Jiajun Shen,Dongqin Feng

DOI: https://doi.org/10.1080/00207721.2017.1406555

IF: 2.648

2018-01-01

International Journal of Systems Science

Abstract:In this paper, the cross-layer security problem of cyber-physical system (CPS) is investigated from the game-theoretic perspective. Physical dynamics of plant is captured by stochastic differential game with cyber-physical influence being considered. The sufficient and necessary condition for the existence of state-feedback equilibrium strategies is given. The attack-defence cyber interactions are formulated by a Stackelberg game intertwined with stochastic differential game in physical layer. The condition such that the Stackelberg equilibrium being unique and the corresponding analytical solutions are both provided. An algorithm is proposed for obtaining hierarchical security strategy by solving coupled games, which ensures the operational normalcy and cyber security of CPS subject to uncertain disturbance and unexpected cyberattacks. Simulation results are given to show the effectiveness and performance of the proposed algorithm.

Huici Wu,Qiuyue Gao,Xiaofeng Tao,Ning Zhang,Dajiang Chen,Zhu Han

DOI: https://doi.org/10.1109/jiot.2021.3122115

IF: 10.6

2021-01-01

IEEE Internet of Things Journal

Abstract:Internet of Things (IoT) is vulnerable to various cyber attacks due to the massive deployment of IoT devices and the openness of wireless environments. In this article, taking IoT devices as the network resources competed between an attacker and a defender, we study the modeling and analysis of network resource competition in an attack-defense game. The attacker and defender inject different competition strength in each IoT device as their strategies. As a result, the security state of each IoT device will change, which is captured by differential equations. To study the interaction between the attacker and defender and the evolution of the system security states, a zero-sum differential game is formulated by modeling the competition of IoT devices. To achieve the equilibrium of the formulated differential game, optimal control theory is employed to solve the optimization problems of players. Further, a Gauss–Seidel-like implicit finite-difference method is utilized to obtain the saddle point strategy. Finally, numerical results are provided to demonstrate the evolution of network resource competition between the attacker and defender. The results show that our formulated model can effectively and accurately characterize the evolution of the system security states with strategic interactions between the attacker and defender.

Juntao Chen,Corinne Touati,Quanyan Zhu

DOI: https://doi.org/10.48550/arXiv.2108.13159

2021-07-26

Networking and Internet Architecture

Abstract:The emerging Internet of Things (IoT) applications that leverage ubiquitous connectivity and big data are facilitating the realization of smart everything initiatives. IoT-enabled infrastructures have naturally a multi-layer system architecture with an overlaid or underlaid device network and its coexisting infrastructure network. The connectivity between different components in these two heterogeneous interdependent networks plays an important role in delivering real-time information and ensuring a high-level situational awareness. However, IoT-enabled infrastructures face cyber threats due to the wireless nature of communications. Therefore, maintaining network connectivity in the presence of adversaries is a critical task for infrastructure network operators. In this paper, we establish a three-player three-stage dynamic game-theoretic framework including two network operators and one attacker to capture the secure design of multi-layer interdependent infrastructure networks by allocating limited resources. We use subgame perfect Nash equilibrium (SPE) to characterize the strategies of players with sequential moves. In addition, we assess the efficiency of the equilibrium network by comparing with its team optimal solution counterparts in which two network operators can coordinate. We further design a scalable algorithm to guide the construction of the equilibrium IoT-enabled infrastructure networks. Finally, we use case studies on the emerging paradigm of the Internet of Battlefield Things (IoBT) to corroborate the obtained results.

