaluation results show that the defender can combat this strategy by encouraging competition among the adversaries, and significantly suppress the total payoff of the adversaries via setting the proper penalty factor.

[1]  Jochem Marotzke,et al.  The collective-risk social dilemma and the prevention of simulated dangerous climate change , 2008, Proceedings of the National Academy of Sciences.

[2]  Xinyu Yang,et al.  Data integrity attacks against the distributed real-time pricing in the smart grid , 2016, 2016 IEEE 35th International Performance Computing and Communications Conference (IPCCC).

[3]  Ragib Hasan,et al.  Towards an Analysis of Security Issues, Challenges, and Open Problems in the Internet of Things , 2015, 2015 IEEE World Congress on Services.

[4]  Robert Green,et al.  Communication security in internet of thing: preventive measure and avoid DDoS attack over IoT network , 2015, SpringSim.

[5]  Quanyan Zhu,et al.  Dependable Demand Response Management in the Smart Grid: A Stackelberg Game Approach , 2013, IEEE Transactions on Smart Grid.

[6]  David K. Y. Yau,et al.  A game theoretic study of attack and defense in cyber-physical systems , 2011, 2011 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).

[7]  Sajal K. Das,et al.  Maintaining Defender's Reputation in Anomaly Detection Against Insider Attacks , 2010, IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics).

[8]  Peng Ning,et al.  Zero-determinant Strategies for Multi-player Multi-action Iterated Games , 2016, IEEE Signal Processing Letters.

[9]  Xinyu Yang,et al.  On Optimal PMU Placement-Based Defense Against Data Integrity Attacks in Smart Grid , 2017, IEEE Transactions on Information Forensics and Security.

[10]  Ilangko Balasingham,et al.  Risk-based adaptive security for smart IoT in eHealth , 2012, BODYNETS.

[11]  Xinyu Yang,et al.  On data integrity attacks against optimal power flow in power grid systems , 2017, 2017 14th IEEE Annual Consumer Communications & Networking Conference (CCNC).

[12]  Xinyu Yang,et al.  On false data injection attack against Multistep Electricity Price in electricity market in smart grid , 2013, 2013 IEEE Global Communications Conference (GLOBECOM).

[13]  Muhammad Waseem,et al.  A Critical Analysis on the Security Concerns of Internet of Things (IoT) , 2015 .

[14]  Jin-Li Guo,et al.  Zero-determinant strategies in iterated multi-strategy games , 2014, ArXiv.

[15]  Göran N Ericsson,et al.  Cyber Security and Power System Communication—Essential Parts of a Smart Grid Infrastructure , 2010, IEEE Transactions on Power Delivery.

[16]  Deepa Kundur,et al.  A Game-Theoretic Analysis of Cyber Switching Attacks and Mitigation in Smart Grid Systems , 2016, IEEE Transactions on Smart Grid.

[17]  Rong Zheng,et al.  Detecting Stealthy False Data Injection Using Machine Learning in Smart Grid , 2017, IEEE Systems Journal.

[18]  Zhu Han,et al.  Zero-Determinant Strategy for Resource Sharing in Wireless Cooperations , 2016, IEEE Transactions on Wireless Communications.

[19]  Stefan Rass,et al.  Decision and Game Theory for Security , 2017, Lecture Notes in Computer Science.

[20]  Levente Buttyán,et al.  A Survey of Interdependent Information Security Games , 2014, ACM Comput. Surv..

[21]  Wei Yu,et al.  On false data injection attacks against Kalman filtering in power system dynamic state estimation , 2016, Secur. Commun. Networks.

[22]  Xinyu Yang,et al.  On False Data Injection Attacks against Distributed Energy Routing in Smart Grid , 2012, 2012 IEEE/ACM Third International Conference on Cyber-Physical Systems.

[23]  W. Press,et al.  Iterated Prisoner’s Dilemma contains strategies that dominate any evolutionary opponent , 2012, Proceedings of the National Academy of Sciences.

