GADAPT: A Sequential Game-Theoretic Framework for Designing Defense-in-Depth Strategies Against Advanced Persistent Threats

We present a dynamic game framework to model and design defense strategies for advanced persistent threats APTs. The model is based on a sequence of nested finite two-person zero-sum games, in which the APT is modeled as the attempt to get through multiple protective shells of a system towards conquering the target located in the center of the infrastructure. In each stage, a sub-game captures the attack and defense interactions between two players, and its outcome determines the security level and the resilience against penetrations as well as the structure of the game in the next stage. By construction, interdependencies between protections at multiple stages are automatically accounted for by the dynamic game. The game model provides an analysis and design framework to develop effective protective layers and strategic defense-in-depth strategies against APTs. We discuss a few closed form solutions of our sequential APT-games, upon which design problems can be formulated to optimize the quality of security QoS across several layers. Numerical experiments are conducted in this work to corroborate our results.

[1]  Oguzhan Alagöz,et al.  Modeling secrecy and deception in a multiple-period attacker-defender signaling game , 2010, Eur. J. Oper. Res..

[2]  Quanyan Zhu,et al.  Resilient Distributed Control of Multi-agent Cyber-Physical Systems , 2013, CPSW@CISS.

[3]  Quanyan Zhu,et al.  Game theory meets network security and privacy , 2013, CSUR.

[4]  Roberto Di Pietro,et al.  Emergent properties: detection of the node-capture attack in mobile wireless sensor networks , 2008, WiSec '08.

[5]  Quanyan Zhu,et al.  Deception by Design: Evidence-Based Signaling Games for Network Defense , 2015, WEIS.

[6]  Angelos D. Keromytis,et al.  Countering code-injection attacks with instruction-set randomization , 2003, CCS '03.

[7]  Ronald L. Rivest,et al.  FlipIt: The Game of “Stealthy Takeover” , 2012, Journal of Cryptology.

[8]  Miles A. McQueen,et al.  Deception used for cyber defense of control systems , 2009, 2009 2nd Conference on Human System Interactions.

[9]  Quanyan Zhu,et al.  Game-theoretic analysis of node capture and cloning attack with multiple attackers in wireless sensor networks , 2012, 2012 IEEE 51st IEEE Conference on Decision and Control (CDC).

[10]  Quanyan Zhu,et al.  Secure and Resilient Control Design for Cloud Enabled Networked Control Systems , 2015, CPS-SPC '15.

[11]  Ehab Al-Shaer,et al.  Toward Network Configuration Randomization for Moving Target Defense , 2011, Moving Target Defense.

[12]  Ehab Al-Shaer,et al.  Random Host Mutation for Moving Target Defense , 2012, SecureComm.

[13]  Sushil Jajodia,et al.  Moving Target Defense II , 2013, Advances in Information Security.

[14]  Ehab Al-Shaer,et al.  Openflow random host mutation: transparent moving target defense using software defined networking , 2012, HotSDN '12.

[15]  Walid Saad,et al.  Eavesdropping and jamming in next-generation wireless networks: A game-theoretic approach , 2011, 2011 - MILCOM 2011 Military Communications Conference.

[16]  Quanyan Zhu,et al.  Flip the Cloud: Cyber-Physical Signaling Games in the Presence of Advanced Persistent Threats , 2015, GameSec.

[17]  Ramayya Krishnan,et al.  Software Diversity for Information Security , 2005, WEIS.

[18]  Christoforos E. Kozyrakis,et al.  Raksha: a flexible information flow architecture for software security , 2007, ISCA '07.

[19]  Quanyan Zhu,et al.  Game-Theoretic Methods for Robustness, Security, and Resilience of Cyberphysical Control Systems: Games-in-Games Principle for Optimal Cross-Layer Resilient Control Systems , 2015, IEEE Control Systems.

[20]  Paul Ammann,et al.  Data Diversity: An Approach to Software Fault Tolerance , 1988, IEEE Trans. Computers.

[21]  Sushil Jajodia,et al.  Moving Target Defense - Creating Asymmetric Uncertainty for Cyber Threats , 2011, Moving Target Defense.

[22]  Quanyan Zhu,et al.  A moving-horizon hybrid stochastic game for secure control of cyber-physical systems , 2014, 53rd IEEE Conference on Decision and Control.

[23]  Sushil Jajodia,et al.  Moving Target Defense II: Application of Game Theory and Adversarial Modeling , 2012 .