Detection and Mitigation of Attacks on Transportation Networks as a Multi-Stage Security Game

In recent years, state-of-the-art traffic-control devices have evolved from standalone hardware to networked smart devices. Smart traffic control enables operators to decrease traffic congestion and environmental impact by acquiring real-time traffic data and changing traffic signals from fixed to adaptive schedules. However, these capabilities have inadvertently exposed traffic control to a wide range of cyber-attacks, which adversaries can easily mount through wireless networks or even through the Internet. Indeed, recent studies have found that a large number of traffic signals that are deployed in practice suffer from exploitable vulnerabilities, which adversaries may use to take control of the devices. Thanks to the hardware-based failsafes that most devices employ, adversaries cannot cause traffic accidents directly by setting compromised signals to dangerous configurations. Nonetheless, an adversary could cause disastrous traffic congestion by changing the schedule of compromised traffic signals, thereby effectively crippling the transportation network. To provide theoretical foundations for the protection of transportation networks from these attacks, we introduce a game-theoretic model of launching, detecting, and mitigating attacks that tamper with traffic-signal schedules. We show that finding optimal strategies is a computationally challenging problem, and we propose efficient heuristic algorithms for finding near optimal strategies. We also introduce a Gaussian-process based anomaly detector, which can alert operators to ongoing attacks. Finally, we evaluate our algorithms and the proposed detector using numerical experiments based on the SUMO traffic simulator.

[1]  Saurabh Amin,et al.  Vulnerability of Transportation Networks to Traffic-Signal Tampering , 2016, 2016 ACM/IEEE 7th International Conference on Cyber-Physical Systems (ICCPS).

[2]  Ying Sun,et al.  Gaussian Processes for Short-Term Traffic Volume Forecasting , 2010 .

[3]  John K Kruschke,et al.  Bayesian data analysis. , 2010, Wiley interdisciplinary reviews. Cognitive science.

[4]  Carlos F. Daganzo,et al.  THE CELL TRANSMISSION MODEL.. , 1993 .

[5]  Michael G.H. Bell,et al.  A game theory approach to measuring the performance reliability of transport networks , 2000 .

[6]  Iain B. Collings,et al.  Location-aware cooperative spectrum sensing via Gaussian Processes , 2012, 2012 Australian Communications Theory Workshop (AusCTW).

[7]  Daniel Krajzewicz,et al.  SUMO - Simulation of Urban MObility An Overview , 2011 .

[8]  Yevgeniy Vorobeychik,et al.  Optimal Personalized Filtering Against Spear-Phishing Attacks , 2015, AAAI.

[9]  Quanyan Zhu,et al.  Indices of Power in Optimal IDS Default Configuration: Theory and Examples , 2011, GameSec.

[10]  Ling Shi,et al.  Jamming Attacks on Remote State Estimation in Cyber-Physical Systems: A Game-Theoretic Approach , 2015, IEEE Transactions on Automatic Control.

[11]  Gábor Horváth,et al.  FlipThem: Modeling Targeted Attacks with FlipIt for Multiple Resources , 2014, GameSec.

[12]  Russell Bent,et al.  Cyber-Physical Security: A Game Theory Model of Humans Interacting Over Control Systems , 2013, IEEE Transactions on Smart Grid.

[13]  Quanyan Zhu,et al.  Game-Theoretic Methods for Robustness, Security, and Resilience of Cyberphysical Control Systems: Games-in-Games Principle for Optimal Cross-Layer Resilient Control Systems , 2015, IEEE Control Systems.

[14]  S. Shankar Sastry,et al.  Optimal thresholds for intrusion detection systems , 2016, HotSoS.

[15]  Daniel Krajzewicz,et al.  SUMO (Simulation of Urban MObility) - an open-source traffic simulation , 2002 .

[16]  E. Jenelius Large-scale road network vulnerability analysis , 2010 .

[17]  Erik Jenelius,et al.  Road network vulnerability analysis of area-covering disruptions: A grid-based approach with case study , 2012 .

[18]  Anthony C. Davison,et al.  Spatial modeling of extreme snow depth , 2011, 1111.7091.