Yuyao Zhu,Huici Wu,Xiaofeng Tao,Shen Wang

DOI: https://doi.org/10.1109/jiot.2024.3435879

IF: 10.6

2024-01-01

IEEE Internet of Things Journal

Abstract:Many interconnected terminals in the Internet of Things (IoT) networks raise significant security risks. From a competitive perspective, the many heterogeneous nodes, including various wireless terminals, access points, and base stations, are the competing targets between defenders and potential attackers. This paper proposes a security competition model based on game theory to address the security competition problem. The model has two players, a defender and an attacker, who allocate resources to each IoT node according to their strategies. A novel metric, security entropy, derived from security probability, quantifies each node’s security status. Based on the node heterogeneity, the overall security performance of the considered IoT network is evaluated with a topology-determined weighted security entropy. The defender and the attacker, respectively, aim to decrease and increase the weighted security entropy while balancing the cost, which constitutes their utility functions. The existence of the unique Nash equilibrium is proved. A best response selection algorithm for the optimal solutions is designed. The experimental results demonstrate that the proposed model effectively represents the goal orientation and interaction between attackers and defenders in various scenarios. Additionally, increasing the cost for attackers significantly reduces their resource allocation, especially to attackers, leading to a decrease in the system’s security entropy.

Hao Wu,Wei Wang,Changyun Wen,Zhengguo Li

DOI: https://doi.org/10.1016/j.ins.2018.04.051

IF: 8.1

2018-01-01

Information Sciences

Abstract:In this paper, a game theoretical analysis method is presented to provide the optimal security detection strategies for heterogeneous networked systems. A two-stage game model is firstly established, in which the attacker and defender are considered as two players. In the first stage, the two players make decisions on whether to execute the attack/monitoring actions or to keep silence for each network unit. In the second stage, two important strategic varibles, i.e. the attack intensity and detection threshold, are cautiously determined. The necessary and sufficient conditions to ensure the existence of the Nash equilibriums for the game with complete information are rigorously analyzed. The results reflect that with limited resources and capacities, the defender (attacker) tends to perform defense (attack) actions and further allocate more defense (less attack) resources to the units with larger assets. Besides, Bayesian and robust Nash equilibrium analysis is provided for the game with incomplete information. Finally, a sampling based Nash equilibrium verification and calculation approach is proposed for the game model with continuous kernels. Thus the convexity restrictions can be relaxed and the computational complexity is effectively reduced, with comparison to the existing recursive calculation methods. Numerical examples are given to validate our theoretical results.

Yan Ding,Xian-wei Zhou,Zhi-mi Cheng,Fu-hong Lin

DOI: https://doi.org/10.1007/s11277-013-1018-y

IF: 2.017

2013-01-01

Wireless Personal Communications

Abstract:A particular challenging problem in designing Internet of Things is that how to detect and prevent internal attacks, because all nodes try their best to save their limited network resource. So it is difficult to achieve optimal objectives simultaneously, game theory provides an appropriate tool. In this paper, we propose a non-cooperative differential game model, which allows all nodes to choose the optimal amount of network resource to invest in information security contingent upon the state of game. In our model, we specifically consider how the vulnerability of information and the potential loss from such vulnerability affects the optimal amount of resources that should be devoted to securing that information. In the paper, the optimal strategies of selfish nodes and malicious nodes are obtained respectively. The simulation results show that our game model has a good performance in stability of the probability that the selfish nodes discover the malicious nodes under the optimal strategies of the selfish and the malicious nodes.

Jichao Bi,Shibo He,Fengji Luo,Wenchao Meng,Luyue Ji,Da-Wen Huang

DOI: https://doi.org/10.1109/TII.2022.3231406

IF: 12.3

2023-01-01

IEEE Transactions on Industrial Informatics

Abstract:Industrial Internet of Things (IIoT) is vulnerable to advanced persistent threat (APT). In this article, we study a scenario in which APT is launched to attack IIoT devices. Considering the APTs lateral movement, a node-level state evolution model is established to calculate the probability of every device in an IIoT system to be compromised by APT. Based on this, a Stackelberg game model is proposed for the APT attacker and defender, which can accurately describe the gaming process. An effective computational approach is developed to obtain the potential Stackelberg equilibrium strategy pair of the game. Extensive case studies and comparison studies are conducted to validate the effectiveness of the proposed method.

