Abstract
Advanced Persistent Threats (APTs) have recently emerged as a significant security challenge for a cyber-physical system due to their stealthy, dynamic and adaptive nature. Proactive dynamic defenses provide a strategic and holistic security mechanism to increase the costs of attacks and mitigate the risks. This work proposes a dynamic game framework to model a long-term interaction between a stealthy attacker and a proactive defender. The stealthy and deceptive behaviors are captured by the multi-stage game of incomplete information, where each player has his own private information unknown to the other. Both players act strategically according to their beliefs which are formed by the multi-stage observation and learning. The perfect Bayesian Nash equilibrium provides a useful prediction of both players’ policies because no players benefit from unilateral deviations from the equilibrium. We propose an iterative algorithm to compute the perfect Bayesian Nash equilibrium and use the Tennessee Eastman process as a benchmark case study. Our numerical experiment corroborates the analytical results and provides further insights into the design of proactive defense-in-depth strategies.
Original language | English (US) |
---|---|
Article number | 101660 |
Journal | Computers and Security |
Volume | 89 |
DOIs | |
State | Published - Feb 2020 |
Keywords
- Advanced persistent threats
- Cyber deception
- Defense in depth
- Industrial control system security
- Multi-stage Bayesian game
- Perfect Bayesian Nash equilibrium
- Proactive defense
- Tennessee Eastman process
ASJC Scopus subject areas
- General Computer Science
- Law