论文信息 - Defense-in-Depth-Games

Defense-in-Depth-Games

In this chapter, we adopt a holistic cross-layer viewpoint towards a hierarchical structure of ICS and the attack models. The physical layer is comprised of devices, controllers and the plant whereas the cyber layer consists of routers, protocols, and security agents and manager. The physical layer controllers are often designed to be robust, adaptive, and reliable for physical disturbances or faults. With the possibility of malicious behavior from the network, it is also essential for us to design physical layer defense that take into account the disturbances and delay resulting from routing and network traffic as well as the unexpected failure of network devices due to cyber-attacks. On the other hand, the cyber security policies are often designed without consideration of control performances. To ensure the continuous operability of the control system, it is equally important for us to design security policies that provide maximum level of security enhancement but minimum level of system overhead on the networked system. The physical and cyber aspects of control systems should be viewed holistically for analysis and design.

Quanyan Zhu | Stefan Rass | Sandra König | Stefan Schauer

[1] William L. Simon,et al. The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders & Deceivers , 2005 .

[2] Stefan Rass,et al. Cut-The-Rope: A Game of Stealthy Intrusion , 2019, GameSec.

[3] Mark Fabro,et al. Control Systems Cyber Security: Defense-in-Depth Strategies , 2006 .

[4] Tony Q. S. Quek,et al. A game theoretic model for enabling honeypots in IoT networks , 2016, 2016 IEEE International Conference on Communications (ICC).

[5] Ping Chen,et al. A Study on Advanced Persistent Threats , 2014, Communications and Multimedia Security.

[6] Oded Goldreich,et al. Foundations of Cryptography: Volume 1, Basic Tools , 2001 .

[7] Quanyan Zhu,et al. Physical Intrusion Games—Optimizing Surveillance by Simulation and Game Theory , 2017, IEEE Access.

[8] Quanyan Zhu,et al. GADAPT: A Sequential Game-Theoretic Framework for Designing Defense-in-Depth Strategies Against Advanced Persistent Threats , 2016, GameSec.

[9] Stefan Rass,et al. Honeypot Type Selection Games for Smart Grid Networks , 2019, GameSec.

[10] Quanyan Zhu,et al. Analysis and Computation of Adaptive Defense Strategies Against Advanced Persistent Threats for Cyber-Physical Systems , 2018, GameSec.