Poria Pirozmand,Mohsen Angoraj Ghafary,Safieh Siadat,Jiankang Ren

DOI: https://doi.org/10.1155/2020/8819545

2020-01-01

Wireless Communications and Mobile Computing

Abstract:The Internet of Things is an emerging technology that integrates the Internet and physical smart objects. This technology currently is used in many areas of human life, including education, agriculture, medicine, military and industrial processes, and trade. Integrating real-world objects with the Internet can pose security threats to many of our day-to-day activities. Intrusion detection systems (IDS) can be used in this technology as one of the security methods. In intrusion detection systems, early and correct detection (with high accuracy) of intrusions is considered very important. In this research, game theory is used to develop the performance of intrusion detection systems. In the proposed method, the attacker infiltration mode and the behavior of the intrusion detection system as a two-player and nonparticipatory dynamic game are completely analyzed and Nash equilibrium solution is used to create specific subgames. During the simulation performed using MATLAB software, various parameters were examined using the definitions of game theory and Nash equilibrium to extract the parameters that had the most accurate detection results. The results obtained from the simulation of the proposed method showed that the use of intrusion detection systems in the Internet of Things based on cloud-fog can be very effective in identifying attacks with the least amount of errors in this network.

Zheng Wang,Bin Liu,JingZhao Chen,WeiHua Huang,Yong Hu

DOI: https://doi.org/10.1016/j.jisa.2023.103436

IF: 4.96

2023-02-02

Journal of Information Security and Applications

Abstract:The defense strategy of the Internet of Things (IoT) under hacker attack is a crucial issue in the security field of industry. When IoT plants are attacked by hackers, it is impossible to understand the type of attack employed by the hackers. At this point, we need a detection mechanism that can cope with the known multiple types of network attacks. In this paper, we focus on the issue of IoT security defense and construct a multi-detector detection system capable of detecting multiple types of network attacks based on a zero-sum stochastic game framework. The system can choose between multiple detectors according to a mixed Nash equilibrium strategy that takes into account both the detection cost and the detection effect. Finally, we present a simulation comparison between the multi-detector system and the single detector system to verify that the mixed strategy leads to higher detection effectiveness and lower control performance loss.

computer science, information systems

Yichuan Wang,Yefei Zhang,Xinhong Hei,Wenjiang Ji,Weigang Ma

DOI: https://doi.org/10.1007/bf03391587

2017-01-01

Journal of Communications and Information Networks

Abstract:Integration of the IoT (Internet of Things) with Cloud Computing, termed as the CoT (Cloud of Things) can help achieve the goals of the envisioned IoT and future Internet. In a typical CoT infrastructure, the data collected from wireless sensor networks and IoTs is transmitted through a SG (Smart Gateway) to the cloud. The bandwidth between an IoT access point and SG becomes a bottleneck for information transmission between the IoT and the cloud. We propose a novel game theory model to describe the CoT attacker, who expects to use minimum set and energy consumption of IoT attack devices to occupy as many bandwidth resources as possible in a given time period; and the defender, who expects to minimize false alarms. By analyzing this model, we have found that the game theory model is a non-cooperative and repeated incomplete information game, and Nash equilibrium is existent, perfected by the subgame. The best strategy for each stage of the attack is to adjust the attack link number dynamically based on the comparison results of value ϵ and turning point ϵ0 for each time period. At the same time, the defender adjusts the threshold value β dynamically, based on the comparison results of the Load value and expected value of a for each time period. The simulation result shows that our strategy can significantly mitigate the harm of a distributed denial of service attack.

