Game-Theoretic Approach to Feedback-Driven Multi-stage Moving Target Defense

The static nature of computer networks allows malicious attackers to easily gather useful information about the network using network scanning and packet sniffing. The employment of secure perimeter firewalls and intrusion detection systems cannot fully protect the network from sophisticated attacks. As an alternative to the expensive and imperfect detection of attacks, it is possible to improve network security by manipulating the attack surface of the network in order to create a moving target defense. In this paper, we introduce a proactive defense scheme that dynamically alters the attack surface of the network to make it difficult for attackers to gather system information by increasing complexity and reducing its signatures. We use concepts from systems and control literature to design an optimal and efficient multi-stage defense mechanism based on a feedback information structure. The change of attack surface involves a reconfiguration cost and a utility gain resulting from risk reduction. We use information- and control-theoretic tools to provide closed-form optimal randomization strategies. The results are corroborated by a case study and several numerical examples.

[1]  Jörgen W. Weibull,et al.  Evolutionary Game Theory , 1995 .

[2]  Sushil Jajodia,et al.  Moving Target Defense II: Application of Game Theory and Adversarial Modeling , 2012 .

[3]  V. Borkar Stochastic Approximation: A Dynamical Systems Viewpoint , 2008 .

[4]  Sushil Jajodia,et al.  Moving Target Defense - Creating Asymmetric Uncertainty for Cyber Threats , 2011, Moving Target Defense.

[5]  Quanyan Zhu,et al.  A hierarchical security architecture for smart grid , 2010 .

[6]  J. McNamara,et al.  Evolutionary game theory , 2010 .

[7]  Ronald L. Rivest,et al.  Defending against the Unknown Enemy: Applying FlipIt to System Security , 2012, GameSec.

[8]  John S. Baras,et al.  Decision and Game Theory for Security , 2010, Lecture Notes in Computer Science.

[9]  Sushil Jajodia,et al.  Moving Target Defense II , 2013, Advances in Information Security.

[10]  Frank L. Lewis,et al.  Reinforcement Learning and Approximate Dynamic Programming for Feedback Control , 2012 .

[11]  Mark Fabro,et al.  Control Systems Cyber Security: Defense-in-Depth Strategies , 2006 .

[12]  Jeannette M. Wing,et al.  An Attack Surface Metric , 2011, IEEE Transactions on Software Engineering.

[13]  Quanyan Zhu,et al.  Distributed strategic learning with application to network security , 2011, Proceedings of the 2011 American Control Conference.

[14]  Quanyan Zhu,et al.  Dynamic policy-based IDS configuration , 2009, Proceedings of the 48h IEEE Conference on Decision and Control (CDC) held jointly with 2009 28th Chinese Control Conference.

[15]  Quanyan Zhu,et al.  Hybrid Learning in Stochastic Games and Its Application in Network Security , 2013 .

[16]  Quanyan Zhu,et al.  Game theory meets network security and privacy , 2013, CSUR.

[17]  T. Başar,et al.  Dynamic Noncooperative Game Theory, 2nd Edition , 1998 .

[18]  Quanyan Zhu,et al.  Deceptive Routing in Relay Networks , 2012, GameSec.

[19]  Indrajit Ray,et al.  Dynamic Security Risk Management Using Bayesian Attack Graphs , 2012, IEEE Transactions on Dependable and Secure Computing.

[20]  T. Başar,et al.  Dynamic Noncooperative Game Theory , 1982 .

[21]  Angelos D. Keromytis,et al.  Countering code-injection attacks with instruction-set randomization , 2003, CCS '03.

[22]  Quanyan Zhu,et al.  An impact-aware defense against Stuxnet , 2013, 2013 American Control Conference.

[23]  William H. Sandholm Excess payoff dynamics and other well-behaved evolutionary dynamics , 2005, J. Econ. Theory.

[24]  Michael E. Locasto,et al.  Software Diversity: Security, Entropy and Game Theory , 2012, HotSec.

[25]  Chen-Ching Liu,et al.  Vulnerability Assessment of Cybersecurity for SCADA Systems Using Attack Trees , 2007, 2007 IEEE Power Engineering Society General Meeting.

[26]  Gene F. Franklin,et al.  Feedback Control of Dynamic Systems , 1986 .

[27]  D. Fudenberg,et al.  The Theory of Learning in Games , 1998 .

[28]  Quanyan Zhu,et al.  Deceptive routing games , 2012, 2012 IEEE 51st IEEE Conference on Decision and Control (CDC).

[29]  Quanyan Zhu,et al.  Heterogeneous learning in zero-sum stochastic games with incomplete information , 2010, 49th IEEE Conference on Decision and Control (CDC).