[24]  Nada Golmie,et al.  NIST Framework and Roadmap for Smart Grid Interoperability Standards, Release 1.0 , 2010 .

[25]  Nan Zhang,et al.  On data integrity attacks against route guidance in transportation-based cyber-physical systems , 2017, 2017 14th IEEE Annual Consumer Communications & Networking Conference (CCNC).

[26]  Adi Shamir,et al.  Extended Functionality Attacks on IoT Devices: The Case of Smart Lights , 2016, 2016 IEEE European Symposium on Security and Privacy (EuroS&P).

[27]  Nada Golmie,et al.  NIST Framework and Roadmap for Smart Grid Interoperability Standards, Release 2.0 , 2012 .

[28]  Quanyan Zhu,et al.  Game theory meets network security and privacy , 2013, CSUR.

[29]  Dong Hao,et al.  Zero-determinant strategy: An underway revolution in game theory , 2014 .

[30]  George Kesidis,et al.  Zero-Determinant Strategies: A Game-Theoretic Approach for Sharing Licensed Spectrum Bands , 2014, IEEE Journal on Selected Areas in Communications.

[31]  Fei Hu,et al.  Combating False Data Injection Attacks in Smart Grid using Kalman Filter , 2014, 2014 International Conference on Computing, Networking and Communications (ICNC).

[32]  H. Vincent Poor,et al.  Mobile offloading game against smart attacks , 2016, 2016 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).

[33]  Yue Li,et al.  Design of a Key Establishment Protocol for Smart Home Energy Management System , 2013, 2013 Fifth International Conference on Computational Intelligence, Communication Systems and Networks.

[34]  Dong Hao,et al.  Zero-Determinant Strategies in Iterated Public Goods Game , 2014, Scientific Reports.

[35]  Xinyu Yang,et al.  A Real-Time En-Route Route Guidance Decision Scheme for Transportation-Based Cyberphysical Systems , 2017, IEEE Transactions on Vehicular Technology.

[36]  Xinyu Yang,et al.  A Game-Theoretic Model on Coalitional Attacks in Smart Grid , 2016, 2016 IEEE Trustcom/BigDataSE/ISPA.

[37]  Xinyu Yang,et al.  Defending against Energy Dispatching Data integrity attacks in smart grid , 2015, 2015 IEEE 34th International Performance Computing and Communications Conference (IPCCC).

[38]  Peng Ning,et al.  False data injection attacks against state estimation in electric power grids , 2009, CCS.

[39]  N. Christakis,et al.  Social Networks and Cooperation in Hunter-Gatherers , 2011, Nature.

[40]  Xinwen Fu,et al.  Self-Disciplinary Worms and Countermeasures: Modeling and Analysis , 2010, IEEE Transactions on Parallel and Distributed Systems.

[41]  Bart J. Wilson,et al.  Controlling market power and price spikes in electricity networks: Demand-side bidding , 2003, Proceedings of the National Academy of Sciences of the United States of America.

[42]  John A. Stankovic,et al.  Research Directions for the Internet of Things , 2014, IEEE Internet of Things Journal.

[43]  Sajal K. Das,et al.  gPath: A Game-Theoretic Path Selection Algorithm to Protect Tor's Anonymity , 2010, GameSec.

[44]  K. J. Ray Liu,et al.  Indirect Reciprocity Security Game for Large-Scale Wireless Networks , 2012, IEEE Transactions on Information Forensics and Security.

[45]  Bruno Sinopoli,et al.  Integrity Data Attacks in Power Market Operations , 2011, IEEE Transactions on Smart Grid.

[46]  Eizo Akiyama,et al.  Evolution of Cooperation, Differentiation, Complexity, and Diversity in an Iterated Three-Person Game , 1995, Artificial Life.

[47]  Grant Hernandez,et al.  Smart Nest Thermostat A Smart Spy in Your Home , 2014 .

[48]  Xinyu Yang,et al.  Toward a Gaussian-Mixture Model-Based Detection Scheme Against Data Integrity Attacks in the Smart Grid , 2017, IEEE Internet Things J..