Syed Bilal Hussain Shah,Lei Wang,Prakasha Reddy,Anil Carie

DOI: https://doi.org/10.1109/infocomwkshps50562.2020.9162702

2020-01-01

Abstract:The restricted resources in IoT networks such as limited battery have resulted in strict requirements to prolong the network life time. To improve the communication, IoT nodes attempt to optimize the available energy in the sensor network, this makes them vulnerable to the malicious attacks from adversaries because of open scenario. In addition, enhancing the security level will consume the energy and decreases network life time. In order to balance energy and security in the network game theory concept is used. We design a non cooperative game between energy and security where the utilities of both energy and security players are maximized by controlling the number of nodes transmitting and hash length. We consider complete and incomplete information game and determine Nash equilibrium. Extensive simulation have been performed to examine Nash equilibrium. We obtained Nash equilibrium for both energy and security players.

LIANG Haoran,WU Jun,ZHAO Chengcheng,LI Jianhua

DOI: https://doi.org/10.11959/j.issn.2096-3750.2021.00226

2021-01-01

Abstract:With the commercialization of 5G and the development of 6G, more and more Internet of things (IoT) devices are linked to the novel cyber-physical system (CPS) to support intelligent decision making.However, the highly decentralized and heterogeneous IoT devices face potential threats that may mislead the CPS.Traditional intrusion detection solutions cannot protect the privacy of IoT devices, and they have to deal with the single point of failure, which prevents these solutions from being deploying in IoT scenarios.The edge learning and game theory based intrusion detection for IoT was proposed.Firstly, an edge learning based intrusion detection framework was proposed to detect potential threats in IoT.Moreover, a multi-leader multi-follower game was employed to motivate trusted parameter servers and edge devices to participate in the edge learning process.Experiments and evaluations show the security and effectiveness of the proposed intrusion detection framework.

Lili Chen,Zhen Wang,Fenghua Li,Yunchuan Guo,Kui Geng

DOI: https://doi.org/10.3390/s20030804

IF: 3.9

2020-01-01

Sensors

Abstract:With limited computing resources and a lack of physical lines of defense, the Internet of Things (IoT) has become a focus of cyberattacks. In recent years, outbreak propagation attacks against the IoT have occurred frequently, and these attacks are often strategical. In order to detect the outbreak propagation as soon as possible, t embedded Intrusion Detection Systems (IDSs) are widely deployed in the IoT. This paper tackles the problem of outbreak detection in adversarial environment in the IoT. A dynamic scheduling strategy based on specific IDSs monitoring of IoT devices is proposed to avoid strategic attacks. Firstly, we formulate the interaction between the defender and attacker as a Stackelberg game in which the defender first chooses a set of device nodes to activate, and then the attacker selects one seed (one device node) to spread the worms. This yields an extremely complex bilevel optimization problem. Our approach is to build a modified Column Generation framework for computing the optimal strategy effectively. The optimal response of the defender's problem is expressed as mixed-integer linear programming (MILPs). It is proved that the solution of the defender's optimal response is a NP-hard problem. Moreover, the optimal response of defenders is improved by an approximate algorithm--a greedy algorithm. Finally, the proposed scheme is tested on some randomly generated instances. The experimental results show that the scheme is effective for monitoring optimal scheduling.

Lili Chen,Zhen Wang,Jintao Wu,Yunchuan Guo,Fenghua Li,Zifu Li

DOI: https://doi.org/10.1002/cpe.6944

2022-04-20

Concurrency and Computation: Practice and Experience

Abstract:As mobile communications, the Internet, databases, distributed computing, and other technologies continue to develop, the Internet of Things (IoT) has emerged as prevalent technique. However, attacks on security and sensitive data in IoT occur frequently, and these attacks often evade intrusion detection systems strategically by mutating their traffic. To prevent security threats and sensitive data leakage, we propose a game approach based on adversarial deep learning to optimize a dynamic security threshold strategy. We introduce a mobile edge computing framework and utilize a game model to describe the adversarial interaction between the two participants. To solve the complexity of the game problem to gain dynamically randomized adversarial attacks, we present a column generation (CG) framework, which uses a feedforward neural network to quantify data flowing through IoT devices. Considering the limited resources of IoT devices, we calculate an optimal response to cyberattacks via a particle swarm optimization algorithm, aiming to reduce the false alarm rate. The adversarial dynamic threshold (ADT)‐based column generation (CG‐ADT) algorithm generates the set of detection threshold and the probability. Finally, we present the results of experiments conducted to demonstrate the effectiveness and robustness of the proposed dynamic threshold scheme for sensitive data security protection in IoT and its suitability for implementation in production systems.

