Skip to main content
SpringerLink
Log in

Game-Theoretic Approach to Feedback-Driven Multi-stage Moving Target Defense

  • Conference paper
Decision and Game Theory for Security (GameSec 2013)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8252))

Included in the following conference series:

Abstract

The static nature of computer networks allows malicious attackers to easily gather useful information about the network using network scanning and packet sniffing. The employment of secure perimeter firewalls and intrusion detection systems cannot fully protect the network from sophisticated attacks. As an alternative to the expensive and imperfect detection of attacks, it is possible to improve network security by manipulating the attack surface of the network in order to create a moving target defense. In this paper, we introduce a proactive defense scheme that dynamically alters the attack surface of the network to make it difficult for attackers to gather system information by increasing complexity and reducing its signatures. We use concepts from systems and control literature to design an optimal and efficient multi-stage defense mechanism based on a feedback information structure. The change of attack surface involves a reconfiguration cost and a utility gain resulting from risk reduction. We use information- and control-theoretic tools to provide closed-form optimal randomization strategies. The results are corroborated by a case study and several numerical examples.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bowers, K.D., van Dijk, M., Griffin, R., Juels, A., Oprea, A., Rivest, R.L., Triandopoulos, N.: Defending against the unknown enemy: Applying FlipIt to system security. In: Grossklags, J., Walrand, J. (eds.) GameSec 2012. LNCS, vol. 7638, pp. 248–263. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  2. Department of Energy, “Control systems cyber security: defense in depth strategies,” External Report # INL/EXT-06-11478, http://energy.gov/sites/prod/files/oeprod/DocumentsandMedia/Defense_in_Depth_Strategies.pdf

  3. Zhu, Q., Başar, T.: A hierarchical security architecture for the smart grid. In: Hossain, E., Han, Z., Poor, H.V. (eds.) Smart Grid Communications and Networking, Cambridge University Press (2012)

    Google Scholar 

  4. Byres, E., Ginter, A., Langill, J.: “How Stuxnet spreads – A study of infection paths in best practice systems,” White Paper, Tofino Security (February 22, 2011)

    Google Scholar 

  5. Falliere, N., Murchu, L.O., Chien, E.: “W32. Stuxnet Dossier,” Symantec Reports (February 2011)

    Google Scholar 

  6. Manadhata, P.K., Wing, J.M.: An attack surface metric. IEEE Trans. on Software Engineering 37(3), 371–386 (2011)

    Article  Google Scholar 

  7. Jajodia, S., Ghosh, A.K., Swarup, V., Wang, C., Wang, X.S.: Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats. In: Advances in Information Security. Springer (2011)

    Google Scholar 

  8. Jajodia, S., Ghosh, S.K., Subrahmanian, V.S., Swarup, V., Wang, C., Wang, X.S.: Moving Target Defense II: Application of Game Theory and Adversarial Modeling. In: Advances in Information Security. Springer (2012)

    Google Scholar 

  9. Poolsappasit, N., Dewri, R., Ray, I.: Dynamic Security Risk Management Using Bayesian Attack Graphs. IEEE Transactions on Dependable and Secure Computing 9(1), 61–74 (2012)

    Article  Google Scholar 

  10. Ten, C.-W., Liu, C.-C., Manimaran, G.: Vulnerability assessment of cybersecurity for SCADA systems using attack trees. In: Proc. IEEE Power Eng. Soc. Gen. Meeting, Tampa, FL, June 24-28, pp. 1–8 (2007)

    Google Scholar 

  11. Fudenberg, D., Levine, D.K.: The Theory of Learning in Games. The MIT Press (1998)

    Google Scholar 

  12. Kc, G.S., Keromytis, A.D., Prevelakis, V.: Countering code-injection attacks with instruction-set randomization. In: Proceedings of the 10th ACM Conference on Computer and Communications Security (CCS 2003), New York, NY, USA, pp. 272–280 (2003)

    Google Scholar 

  13. Neti, S., Somayaji, A., Locasto, M.E.: Software diversity: security, entropy and game theory. In: Proceedings of the 7th USENIX Conference on Hot Topics in Security, HotSec 2012 (2012)

    Google Scholar 

  14. Manshaei, M.H., Zhu, Q., Alpcan, T., Başar, T., Hubaux, J.-P.: Game theory meets network security and privacy. ACM Computing Survey 45(3), 25:1–25:39 (2013)

    Google Scholar 

  15. Zhu, Q., Tembine, H., Başar, T.: Hybrid learning in stochastic games and its applications in network security. In: Lewis, F., Liu, D. (eds.) Reinforcement Learning and Approximate Dynamic Programming for Feedback Control, ch. 14. Computational Intelligence Series, pp. 305–329. IEEE Press, Wiley (2013)

    Google Scholar 

  16. Zhu, Q., Tembine, H., Başar, T.: Distributed strategic learning with application to network security. In: Proc. 2011 American Control Conference (ACC 2011), San Francisco, CA, June 29-July 1, pp. 4057–4062 (2011)

    Google Scholar 

  17. Zhu, Q., Tembine, H., Başar, T.: Heterogeneous learning in zero-sum stochastic games with incomplete information. In: Proc. 49th IEEE Conference on Decision and Control (CDC 2010), Atlanta, Georgia, December 15-17, pp. 219–224 (2010)

    Google Scholar 

  18. Zhu, Q., Clark, A., Poovendran, R., Başar, T.: Deceptive routing games. In: Proc. 51st IEEE Conference on Decision and Control (CDC 2012), Maui, Hawaii, Deccember 10-13 (2012)

    Google Scholar 

  19. Başar, T., Olsder, G.J.: Dynamic Noncooperative Game Theory. SIAM Series in Classics in Applied Mathematics (January 1999)

    Google Scholar 

  20. Zhu, Q., Başar, T.: Dynamic policy-based IDS configuration. In: Proc. 48th IEEE Conference on Decision and Control (CDC 2009), Shanghai, China, December 16-18 (2009)

    Google Scholar 

  21. Clark, A., Zhu, Q., Poovendran, R., Başar, T.: An impact-aware defense against Stuxnet. In: Proc. 2013 American Control Conference (ACC 2013), Washington, DC, June 17-19, pp. 4146–4153 (2013)

    Google Scholar 

  22. Zhu, Q., Clark, A., Poovendran, R., Başar, T.: Deceptive routing games. In: Proc. 51st IEEE Conference on Decision and Control (CDC 2012), Maui, Hawaii, December 10-13, pp. 2704–2711 (2012)

    Google Scholar 

  23. Clark, A., Zhu, Q., Poovendran, R., Başar, T.: Deceptive routing in relay networks. In: Grossklags, J., Walrand, J. (eds.) GameSec 2012. LNCS, vol. 7638, pp. 171–185. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  24. Sandholm, W.H.: Excess payoff dynamics and other well-behaved evolutionary dynamics. Journal of Economic Theory 124(2), 149–170 (2005)

    Article  MathSciNet  MATH  Google Scholar 

  25. Weibull, J.W.: Evolutionary game theory. MIT Press (1997)

    Google Scholar 

  26. Zhu, Q., Başar, T.: “Feedback-Driven Multi-Stage Moving Target Defense”, CSL Technical Report

    Google Scholar 

  27. Borkar, V.S.: Stochastic approximation: A dynamical systems viewpoint. Cambridge University Press (2008)

    Google Scholar 

  28. Franklin, G.F., Powell, D.J., Emami-Naeini, A.: Feedback Control of Dynamic Systems, 5th edn. Prentice Hall PTR, Upper Saddle River (2001)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Electrical Engineering, Princeton University, NJ, USA, 08544

    Quanyan Zhu

  2. Coordinated Science Laboratory and Department of Electrical and Computer Engineering, University of Illinois at Urbana Champaign, 1308 W. Main St., Urbana, IL, USA, 61801

    Tamer Başar

Authors
  1. Quanyan Zhu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Tamer Başar
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, Missouri University of Science and Technology, 500 West 15th Street, 325B Computer Science Building, 65409, Rolla, MO, USA

    Sajal K. Das

  2. Department of Computer Science, Purdue University, LWSN 2142J, 305 N. University Street, 47907, West Lafayette, IN, USA

    Cristina Nita-Rotaru

  3. Data Seurity and Privacs Lab, University of Texas at Dallas, 800 W. Campbell Road, MS EC31, 75080, Richardson, TX, USA

    Murat Kantarcioglu

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer International Publishing Switzerland

About this paper

Cite this paper

Zhu, Q., Başar, T. (2013). Game-Theoretic Approach to Feedback-Driven Multi-stage Moving Target Defense. In: Das, S.K., Nita-Rotaru, C., Kantarcioglu, M. (eds) Decision and Game Theory for Security. GameSec 2013. Lecture Notes in Computer Science, vol 8252. Springer, Cham. https://doi.org/10.1007/978-3-319-02786-9_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-02786-9_15

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-02785-2

  • Online ISBN: 978-3-319-02786-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation