On effectiveness of game theoretic modeling and analysis against cyber threats for avionic systems

Cyber-attack defense requires network security situation awareness through distributed collaborative monitoring, detection, and mitigation. An issue of developing and demonstrating innovative and effective situational awareness techniques for avionics has increased in importance in the last decade. In this paper, we first conducted a game theoretical based modeling and analysis to study the interaction between an adversary and a defender. We then introduced the implementation of game-theoretic analysis on an Avionics Sensor-based Defense System (ASDS), which consists of distributed passive and active network sensors. A trade-off between defense and attack strategy was studied via existing tools for game theory (Gambit). To further enhance the defense and mitigate attacks, we designed and implemented a multi-functional web display to integrate the game theocratic analysis. Our simulation validates that the game theoretical modeling and analysis can help the Avionics Sensor-based Defense System (ASDS) adapt detection and response strategies to efficiently and dynamically deal with various cyber threats.

[1]  Christian Huitema,et al.  DNS Extensions to Support IP Version 6 , 2003, RFC.

[2]  Shiju Sathyadevan,et al.  BSnort IPS Better Snort Intrusion Detection / Prevention System , 2012, 2012 12th International Conference on Intelligent Systems Design and Applications (ISDA).

[3]  de VivoMarco,et al.  A review of port scanning techniques , 1999 .

[4]  Peter Hammerstein,et al.  Game theory and human evolution: a critique of some recent interpretations of experimental games. , 2006, Theoretical population biology.

[5]  Genshe Chen,et al.  Game Theoretic Solutions to Cyber Attack and Network Defense Problems , 2007 .

[6]  Min Wu,et al.  Do security toolbars actually prevent phishing attacks? , 2006, CHI.

[7]  T. Basar,et al.  A game theoretic analysis of intrusion detection in access control systems , 2004, 2004 43rd IEEE Conference on Decision and Control (CDC) (IEEE Cat. No.04CH37601).

[8]  Genshe Chen,et al.  On detection and visualization techniques for cyber security situation awareness , 2013, Defense, Security, and Sensing.

[9]  Zhentao Wang,et al.  Research and Design of Preprocessor Plugin Based on PCRE under Snort Platform , 2011, 2011 International Conference on Control, Automation and Systems Engineering (CASE).

[10]  Eloi Bosse,et al.  High-Level Information Fusion Management and System Design , 2012 .

[11]  Erik Blasch,et al.  Simulation study of unmanned aerial vehicle communication networks addressing bandwidth disruptions , 2014, Defense + Security Symposium.

[12]  Genshe Chen Information fusion and visualization of cyber-attack graphs , 2007 .

[13]  Marco de Vivo,et al.  A review of port scanning techniques , 1999, CCRV.

[14]  Erik Blasch,et al.  Towards an integrated defense system for cyber security situation awareness experiment , 2015, Defense + Security Symposium.

[15]  Genshe Chen,et al.  Analysis and visualization of large complex attack graphs for networks security , 2007, SPIE Defense + Commercial Sensing.

[16]  A. Roth The Evolution of the Labor Market for Medical Interns and Residents: A Case Study in Game Theory , 1984, Journal of Political Economy.

[17]  Jun Zhuang,et al.  Game Theory or Not Game Theory?- Hybrid Defense Resource Allocations , 2014 .

[18]  Guido Appenzeller,et al.  User-friendly access control for public network ports , 1999, IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).

[19]  Xinwen Fu,et al.  On effective localization attacks against Internet Threat monitors , 2013, 2013 IEEE International Conference on Communications (ICC).

[20]  Genshe Chen,et al.  Polarization tracking for quantum satellite communications , 2014, Defense + Security Symposium.

[21]  Wei Yu,et al.  A threat monitoring system for smart mobiles in enterprise networks , 2013, RACS.

[22]  Kang G. Shin,et al.  Detecting SYN flooding attacks , 2002, Proceedings.Twenty-First Annual Joint Conference of the IEEE Computer and Communications Societies.

[23]  Wang Huiqiang,et al.  Dynamic awareness of network security situation based on stochastic game theory , 2010, The 2nd International Conference on Software Engineering and Data Mining.

[24]  Pragya Goel,et al.  Normalized Microarrays for Analysis and Prediction (NMAP): An SOA Solution for Biomedical Research , 2010, BIOCOMP.

[25]  Jun Li,et al.  A network security assessment model based on attack-defense game theory , 2010, 2010 International Conference on Computer Application and System Modeling (ICCASM 2010).

[26]  Jose B. Cruz,et al.  An approach to discrete-time incentive feedback Stackelberg games , 2002, IEEE Trans. Syst. Man Cybern. Part A.

[27]  C. Hauert,et al.  Game theory and physics , 2005 .

[28]  Jose B. Cruz,et al.  Game Theoretic Approach to Threat Prediction and Situation Awareness , 2006, 2006 9th International Conference on Information Fusion.

[29]  Cheng Zhang,et al.  A Network Security Risk Assessment Framework Based on Game Theory , 2008, 2008 Second International Conference on Future Generation Communication and Networking.

[30]  Dan Shen A Markov game approach to cyber security , 2007 .

[31]  Cristina Comaniciu,et al.  A Bayesian game approach for intrusion detection in wireless ad hoc networks , 2006, GameNets '06.

[32]  Erik Blasch,et al.  A Markov game theoretic data fusion approach for cyber situational awareness , 2007, SPIE Defense + Commercial Sensing.

[33]  Erik Blasch,et al.  Secured network sensor-based defense system , 2015, Defense + Security Symposium.

[34]  Erik Blasch,et al.  An Adaptive Markov Game Model for Cyber Threat Intent Inference , 2009 .

[35]  Nasser Kehtarnavaz,et al.  Fusion of Inertial and Depth Sensor Data for Robust Hand Gesture Recognition , 2014, IEEE Sensors Journal.

[36]  Kanghee Lee,et al.  Effects of node geometry on cooperative distributed AF wireless relay network , 2011, ICTC 2011.

[37]  Chiman Kwan,et al.  An Adaptive Markov Game Model for Threat Intent Inference , 2007, 2007 IEEE Aerospace Conference.

[38]  Erik Blasch,et al.  Review of game theory applications for situation awareness , 2015, Defense + Security Symposium.

[39]  Song Ci,et al.  On physical layer security for cognitive radio networks , 2013, IEEE Network.

[40]  Tatu Ylonen,et al.  SSH: secure login connections over the internet , 1996 .

[41]  Lun Li,et al.  Blind Detection with Unique Identification in Two-Way Relay Channel , 2012, IEEE Transactions on Wireless Communications.

[42]  Dan Shen,et al.  Adaptive Markov Game Theoretic Data Fusion Approach for Cyber Network Defense , 2007, MILCOM 2007 - IEEE Military Communications Conference.

[43]  Xinwen Fu,et al.  On simulation studies of cyber attacks against LTE networks , 2014, 2014 23rd International Conference on Computer Communication and Networks (ICCCN).

[44]  Genshe Chen,et al.  Scheduling methods for unmanned aerial vehicle based delivery systems , 2014, 2014 IEEE/AIAA 33rd Digital Avionics Systems Conference (DASC).