Physical Intrusion Games—Optimizing Surveillance by Simulation and Game Theory

The protection of cyber-physical networks is a topic of increasing importance. The evolution of IT (cyber) systems that control and supervise the underlying physical system has grown over decades, whereas security has not become a concern until quite recently. Advanced persistent threats (APTs) have proven to be a difficult but significant challenge for practitioners. This paper adopts a game-theoretic modeling of APTs and applies it to the (sub) problem of physical intrusion in an infrastructure. The gap between defining a good theoretical model and practically instantiating it is considered in particular. The model description serves to illustrate what is needed to put it into practice. The main contribution of this paper is the demonstration of how simulation, physical understanding of an infrastructure, and theoretical methods can be combined toward a practical solution to the physical intrusion avoidance problem. Numerical results are given to show how the physical intrusion game is being set up, and how the results obtained from its analysis can be interpreted and used for an optimized defense.

[1]  Panganamala Ramana Kumar,et al.  Cyber–Physical Systems: A Perspective at the Centennial , 2012, Proceedings of the IEEE.

[2]  Quanyan Zhu,et al.  A moving-horizon hybrid stochastic game for secure control of cyber-physical systems , 2014, 53rd IEEE Conference on Decision and Control.

[3]  Sushil Jajodia,et al.  Moving Target Defense II: Application of Game Theory and Adversarial Modeling , 2012 .

[4]  Insup Lee,et al.  Cyber-physical systems: The next computing revolution , 2010, Design Automation Conference.

[5]  William L. Simon,et al.  The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders & Deceivers , 2005 .

[6]  Quanyan Zhu,et al.  Secure routing in smart grids , 2011 .

[7]  Quanyan Zhu,et al.  Robust and resilient control design for cyber-physical systems with an application to power systems , 2011, IEEE Conference on Decision and Control and European Control Conference.

[8]  Quanyan Zhu,et al.  GADAPT: A Sequential Game-Theoretic Framework for Designing Defense-in-Depth Strategies Against Advanced Persistent Threats , 2016, GameSec.

[9]  Quanyan Zhu,et al.  Cross-layer secure cyber-physical control system design for networked 3D printers , 2016, 2016 American Control Conference (ACC).

[10]  Peng Ning,et al.  False data injection attacks against state estimation in electric power grids , 2011, TSEC.

[11]  Quanyan Zhu,et al.  Game theory meets network security and privacy , 2013, CSUR.

[12]  Oguzhan Alagöz,et al.  Modeling secrecy and deception in a multiple-period attacker-defender signaling game , 2010, Eur. J. Oper. Res..

[13]  Quanyan Zhu,et al.  A dynamic game-theoretic approach to resilient control system design for cascading failures , 2012, HiCoNS '12.

[14]  Christopher Leckie,et al.  A survey of coordinated attacks and collaborative intrusion detection , 2010, Comput. Secur..

[15]  Quanyan Zhu,et al.  Game-Theoretic Methods for Robustness, Security, and Resilience of Cyberphysical Control Systems: Games-in-Games Principle for Optimal Cross-Layer Resilient Control Systems , 2015, IEEE Control Systems.

[16]  Sushil Jajodia,et al.  CARDS: A Distributed System for Detecting Coordinated Attacks , 2000, SEC.

[17]  Ping Chen,et al.  A Study on Advanced Persistent Threats , 2014, Communications and Multimedia Security.

[18]  Quanyan Zhu,et al.  Dynamic policy-based IDS configuration , 2009, Proceedings of the 48h IEEE Conference on Decision and Control (CDC) held jointly with 2009 28th Chinese Control Conference.

[19]  Quanyan Zhu,et al.  Flip the Cloud: Cyber-Physical Signaling Games in the Presence of Advanced Persistent Threats , 2015, GameSec.

[20]  Siddharth Sridhar,et al.  Cyber–Physical System Security for the Electric Power Grid , 2012, Proceedings of the IEEE.

[21]  David Murakami Wood,et al.  The Growth of CCTV: a global perspective on the international diffusion of video surveillance in publicly accessible space , 2002 .

[22]  Oded Goldreich,et al.  Foundations of Cryptography: Volume 1, Basic Tools , 2001 .

[23]  Quanyan Zhu,et al.  Towards a unifying security framework for cyber-physical systems , 2011 .

[24]  Ying Zhu,et al.  Graphical passwords: a survey , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).

[25]  Quanyan Zhu,et al.  Network Security Configurations: A Nonzero-Sum Stochastic Game Approach , 2010, Proceedings of the 2010 American Control Conference.

[26]  Quanyan Zhu,et al.  Optimal Contract Design Under Asymmetric Information for Cloud-Enabled Internet of Controlled Things , 2016, GameSec.

[27]  Ronald L. Rivest,et al.  FlipIt: The Game of “Stealthy Takeover” , 2012, Journal of Cryptology.

[28]  T. Zourntos,et al.  A smart grid vulnerability analysis framework for coordinated variable structure switching attacks , 2012, 2012 IEEE Power and Energy Society General Meeting.