On Multi-Phase and Multi-Stage Game-Theoretic Modeling of Advanced Persistent Threats

Advanced persistent threats (APT) are considered as a significant security threat today. Despite their diversity in nature and details, a common skeleton and sequence of phases can be identified that these attacks follow (in similar ways), which admits a game-theoretic description and analysis. This paper describes a general framework that divides a general APT into three major temporal phases, and fits an individual game model to each phase, connecting the games at the transition points between the phases (similarly to “milestones” accomplished during the launch of an APT). The theoretical description is derived from a running example. The benefit of this game-theoretic perspective is at least threefold, as it 1) helps to systematize the threat and respective mitigation actions (by turning them into pure strategies for the gameplay); 2) provides optimized actions for defense and attack, where the latter can be taken as a (non-unique) indication of neuralgic points; and 3) provides quantitative measures of resilience against an APT, in terms that can be defined freely by a security officer. We illustrate this approach with a numerical example.

[1]  Quanyan Zhu,et al.  An impact-aware defense against Stuxnet , 2013, 2013 American Control Conference.

[2]  Levente Buttyán,et al.  The Cousins of Stuxnet: Duqu, Flame, and Gauss , 2012, Future Internet.

[3]  Ronald L. Rivest,et al.  FlipIt: The Game of “Stealthy Takeover” , 2012, Journal of Cryptology.

[4]  D. Fudenberg,et al.  The Theory of Learning in Games , 1998 .

[5]  Quanyan Zhu,et al.  Resilient Distributed Control of Multi-agent Cyber-Physical Systems , 2013, CPSW@CISS.

[6]  Quanyan Zhu,et al.  Robust and resilient control design for cyber-physical systems with an application to power systems , 2011, IEEE Conference on Decision and Control and European Control Conference.

[7]  Michael J. Assante,et al.  The Industrial Control System Cyber Kill Chain , 2016 .

[8]  Bo An,et al.  Optimizing Personalized Email Filtering Thresholds to Mitigate Sequential Spear Phishing Attacks , 2016, AAAI.

[9]  Siddharth Sridhar,et al.  Cyber–Physical System Security for the Electric Power Grid , 2012, Proceedings of the IEEE.

[10]  Quanyan Zhu,et al.  Hybrid Learning in Stochastic Games and Its Application in Network Security , 2013 .

[11]  Kate Munro,et al.  Deconstructing Flame: the limitations of traditional defences , 2012 .

[12]  Quanyan Zhu,et al.  Flip the Cloud: Cyber-Physical Signaling Games in the Presence of Advanced Persistent Threats , 2015, GameSec.

[13]  Quanyan Zhu,et al.  Game-Theoretic Methods for Robustness, Security, and Resilience of Cyberphysical Control Systems: Games-in-Games Principle for Optimal Cross-Layer Resilient Control Systems , 2015, IEEE Control Systems.

[14]  Narayan C. Debnath,et al.  Trust in Cyberspace: New Information Security Paradigm , 2013 .

[15]  Quanyan Zhu,et al.  Game theory meets network security and privacy , 2013, CSUR.

[16]  William L. Simon,et al.  The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders & Deceivers , 2005 .

[17]  D. Kushner,et al.  The real story of stuxnet , 2013, IEEE Spectrum.

[18]  Quanyan Zhu,et al.  Game-Theoretic Approach to Feedback-Driven Multi-stage Moving Target Defense , 2013, GameSec.

[19]  J. Robinson AN ITERATIVE METHOD OF SOLVING A GAME , 1951, Classics in Game Theory.

[20]  Rafal Rohozinski,et al.  Stuxnet and the Future of Cyber War , 2011 .

[21]  Colin Tankard,et al.  Advanced Persistent threats and how to monitor and deter them , 2011, Netw. Secur..

[22]  Quanyan Zhu,et al.  Secure and Resilient Control Design for Cloud Enabled Networked Control Systems , 2015, CPS-SPC '15.

[23]  Panganamala Ramana Kumar,et al.  Dynamic Watermarking: Active Defense of Networked Cyber–Physical Systems , 2016, Proceedings of the IEEE.