Top

Published in:

2017 | OriginalPaper | Chapter

Proactive Defense Against Physical Denial of Service Attacks Using Poisson Signaling Games

Authors : Jeffrey Pawlick, Quanyan Zhu

Published in: Decision and Game Theory for Security

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

While the Internet of things (IoT) promises to improve areas such as energy efficiency, health care, and transportation, it is highly vulnerable to cyberattacks. In particular, distributed denial-of-service (DDoS) attacks overload the bandwidth of a server. But many IoT devices form part of cyber-physical systems (CPS). Therefore, they can be used to launch “physical” denial-of-service attacks (PDoS) in which IoT devices overflow the “physical bandwidth” of a CPS. In this paper, we quantify the population-based risk to a group of IoT devices targeted by malware for a PDoS attack. In order to model the recruitment of bots, we develop a “Poisson signaling game,” a signaling game with an unknown number of receivers, which have varying abilities to detect deception. Then we use a version of this game to analyze two mechanisms (legal and economic) to deter botnet recruitment. Equilibrium results indicate that (1) defenders can bound botnet activity, and (2) legislating a minimum level of security has only a limited effect, while incentivizing active defense can decrease botnet activity arbitrarily. This work provides a quantitative foundation for proactive PDoS defense.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter A Stackelberg Game and Markov Modeling of Moving Target Defense

next chapter A Large-Scale Markov Game Approach to Dynamic Protection of Interdependent Infrastructure Networks

Available only for authorised users

This is based on the idea that deceptive senders have a harder time communicating some messages than truthful senders. In interpersonal deception, for instance, lying requires high cognitive load, which may manifest itself in external gestures [23].

This could literally be a hardware or software detector, such as email filters which attempt to tag phishing emails. But it could also be an abstract notion meant to signify the innate ability of a person to recognize deception.

In fact, although all receivers with the same type y have the same likelihood \(\delta _{y}(e\,|\,x,m)\) of observing evidence e given sender type x and message m, our formulation allows the receivers to observe different actual realizations e of the evidence.

A second string can also be considered for the username.

For strong and active receivers, \(\delta _{y}\left( b\,|\,d,p\right) >\delta _{y}\left( b\,|\,l,p\right) ,\) \(y\in \{o,v\}.\) That is, these receivers are more likely to observe suspicious evidence if they are interacting with a malicious sender than if they are interacting with a legitimate sender. Mathematically, \(\delta _{k}(b\,|\,d,p)=\delta _{k}(b\,|\,l,p)\) signifies that type k receivers do not implement a detector.

We abuse notation slightly to write \(\bar{U}_{v}^{R}(a\,|\,m,e,\mu _{y}^{R})\) for the expected utility that R of type v obtains by playing action a.

In Fig. 8(b), \(\sigma _{v}^{R*}(f\,|\,p,b)=1\) for \(\upomega _{d}^{f}=-12.\)

A natural interpretation in an evolutionary game framework would be that \(\sigma _{d}^{S*}(p)=1,\) and \(q^{S}(d)\) decreases when the total activity is bounded. In other words, malicious senders continue recruiting, but some malicious senders drop out since not all of them are supported in equilibrium.

Free community-based mapping, traffic and navigation app. Waze Mobile. https://www.waze.com/

Visions and challenges for realising the internet of things. Technical report, CERP IoT Cluster, European Commission (2010)

Account lockout threshold. Microsoft TechNet (2014). https://technet.microsoft.com/en-us/library/hh994574(v=ws.11).aspx

Amini, S., Mohsenian-Rad, H., Pasqualetti, F.: Dynamic load altering attacks in smart grid. In: Innovative Smart Grid Technologies Conference, pp. 1–5. IEEE (2015)

Bensoussan, A., Kantarcioglu, M., Hoe, S.R.C.: A game-theoretical approach for finding optimal strategies in a botnet defense model. In: Alpcan, T., Buttyán, L., Baras, J.S. (eds.) GameSec 2010. LNCS, vol. 6442, pp. 135–148. Springer, Heidelberg (2010). doi:10.1007/978-3-642-17197-0_9 CrossRef

Byers, T.: Demand response and the IoT: using data to maximize customer benefit. Comverge Blog (2017). http://www.comverge.com/blog/february-2017/demand-response-and-iot-using-data-to-maximize-cus/

Crawford, V.P., Sobel, J.: Strategic information transmission. Econom. J. Econom. Soc. 50(6), 1431–1451 (1982)MathSciNetMATH

Fudenberg, D., Tirole, J.: Game Theory, vol. 393. MIT Press, Cambridge (1991)MATH

Glover, J.D., Sarma, M.S., Overbye, T.: Power System Analysis & Design, SI Version. Cengage Learning, Boston (2012)

10.

