TY - JOUR
T1 - ISTRICT
T2 - An Interdependent Strategic Trust Mechanism for the Cloud-Enabled Internet of Controlled Things
AU - Pawlick, Jeffrey
AU - Chen, Juntao
AU - Zhu, Quanyan
N1 - Funding Information:
Manuscript received May 1, 2018; revised September 4, 2018; accepted November 6, 2018. Date of publication November 26, 2018; date of current version March 7, 2019. The work is partially supported by an NSF IGERT grant through the Center for Interdisciplinary Studies in Security and Privacy (CRISSP) at New York University, by the grant CNS-1544782, EFRI-1441140, and SES-1541164 from National Science Foundation (NSF) and DE-NE0008571 from the Department of Energy. The associate editor coordinating the review of this manuscript and approving it for publication was Prof. Wei Yu. (Corresponding author: Jeffrey Pawlick.) The authors are with the Department of Electrical and Computer Engineering, Tandon School of Engineering, New York University, Brooklyn, NY 11201 USA (e-mail: [email protected]; [email protected]; [email protected]). Digital Object Identifier 10.1109/TIFS.2018.2883272 Fig. 1. iSTRICT addresses security and trust issues for a cloud-enabled IoCT. The cloud-enabled IoCT consists of connected sensors and devices, with a cloud as the interface. Adversaries are capable of compromising cloud services and modifying the control signals that they transmit to the devices. The trust issue lies between the cloud (sender) and IoCT (receiver). Each IoCT device should determine which signals to trust from cloud services strategically.
Publisher Copyright:
© 2018 IEEE.
PY - 2019/6
Y1 - 2019/6
N2 - The cloud-enabled Internet of controlled things (IoCT) envisions a network of sensors, controllers, and actuators connected through a local cloud in order to intelligently control physical devices. Because cloud services are vulnerable to advanced persistent threats (APTs), each device in the IoCT must strategically decide whether to trust cloud services that may be compromised. In this paper, we present iSTRICT, an interdependent strategic trust mechanism for the cloud-enabled IoCT. iSTRICT is composed of three interdependent layers. In the cloud layer, iSTRICT uses FlipIt games to conceptualize APTs. In the communication layer, it captures the interaction between devices and the cloud using signaling games. In the physical layer, iSTRICT uses optimal control to quantify the utilities in the higher level games. Best response dynamics link the three layers in an overall "game-of-games," for which the outcome is captured by a concept called Gestalt Nash equilibrium (GNE). We prove the existence of a GNE under a set of natural assumptions and develop an adaptive algorithm to iteratively compute the equilibrium. Finally, we apply iSTRICT to trust management for autonomous vehicles that rely on measurements from remote sources. We show that strategic trust in the communication layer achieves a worst-case probability of compromise for any attack and defense costs in the cyber layer.
AB - The cloud-enabled Internet of controlled things (IoCT) envisions a network of sensors, controllers, and actuators connected through a local cloud in order to intelligently control physical devices. Because cloud services are vulnerable to advanced persistent threats (APTs), each device in the IoCT must strategically decide whether to trust cloud services that may be compromised. In this paper, we present iSTRICT, an interdependent strategic trust mechanism for the cloud-enabled IoCT. iSTRICT is composed of three interdependent layers. In the cloud layer, iSTRICT uses FlipIt games to conceptualize APTs. In the communication layer, it captures the interaction between devices and the cloud using signaling games. In the physical layer, iSTRICT uses optimal control to quantify the utilities in the higher level games. Best response dynamics link the three layers in an overall "game-of-games," for which the outcome is captured by a concept called Gestalt Nash equilibrium (GNE). We prove the existence of a GNE under a set of natural assumptions and develop an adaptive algorithm to iteratively compute the equilibrium. Finally, we apply iSTRICT to trust management for autonomous vehicles that rely on measurements from remote sources. We show that strategic trust in the communication layer achieves a worst-case probability of compromise for any attack and defense costs in the cyber layer.
KW - Internet of controlled things
KW - advanced persistent threats
KW - autonomous vehicles
KW - cyber-physical systems
KW - cybersecurity
KW - game-of-games
KW - strategic trust
UR - http://www.scopus.com/inward/record.url?scp=85057412054&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85057412054&partnerID=8YFLogxK
U2 - 10.1109/TIFS.2018.2883272
DO - 10.1109/TIFS.2018.2883272
M3 - Article
AN - SCOPUS:85057412054
SN - 1556-6013
VL - 14
SP - 1654
EP - 1669
JO - IEEE Transactions on Information Forensics and Security
JF - IEEE Transactions on Information Forensics and Security
IS - 6
M1 - 8543871
ER -