Proactive Defense Against Physical Denial of Service Attacks Using Poisson Signaling Games

While the Internet of things (IoT) promises to improve areas such as energy efficiency, health care, and transportation, it is highly vulnerable to cyberattacks. In particular, distributed denial-of-service (DDoS) attacks overload the bandwidth of a server. But many IoT devices form part of cyber-physical systems (CPS). Therefore, they can be used to launch "physical" denial-of-service attacks (PDoS) in which IoT devices overflow the "physical bandwidth" of a CPS. In this paper, we quantify the population-based risk to a group of IoT devices targeted by malware for a PDoS attack. In order to model the recruitment of bots, we develop a "Poisson signaling game," a signaling game with an unknown number of receivers, which have varying abilities to detect deception. Then we use a version of this game to analyze two mechanisms (legal and economic) to deter botnet recruitment. Equilibrium results indicate that 1) defenders can bound botnet activity, and 2) legislating a minimum level of security has only a limited effect, while incentivizing active defense can decrease botnet activity arbitrarily. This work provides a quantitative foundation for proactive PDoS defense.

[1]  Ray Bull,et al.  Increasing Cognitive Load to Facilitate Lie Detection: The Benefit of Recalling an Event in Reverse Order , 2008, Law and human behavior.

[2]  Hamed Mohsenian Rad,et al.  Distributed Internet-Based Load Altering Attacks Against Smart Power Grids , 2011, IEEE Transactions on Smart Grid.

[3]  R. Harrington Part II , 2004 .

[4]  R. Kirk CONVENTION: A PHILOSOPHICAL STUDY , 1970 .

[5]  Quanyan Zhu,et al.  Strategic Trust in Cloud-Enabled Cyber-Physical Systems With an Application to Glucose Control , 2017, IEEE Transactions on Information Forensics and Security.

[6]  Quanyan Zhu,et al.  Deception by Design: Evidence-Based Signaling Games for Network Defense , 2015, WEIS.

[7]  J. Sobel,et al.  STRATEGIC INFORMATION TRANSMISSION , 1982 .

[8]  Chase Qishi Wu,et al.  On modeling and simulation of game theory-based defense mechanisms against DoS and DDoS attacks , 2010, SpringSim.

[9]  Sandipan Mishra,et al.  17-2:Invited Paper: Advanced Sensing and Control in the Smart Conference Room at the Center for Lighting Enabled Systems and Applications , 2016 .

[10]  Quanyan Zhu,et al.  Epidemic Protection Over Heterogeneous Networks Using Evolutionary Poisson Games , 2017, IEEE Transactions on Information Forensics and Security.

[11]  Roger B. Myerson,et al.  Population uncertainty and Poisson games , 1998, Int. J. Game Theory.

[12]  Hamed Mohsenian Rad,et al.  Dynamic load altering attacks in smart grid , 2015, 2015 IEEE Power & Energy Society Innovative Smart Grid Technologies Conference (ISGT).

[13]  Quanyan Zhu,et al.  Flip the Cloud: Cyber-Physical Signaling Games in the Presence of Advanced Persistent Threats , 2015, GameSec.

[14]  Maurizio Tomasella,et al.  Vision and Challenges for Realising the Internet of Things , 2010 .

[15]  Frank L. Lewis,et al.  Applied Optimal Control and Estimation , 1992 .

[16]  Donald J. Hammerstrom,et al.  Pacific Northwest GridWise™ Testbed Demonstration Projects; Part II. Grid Friendly™ Appliance Project , 2007 .

[17]  Quanyan Zhu,et al.  A Game-Theoretic Analysis of Deception over Social Networks Using Fake Avatars , 2016, GameSec.

[18]  Murat Kantarcioglu,et al.  A Game-Theoretical Approach for Finding Optimal Strategies in a Botnet Defense Model , 2010, GameSec.

[19]  Roger B. Myerson,et al.  Large Poisson Games , 2000, J. Econ. Theory.

[20]  W. Marsden I and J , 2012 .