A Markov Game Theoritic Approach for Power Grid Security

The extensive use of information and communication technologies in power grid systems make them vulnerable to cyber-attacks. One class of cyber-attack is advanced persistent threats where highly skilled attackers can steal user authentication information's and then move laterally in the network, from host to host in a hidden manner, until they reach an attractive target. Once the presence of the attacker has been detected in the network, appropriate actions should be taken quickly to prevent the attacker going deeper. This paper presents a game theoretic approach to optimize the defense against an invader attempting to use a set of known vulnerabilities to reach critical nodes in the network. First, the network is modeled as a vulnerability multi-graph where the nodes represent physical hosts and edges the vulnerabilities that the attacker can exploit to move laterally from one host to another. Secondly, a two-player zero-sum Markov game is built where the states of the game represent the nodes of the vulnerability multi-graph graph and transitions correspond to the edge vulnerabilities that the attacker can exploit. The solution of the game gives the optimal strategy to disconnect vulnerable services and thus slow down the attack.

[1]  Liangzhong Yao,et al.  Electric grid vulnerability assessment under attack-defense scenario based on game theory , 2013, 2013 IEEE PES Asia-Pacific Power and Energy Engineering Conference (APPEEC).

[2]  Chaomei Lo,et al.  A Graph-Based Impact Metric for Mitigating Lateral Movement Cyber Attacks , 2016, SafeConfig@CCS.

[3]  Michael L. Littman,et al.  Markov Games as a Framework for Multi-Agent Reinforcement Learning , 1994, ICML.

[4]  E Zio,et al.  A General Framework for the Assessment of Power System Vulnerability to Malicious Attacks , 2017, Risk analysis : an official publication of the Society for Risk Analysis.

[5]  William H. Sanders,et al.  A Game-Theoretic Approach to Respond to Attacker Lateral Movement , 2016, GameSec.

[6]  Massimo Marchiori,et al.  Error and attacktolerance of complex network s , 2004 .

[7]  Michail G. Lagoudakis,et al.  Value Function Approximation in Zero-Sum Markov Games , 2002, UAI.

[8]  Emilie Hogan,et al.  A graph analytic metric for mitigating advanced persistent threat , 2013, 2013 IEEE International Conference on Intelligence and Security Informatics.

[9]  Ravishankar K. Iyer,et al.  Game Theory with Learning for Cyber Security Monitoring , 2016, 2016 IEEE 17th International Symposium on High Assurance Systems Engineering (HASE).

[10]  George E Apostolakis,et al.  A Screening Methodology for the Identification and Ranking of Infrastructure Vulnerabilities Due to Terrorism , 2005, Risk analysis : an official publication of the Society for Risk Analysis.

[11]  Lin Chen,et al.  A Game-Theoretical Model for Security Risk Management of Interdependent ICT and Electrical Infrastructures , 2015, 2015 IEEE 16th International Symposium on High Assurance Systems Engineering.

[12]  Shaolei Ren,et al.  Game Theory for Cyber Security and Privacy , 2017, ACM Comput. Surv..

[13]  Joon S. Park,et al.  A game theoretic approach for modeling optimal data sharing on Online Social Networks , 2012, 2012 9th International Conference on Electrical Engineering, Computing Science and Automatic Control (CCE).

[14]  Christopher Bronk,et al.  Hack or Attack? Shamoon and the Evolution of Cyber Conflict , 2013 .

[15]  Wolfgang Kröger,et al.  Performance of Electric Power Systems Under Physical Malicious Attacks , 2013, IEEE Systems Journal.

[16]  Somesh Jha,et al.  Automated generation and analysis of attack graphs , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[17]  Albert-László Barabási,et al.  Error and attack tolerance of complex networks , 2000, Nature.

[18]  Réka Albert,et al.  Structural vulnerability of the North American power grid. , 2004, Physical review. E, Statistical, nonlinear, and soft matter physics.

[19]  Ralph Langner,et al.  Stuxnet: Dissecting a Cyberwarfare Weapon , 2011, IEEE Security & Privacy.

[20]  Stefan Rass,et al.  Defending Against Advanced Persistent Threats Using Game-Theory , 2017, PloS one.