[19]  Ronald L. Rivest,et al.  FlipIt: The Game of “Stealthy Takeover” , 2012, Journal of Cryptology.

[20]  Gaurav S. Sukhatme,et al.  Decentralized Data Fusion and Active Sensing with Mobile Sensors for Modeling and Predicting Spatiotemporal Traffic Phenomena , 2012, UAI.

[21]  Alexandre M. Bayen,et al.  On Cybersecurity of Freeway Control Systems: Analysis of Coordinated Ramp Metering Attacks , 2015 .

[22]  M G H Bell,et al.  Attacker–defender models and road network vulnerability , 2008, Philosophical Transactions of the Royal Society A: Mathematical, Physical and Engineering Sciences.

[23]  Kun Yang,et al.  A Random Road Network Model and Its Effects on Topological Characteristics of Mobile Delay-Tolerant Networks , 2014, IEEE Transactions on Mobile Computing.

[24]  Kun Yang,et al.  A Random Road Network Model for Mobility Modeling in Mobile Delay-Tolerant Networks , 2012, 2012 8th International Conference on Mobile Ad-hoc and Sensor Networks (MSN).

[25]  Athanasios K. Ziliaskopoulos,et al.  A Linear Programming Model for the Single Destination System Optimum Dynamic Traffic Assignment Problem , 2000, Transp. Sci..

[26]  Carl E. Rasmussen,et al.  Gaussian processes for machine learning , 2005, Adaptive computation and machine learning.

[27]  Quanyan Zhu,et al.  Flip the Cloud: Cyber-Physical Signaling Games in the Presence of Advanced Persistent Threats , 2015, GameSec.

[28]  T. Basar,et al.  A game theoretic approach to decision and analysis in network intrusion detection , 2003, 42nd IEEE International Conference on Decision and Control (IEEE Cat. No.03CH37475).

[29]  J. Alex Halderman,et al.  Green Lights Forever: Analyzing the Security of Traffic Infrastructure , 2014, WOOT.

[30]  Darren M. Scott,et al.  Identifying Critical Road Segments and Measuring System-Wide Robustness in Transportation Networks with Isolating Links: A Link-Based Capacity-Reduction Approach , 2010 .

[31]  Bo An,et al.  Optimizing Personalized Email Filtering Thresholds to Mitigate Sequential Spear Phishing Attacks , 2016, AAAI.

[32]  C. Daganzo THE CELL TRANSMISSION MODEL.. , 1994 .

[33]  Saurabh Amin,et al.  Security of Transportation Networks: Modeling Attacker-Defender Interaction , 2018, ArXiv.

[34]  Bo An,et al.  An Initial Study on Personalized Filtering Thresholds in Defending Sequential Spear Phishing Attacks , 2015 .

[35]  Feng Gao,et al.  Sparse online warped Gaussian process for wind power probabilistic forecasting , 2013 .

[36]  Darren M. Scott,et al.  Network Robustness Index : a new method for identifying critical links and evaluating the performance of transportation networks , 2006 .

[37]  John Musacchio,et al.  Computing the Nash Equilibria of Intruder Classification Games , 2012, GameSec.

[38]  Tansu Alpcan,et al.  Security Games for Vehicular Networks , 2008, IEEE Transactions on Mobile Computing.

[39]  Saurabh Amin,et al.  Securing Infrastructure Facilities: When Does Proactive Defense Help? , 2018, Dyn. Games Appl..

[40]  Carlos F. Daganzo,et al.  THE CELL TRANSMISSION MODEL, PART II: NETWORK TRAFFIC , 1995 .

[41]  T. Basar,et al.  A game theoretic analysis of intrusion detection in access control systems , 2004, 2004 43rd IEEE Conference on Decision and Control (CDC) (IEEE Cat. No.04CH37601).

[42]  Yevgeniy Vorobeychik,et al.  Towards High-Resolution Multi-Stage Security Games , 2019 .

[43]  Tomás Pevný,et al.  Randomized Operating Point Selection in Adversarial Classification , 2014, ECML/PKDD.

[44]  Naif Alajlan,et al.  Improved Estimation of Water Chlorophyll Concentration With Semisupervised Gaussian Process Regression , 2012, IEEE Transactions on Geoscience and Remote Sensing.