A Game-Theoretical Self-Adaptation Framework for Securing Software-Intensive Systems

by   Mingyue Zhang, et al.

The increasing prevalence of security attacks on software-intensive systems calls for new, effective methods for detecting and responding to these attacks. As one promising approach, game theory provides analytical tools for modeling the interaction between the system and the adversarial environment and designing reliable defense. In this paper, we propose an approach for securing software-intensive systems using a rigorous game-theoretical framework. First, a self-adaptation framework is deployed on a component-based software intensive system, which periodically monitors the system for anomalous behaviors. A learning-based method is proposed to detect possible on-going attacks on the system components and predict potential threats to components. Then, an algorithm is designed to automatically build a Bayesian game based on the system architecture (of which some components might have been compromised) once an attack is detected, in which the system components are modeled as independent players in the game. Finally, an optimal defensive policy is computed by solving the Bayesian game to achieve the best system utility, which amounts to minimizing the impact of the attack. We conduct two sets of experiments on two general benchmark tasks for security domain. Moreover, we systematically present a case study on a real-world water treatment testbed, i.e. the Secure Water Treatment System. Experiment results show the applicability and the effectiveness of our approach.



There are no comments yet.


page 26


System Component-Level Self-Adaptations for Security via Bayesian Games

Security attacks present unique challenges to self-adaptive system desig...

Assessing the Effectiveness of Attack Detection at a Hackfest on Industrial Control Systems

A hackfest named SWaT Security Showdown (S3) has been organized consecut...

Attack-Defense Quantification Based On Game-Theory

With the developing of the attack and defense technology, the cyber envi...

Towards Thwarting Social Engineering Attacks

Social engineering attacks represent an increasingly important attack ve...

Risk Assessment of Autonomous Vehicles Using Bayesian Defense Graphs

Recent developments have made autonomous vehicles (AVs) closer to hittin...

Learning-Guided Network Fuzzing for Testing Cyber-Physical System Defences

The threat of attack faced by cyber-physical systems (CPSs), especially ...

Defending Water Treatment Networks: Exploiting Spatio-temporal Effects for Cyber Attack Detection

While Water Treatment Networks (WTNs) are critical infrastructures for l...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.