Yikai Liu,Yong Zeng,Yang Liu,and Zhihong Liu

DOI: https://doi.org/10.1145/3417311.3430706

2020-01-01

Abstract:Distributed Internet of things (IoT) is becoming an important technology with the popularization of intelligent devices, which builds a bridge between physical networks and social networks. Therefore, how to ensure the security of IoT is an urgent problem. As an effective measure to improve physical layer security, cooperative jamming has been extensively adopted to reduce the eavesdropper's ability to listen to the transmitted signals. Over the past decades, there has been lots of research on cooperative jamming in the single physical layer network. Meanwhile, some works use game theory to analyze the strategies of jammers and legitimate channels. However, these studies assume that the system is ideal and static, which does not conform to the real-world environment. On the other hand, they often ignore the social relationships that exist in the network, nor do they consider the impact of social relationships on the game. In this paper, we first establish a two-layer network model, which includes a physical layer and a social layer. Then we combine a two-layer network with game theory. In the single jamming node scenario, the jamming node is the leader and the legitimate channel is the follower, so we establish a Stackelberg game. Noting the influence of social strength on the game, we rewrite the benefit function of the jamming node. Our experiment results show the relationship between a legitimate channel's benefit and its purchase power quantity. At the same time, we can find those good social relationships can significantly improve the security rate of the communication system.

Bingjie Liu,Haitao Xu,Xianwei Zhou

DOI: https://doi.org/10.3390/s18114074

2018-01-01

Abstract:With the rapid development of the Internet of Things, there are a series of security problems faced by the IoT devices. As the IoT devices are generally devices with limited resources, how to effectively allocate the restricted resources facing the security problems is the key issue at present. In this paper, we study the resource allocation problem in threat defense for the resource-constrained IoT system, and propose a Stackelberg dynamic game model to get the optimal allocated resources for both the defender and attackers. The proposed Stackelberg dynamic game model is composed by one defender and many attackers. Given the objective functions of the defender and attackers, we analyze both the open-loop Nash equilibrium and feedback Nash equilibrium for the defender and attackers. Then both the defender and attackers can control their available resources based on the Nash equilibrium solutions of the dynamic game. Numerical simulation results show that correctness and effeteness of the proposed model.

Kun Lv,Yun Chen,Changzhen Hu

DOI: https://doi.org/10.1016/j.inffus.2019.01.001

IF: 18.6

2019-01-01

Information Fusion

Abstract:Advanced persistent threats (APTs) pose a grave threat in cyberspace because of their long latency and concealment. In this paper, we propose a hybrid strategy game-based dynamic defense model to optimally allocate constrained secure resources for the target network. In addition, values of profits of players in this game are computed by a novel data-fusion method called NetF. Based on network protocols and log documents, the NetF deciphers data packets collected from different networks to natural language to make them comparable. Using this algorithm, data observed from the Internet and wireless sensor networks (WSNs) can be fused to calculate the comprehensive payoff of every node precisely. The Nash equilibrium can be computed using the value to detect the possibility of a node being a malicious node. Using this method, the dynamic optimal defense strategy can be allocated to every node at different times, which enhances the security of the target network obviously. In experiments, we illustrate the obtained results via case studies of a cluster of heterogeneous networks. The results guide planning of optimal defense strategies for different kinds of nodes at different times.

