Analysis and computation of adaptive defense strategies against advanced persistent threats for cyber-physical systems

Linan Huang, Quanyan Zhu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Cyber-physical systems are facing new security challenges from Advanced Persistent Threats (APTs) due to the stealthy, dynamic and adaptive nature of the attack. The multi-stage Bayesian game captures the incomplete information of the players’ type, and enables an adaptive belief update according to the observable history of the other player’s actions. The solution concept of perfect Bayesian Nash equilibrium (PBNE) under the proactive and reactive information structures of the players provides an important analytical tool to predict and design the players’ behavior. To capture the learning process and enable fast computation of PBNE, we use conjugate priors to update the beliefs of the players parametrically, which is assimilated into backward dynamic programming with an expanded state space. We use a mathematical programming approach to compute the PBNE of the dynamic bi-matrix game of incomplete information. In the case study, we analyze and study two PBNEs under complete and one-sided incomplete information. The results reveal the benefit of deception of the private attackers’ types and motivate defender’s use of deception techniques to tilt the information asymmetry. Numerical results have been used to corroborate the analytical findings of our framework and show the effectiveness of defense design to deter the attackers and mitigate the APTs strategically.

Original languageEnglish (US)
Title of host publicationDecision and Game Theory for Security - 9th International Conference, GameSec 2018, Proceedings
EditorsLinda Bushnell, Radha Poovendran, Tamer Basar
PublisherSpringer Verlag
Pages205-226
Number of pages22
ISBN (Print)9783030015534
DOIs
StatePublished - 2018
Event9th International Conference on Decision and Game Theory for Security, GameSec 2018 - Seattle, United States
Duration: Oct 29 2018Oct 31 2018

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume11199 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other9th International Conference on Decision and Game Theory for Security, GameSec 2018
CountryUnited States
CitySeattle
Period10/29/1810/31/18

Keywords

  • Advanced Persistent Threats (APTs)
  • Cyber deception
  • Multistage Bayesian game
  • Optimal learning
  • Proactive and strategic defense

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint Dive into the research topics of 'Analysis and computation of adaptive defense strategies against advanced persistent threats for cyber-physical systems'. Together they form a unique fingerprint.

  • Cite this

    Huang, L., & Zhu, Q. (2018). Analysis and computation of adaptive defense strategies against advanced persistent threats for cyber-physical systems. In L. Bushnell, R. Poovendran, & T. Basar (Eds.), Decision and Game Theory for Security - 9th International Conference, GameSec 2018, Proceedings (pp. 205-226). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11199 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-030-01554-1_12