[49]  Wei Yu,et al.  On False Data-Injection Attacks against Power System State Estimation: Modeling and Countermeasures , 2014, IEEE Transactions on Parallel and Distributed Systems.

[50]  Russell Bent,et al.  Cyber-Physical Security: A Game Theory Model of Humans Interacting Over Control Systems , 2013, IEEE Transactions on Smart Grid.

[51]  Roksana Boreli,et al.  Network-level security and privacy control for smart-home IoT devices , 2015, 2015 IEEE 11th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob).

[52]  Martin A. Nowak,et al.  Evolutionary performance of zero-determinant strategies in multiplayer games , 2015, Journal of theoretical biology.

[53]  Shouhuai Xu,et al.  Optimizing Active Cyber Defense , 2013, GameSec.

[54]  Andreas Jacobsson,et al.  A risk analysis of a smart home automation system , 2016, Future Gener. Comput. Syst..

[55]  Jiankun Hu,et al.  A Survey of Game Theoretic Approaches to Modelling Decision-Making in Information Warfare Scenarios , 2016, Future Internet.

[56]  Xinyu Yang,et al.  Towards Multistep Electricity Prices in Smart Grid Electricity Markets , 2016, IEEE Transactions on Parallel and Distributed Systems.

[57]  Heejo Lee,et al.  This article has been accepted for inclusion in a future issue of this journal. Content is final as presented, with the exception of pagination. INVITED PAPER Cyber–Physical Security of a Smart Grid Infrastructure , 2022 .

[58]  Xinyu Yang,et al.  Toward Data Integrity Attacks Against Optimal Power Flow in Smart Grid , 2017, IEEE Internet of Things Journal.

[59]  Vladimir Marbukh,et al.  A Game-Theoretic Framework for Network Security Vulnerability Assessment and Mitigation , 2012, GameSec.

[60]  Quanyan Zhu,et al.  A dynamic game-theoretic approach to resilient control system design for cascading failures , 2012, HiCoNS '12.

[61]  M. Nowak,et al.  A strategy of win-stay, lose-shift that outperforms tit-for-tat in the Prisoner's Dilemma game , 1993, Nature.

[62]  Xinyu Yang,et al.  A Survey on Internet of Things: Architecture, Enabling Technologies, Security and Privacy, and Applications , 2017, IEEE Internet of Things Journal.

[63]  Quanyan Zhu,et al.  Game-Theoretic Methods for Robustness, Security, and Resilience of Cyberphysical Control Systems: Games-in-Games Principle for Optimal Cross-Layer Resilient Control Systems , 2015, IEEE Control Systems.

[64]  Aditya Ashok,et al.  Cyber-physical risk modeling and mitigation for the smart grid using a game-theoretic approach , 2015, 2015 IEEE Power & Energy Society Innovative Smart Grid Technologies Conference (ISGT).

[65]  Walid Saad,et al.  Game-Theoretic Methods for the Smart Grid: An Overview of Microgrid Systems, Demand-Side Management, and Smart Grid Communications , 2012, IEEE Signal Processing Magazine.

[66]  Zhu Han,et al.  Bad Data Injection Attack and Defense in Electricity Market Using Game Theory Study , 2012, IEEE Transactions on Smart Grid.

[67]  G. Hardin,et al.  The Tragedy of the Commons , 1968, Green Planet Blues.

[68]  Nada Golmie,et al.  An integrated detection system against false data injection attacks in the Smart Grid , 2015, Secur. Commun. Networks.

[69]  Xinyu Yang,et al.  A Survey on the Edge Computing for the Internet of Things , 2018, IEEE Access.

[70]  Saurabh Amin,et al.  In quest of benchmarking security risks to cyber-physical systems , 2013, IEEE Network.

[71]  Edmond Jonckheere,et al.  Statistical structure learning of smart grid for detection of false data injection , 2013, 2013 IEEE Power & Energy Society General Meeting.