Xu Chen,Liang Xiao,Wei Feng,Ning Ge,Xianbin Wang

DOI: https://doi.org/10.1109/jiot.2021.3138094

IF: 10.6

2021-01-01

IEEE Internet of Things Journal

Abstract:The proliferation of Distributed Denial of Service (DDoS) attacks in Internet of Things (IoT) not only threatens the security of digital devices and infrastructure but also severely degrades IoT system performance due to the overly consumed network resources. With the knowledge of identity information of devices and signaling data, Internet service providers (ISPs) can detect and block DDoS traffic by monitoring the upstream IoT packets, and thereby, improve network efficiency. However, inspecting all data packets online for DDoS detection will significantly increase both the network delay and the computational overhead. Therefore, the packet sampling strategy is crucial for the defenders to detect DDoS attacks. To this end, this article formulates a Stackelberg game model to analyze the collaborative IoT packet sampling against DDoS attacks. Through the equilibrium analysis of the DDoS game, we derive the lower bound of packet sampling rate (PSR) that can effectively deter potential attackers. Unlike traditional offline detection, our proposed packet sampling strategy can support both the online detection and proactive prevention of DDoS traffic. As a use case, a multipoint DDoS defense framework is developed to address the IP spoofing in 5G networks based on the proposed packet sampling strategy, which deters DDoS attacks and reduces the packet sampling cost, and thereby, maximizes the IoT utility, compared with existing methods. In typical reflection attacks (in which no more than five packets of response are triggered by a request packet), our proposed scheme not only reduces more than 70% of the sampling rate but also demonstrates superior robustness against boundary condition variation.

Juntao Chen,Quanyan Zhu

DOI: https://doi.org/10.1109/tifs.2019.2911112

IF: 7.231

2019-11-01

IEEE Transactions on Information Forensics and Security

Abstract:With the increasing connectivity enabled by the Internet of Things (IoT), security becomes a critical concern, and users should invest to secure their IoT applications. Due to the massive devices in the IoT network, users cannot be aware of the security policies taken by all its connected neighbors. Instead, a user makes security decisions based on the cyber risks that he perceives by observing a selected number of nodes. To this end, we propose a model which incorporates the limited attention or bounded rationality nature of players in the IoT. Specifically, each individual builds a sparse cognitive network of nodes to respond to. Based on this simplified cognitive network representation, each user then determines his security management policy by minimizing his own real-world security cost. The bounded rational decision-makings of players and their cognitive network formations are interdependent and thus should be addressed in a holistic manner. We establish a games-in-games framework and propose a Gestalt Nash equilibrium (GNE) solution concept to characterize the decisions of agents and quantify their risk of bounded perception due to the limited attention. In addition, we design a proximal-based iterative algorithm to compute the GNE. With case studies of smart communities, the designed algorithm can successfully identify the critical users whose decisions need to be taken into account by the other users during the security management.

computer science, theory & methods,engineering, electrical & electronic

Ye Hu,Anibal Sanjab,Walid Saad

DOI: https://doi.org/10.1109/jiot.2018.2890431

IF: 10.6

2019-04-01

IEEE Internet of Things Journal

Abstract:In this paper, a novel anti-jamming mechanism is proposed to analyze and enhance the security of adversarial Internet of Battlefield Things (IoBT) systems. In particular, the problem is formulated as a dynamic psychological game between a soldier and an attacker. In this game, the soldier seeks to accomplish a time-critical mission by traversing a battlefield within a certain amount of time, while maintaining its connectivity with an IoBT network. The attacker, on the other hand, seeks to find the optimal opportunity to compromise the IoBT network and maximize the delay of the soldier’s IoBT transmission link. The soldier and the attacker’s psychological behavior are captured using tools from psychological game theory, with which the soldier’s and attacker’s intentions to harm one another are considered in their utilities. To solve this game, a novel learning algorithm based on Bayesian updating is proposed to find an $ {epsilon }$ -like psychological self-confirming equilibrium of the game.

computer science, information systems,telecommunications,engineering, electrical & electronic