Hammerstrom, D.J.: Part II. Grid friendly appliance project. In: GridWise Testbed Demonstration Projects. Pacific Northwest National Laboratory (2007)

11.

Hayel, Y., Zhu, Q.: Epidemic protection over heterogeneous networks using evolutionary poisson games. IEEE Trans. Inf. Forensics Secur. 12(8), 1786–1800 (2017)CrossRef

12.

Herzberg, B., Bekerman, D., Zeifman, I.: Breaking down mirai: An IoT DDoS botnet analysis. Incapsula Blog, Bots and DDoS, Security (2016). https://www.incapsula.com/blog/malware-analysis-mirai-ddos-botnet.html

13.

Higgins, K.J.: Conficker botnet ‘dead in the water’, researcher says, 2010. Dark Reading. http://www.darkreading.com/attacks-breaches/conficker-botnet-dead-in-the-water-researcher-says/d/d-id/1133327?

14.

Lewis, D.: Convention: A Philosophical Study. Wiley, New York (2008)

15.

Meyer, R.: How a Bunch of Hacked DVR Machines Took Down Twitter and Reddit. The Atlantic, Darya Ganj (2016)

16.

Mohammadi, A., Manshaei, M.H., Moghaddam, M.M., Zhu, Q.: A game-theoretic analysis of deception over social networks using fake avatars. In: Zhu, Q., Alpcan, T., Panaousis, E., Tambe, M., Casey, W. (eds.) GameSec 2016. LNCS, vol. 9996, pp. 382–394. Springer, Cham (2016). doi:10.1007/978-3-319-47413-7_22

17.

Mohsenian-Rad, A.-H., Leon-Garcia, A.: Distributed internet-based load altering attacks against smart power grids. IEEE Trans. Smart Grid 2(4), 667–674 (2011)CrossRef

18.

Myerson, R.B.: Population uncertainty and poisson games. Int. J. Game Theor. 27(3), 375–392 (1998)MathSciNetCrossRefMATH

19.

Pawlick, J., Farhang, S., Zhu, Q.: Flip the cloud: cyber-physical signaling games in the presence of advanced persistent threats. In: Khouzani, M.H.R., Panaousis, E., Theodorakopoulos, G. (eds.) GameSec 2015. LNCS, vol. 9406, pp. 289–308. Springer, Cham (2015). doi:10.1007/978-3-319-25594-1_16 CrossRef

20.

Pawlick, J., Zhu, Q.: Deception by design: evidence-based signaling games for network defense. In: Workshop on the Economics of Information Security and Privacy, Delft, The Netherlands (2015)

21.

Pawlick, J., Zhu, Q.: Strategic trust in cloud-enabled cyber-physical systems with an application to glucose control. IEEE Trans. Inf. Forensics and Secur. (2017, to appear)

22.

Radke, R.J., Woodstock, T-K., Imam, M.H., Sanderson, A.C., Mishra, S.: Advanced sensing and control in the smart conference room at the center for lighting enabled systems and applications. In: SID Symposium Digest of Technical Papers, vol. 47, pp. 193–196. Wiley Online Library (2016)

23.

Vrij, A., Mann, S.A., Fisher, R.P., Leal, S., Milne, R., Bull, R.: Increasing cognitive load to facilitate lie detection: the benefit of recalling an event in reverse order. Law Hum. Behav. 32(3), 253–265 (2008)CrossRef

24.

Wu, Q., Shiva, S., Roy, S., Ellis, C., Datla, C.: On modeling and simulation of game theory-based defense mechanisms against DoS and DDoS attacks. In: Proceedings of Spring Simulation Multiconference, p. 159. Society for Computer Simulation International (2010)

Title: Proactive Defense Against Physical Denial of Service Attacks Using Poisson Signaling Games
Authors: Jeffrey Pawlick
Quanyan Zhu
Publisher: Springer International Publishing
Book: Decision and Game Theory for Security
Print ISBN: 978-3-319-68710-0

Electronic ISBN: 978-3-319-68711-7

Copyright Year: 2017
DOI: https://doi.org/10.1007/978-3-319-68711-7_18

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner