A Dynamic Games Approach to Proactive Defense Strategies against Advanced Persistent Threats in Cyber-Physical Systems
share
Advanced Persistent Threats (APTs) have recently emerged as a significant security challenge for Cyber-Physical Systems (CPSs) due to APTs' stealthy, dynamic and adaptive nature. The proactive dynamic defense provides a strategic and holistic security mechanism to increase costs of attacks and mitigate risks. This work proposes a dynamic game framework to model the long-term interaction between the stealthy attacker and the proactive defender. The stealthy and deceptive behaviors are captured by the multistage game of incomplete information, where each player has his own private information unknown to the other. Both players act strategically according to their beliefs which are formed by multistage observation and learning. The solution concept of Perfect Bayesian Nash Equilibrium (PBNE) provides a useful prediction of both players' policies because no players benefit from unilateral deviations from the equilibrium. We propose an iterative algorithm to compute the PBNE and use Tennessee Eastman process as a benchmark case study. Our numerical experiment corroborates the analytical results and provides further insights into the design of proactive defense-in-depth strategies.
READ FULL TEXT