Proactive Defense Against Physical Denial of Service Attacks Using Poisson Signaling Games

Jeffrey Pawlick, Quanyan Zhu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

While the Internet of things (IoT) promises to improve areas such as energy efficiency, health care, and transportation, it is highly vulnerable to cyberattacks. In particular, distributed denial-of-service (DDoS) attacks overload the bandwidth of a server. But many IoT devices form part of cyber-physical systems (CPS). Therefore, they can be used to launch “physical” denial-of-service attacks (PDoS) in which IoT devices overflow the “physical bandwidth” of a CPS. In this paper, we quantify the population-based risk to a group of IoT devices targeted by malware for a PDoS attack. In order to model the recruitment of bots, we develop a “Poisson signaling game,” a signaling game with an unknown number of receivers, which have varying abilities to detect deception. Then we use a version of this game to analyze two mechanisms (legal and economic) to deter botnet recruitment. Equilibrium results indicate that (1) defenders can bound botnet activity, and (2) legislating a minimum level of security has only a limited effect, while incentivizing active defense can decrease botnet activity arbitrarily. This work provides a quantitative foundation for proactive PDoS defense.

Original languageEnglish (US)
Title of host publicationDecision and Game Theory for Security - 8th International Conference, GameSec 2017, Proceedings
EditorsChristopher Kiekintveld, Stefan Schauer, Bo An, Stefan Rass, Fei Fang
PublisherSpringer Verlag
Pages336-356
Number of pages21
ISBN (Print)9783319687100
DOIs
StatePublished - 2017
Event8th International Conference on Decision and Game Theory for Security, GameSec 2017 - Vienna, Austria
Duration: Oct 23 2017Oct 25 2017

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume10575 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other8th International Conference on Decision and Game Theory for Security, GameSec 2017
Country/TerritoryAustria
CityVienna
Period10/23/1710/25/17

ASJC Scopus subject areas

  • Theoretical Computer Science
  • General Computer Science

Fingerprint

Dive into the research topics of 'Proactive Defense Against Physical Denial of Service Attacks Using Poisson Signaling Games'. Together they form a unique fingerprint.

Cite this