@article{49561e183d844db98296ed36844c67a9,
title = "A dynamic games approach to proactive defense strategies against Advanced Persistent Threats in cyber-physical systems",
abstract = "Advanced Persistent Threats (APTs) have recently emerged as a significant security challenge for a cyber-physical system due to their stealthy, dynamic and adaptive nature. Proactive dynamic defenses provide a strategic and holistic security mechanism to increase the costs of attacks and mitigate the risks. This work proposes a dynamic game framework to model a long-term interaction between a stealthy attacker and a proactive defender. The stealthy and deceptive behaviors are captured by the multi-stage game of incomplete information, where each player has his own private information unknown to the other. Both players act strategically according to their beliefs which are formed by the multi-stage observation and learning. The perfect Bayesian Nash equilibrium provides a useful prediction of both players{\textquoteright} policies because no players benefit from unilateral deviations from the equilibrium. We propose an iterative algorithm to compute the perfect Bayesian Nash equilibrium and use the Tennessee Eastman process as a benchmark case study. Our numerical experiment corroborates the analytical results and provides further insights into the design of proactive defense-in-depth strategies.",
keywords = "Advanced persistent threats, Cyber deception, Defense in depth, Industrial control system security, Multi-stage Bayesian game, Perfect Bayesian Nash equilibrium, Proactive defense, Tennessee Eastman process",
author = "Linan Huang and Quanyan Zhu",
note = "Funding Information: This research is partially supported by award 2015-ST-061-CIRC01 from U.S. Department of Homeland Security; awards ECCS-1847056, CNS-1544782, and SES-1541164 from National Science Foundation (NSF) ; and grant W911NF-19-1-0041 from Army Research Office (ARO). Linan Huang received the B.Eng. degree in Electrical Engineering from Beijing Institute of Technology, China, in 2016. He is currently a Ph.D. candidate in the Laboratory for Agile and Resilient Complex Systems, Tandon School of Engineering, New York University. His research interests include dynamic decision making of the multi-agent system, security and resilience for the cyber-physical systems. Quanyan Zhu (S{\textquoteright}04-M{\textquoteright}12) received B. Eng. in Honors Electrical Engineering with distinction from McGill University in 2006, M.A.Sc. from University of Toronto in 2008, and Ph.D. from the University of Illinois at Urbana-Champaign (UIUC) in 2013. After stints at Princeton University, he is currently an assistant professor at the Department of Electrical and Computer Engineering, New York University. He is a recipient of many awards including NSF CAREER Award, NYU Goddard Junior Faculty Fellowship, NSERC Postdoctoral Fellowship (PDF), NSERC Canada Graduate Scholarship (CGS), and Mavis Future Faculty Fellowships. He spearheaded and chaired INFOCOM Workshop on Communications and Control on Smart Energy Systems (CCSES), and Midwest Workshop on Control and Game Theory (WCGT). His current research interests include resilient and secure interdependent critical infrastructures, Internet of Things, cyber-physical systems, game theory, machine learning, network optimization and control. He has served as the general chair of the 7th Conference on Decision and Game Theory for Security (GameSec) in 2016, the 9th International Conference on NETwork Games, COntrol and OPtimisation (NETGCOOP) in 2018, and the 5th International Conference on Artificial Intelligence and Security (ICAIS 2019) in 2019. Publisher Copyright: {\textcopyright} 2019 Elsevier Ltd",
year = "2020",
month = feb,
doi = "10.1016/j.cose.2019.101660",
language = "English (US)",
volume = "89",
journal = "Computers and Security",
issn = "0167-4048",
publisher = "Elsevier Limited",
}