Biblio

Recommender system is to suggest items that might be interest of the users in social networks. Collaborative filtering is an approach that works based on similarity and recommends items liked by other similar users. Trust model adopts users' trust network in place of similarity. Multi-faceted trust model considers multiple and heterogeneous trust relationship among the users and recommend items based on rating exist in the network of trustees of a specific facet. This paper applies genetic algorithm to estimate parameters of multi-faceted trust model, in which the trust weights are calculated based on the ratings and the trust network for each facet, separately. The model was built on Epinions data set that includes consumers' opinion, rating for items and the web of trust network. It was used to predict users' rating for items in different facets and root mean squared of prediction error (RMSE) was considered as a measure of performance. Empirical evaluations demonstrated that multi-facet models improve performance of the recommender system.

With the advent of the Internet of Things (IoT) and big data, high fidelity localization and tracking systems that employ cameras, RFIDs, and attached sensors intrude on personal privacy. However, the benefit of localization information sharing enables trend forecasting and automation. To address this challenge, we introduce Wobly, an attribute based signature (ABS) that measures gait. Wobly passively receives Wi-Fi beacons and produces human signatures based on the Doppler Effect and multipath signals without attached devices and out of direct line-of-sight. Because signatures are specific to antenna placement and room configuration and do not require sensor attachments, the identities of the individuals can remain anonymous. However, the gait based signatures are still unique, and thus Wobly is able to track individuals in a building or home. Wobly uses the physical layer channel and the unique human gait as a means of encoding a person's identity. We implemented Wobly on a National Instruments Radio Frequency (RF) test bed. Using a simple naive Bayes classifier, the correct identification rate was 87% with line-of-sight (LoS) and 77% with non-line-of-sight (NLoS).

The concept of smart cities envisions services that provide distraction-free support for citizens. To realize this vision, the services must adapt to the citizens' situations, behaviors and intents at runtime. This requires services to gather and process the context of their users. Mobile devices provide a promising basis for determining context in an automated manner on a large scale. However, despite the wide availability of versatile programmable mobile platforms such as Android and iOS, there are only few examples of smart city applications. One reason for this is that existing software platforms primarily focus on low-level resource management which requires application developers to repeatedly tackle many challenging tasks. Examples include efficient data acquisition, secure and privacy-preserving data distribution as well as interoperable data integration. In this paper, we describe the GAMBAS middleware which tries to simplify the development of smart city applications. To do this, GAMBAS introduces a Java-based runtime system with an associated software development kit (SDK). To clarify how the runtime system and the SDK can be used for application development, we describe two simple applications that highlight different middleware functions.

Decoy routing is a promising new approach for censorship circumvention that relies on traffic re-direction by volunteer autonomous systems. Decoy routing is subject to a fundamental censorship attack, called routing around decoy (RAD), in which the censors re-route their clients' Internet traffic in order to evade decoy routing autonomous systems. Recently, there has been a heated debate in the community on the real-world feasibility of decoy routing in the presence of the RAD attack. Unfortunately, previous studies rely their analysis on heuristic-based mechanisms for decoy placement strategies as well as ad hoc strategies for the implementation of the RAD attack by the censors. In this paper, we perform the first systematic analysis of decoy routing in the presence of the RAD attack. We use game theory to model the interactions between decoy router deployers and the censors in various settings. Our game-theoretic analysis finds the optimal decoy placement strategies–-as opposed to heuristic-based placements–-in the presence of RAD censors who take their optimal censorship actions–-as opposed to some ad hoc implementation of RAD. That is, we investigate the best decoy placement given the best RAD censorship. We consider two business models for the real-world deployment of decoy routers: a central deployment that resembles that of Tor and a distributed deployment where autonomous systems individually decide on decoy deployment based on their economic interests. Through extensive simulation of Internet routes, we derive the optimal strategies in the two models for various censoring countries and under different assumptions about the budget and preferences of the censors and decoy deployers. We believe that our study is a significant step forward in understanding the practicality of the decoy routing circumvention approach.

In many Internet of Thing (IoT) application domains security is a critical requirement, because malicious parties can undermine the effectiveness of IoT-based systems by compromising single components and/or communication channels. Thus, a security infrastructure is needed to ensure the proper functioning of such systems even under attack. However, it is also critical that security be at a reasonable resource and energy cost, as many IoT devices may not have sufficient resources to host expensive security tools. In this paper, we focus on the problem of efficiently and effectively securing IoT networks by carefully allocating security tools. We model our problem according to game theory, and provide a Pareto-optimal solution, in which the cost of the security infrastructure, its energy consumption, and the probability of a successful attack, are minimized. Our experimental evaluation shows that our technique improves the system robustness in terms of packet delivery rate for different network topologies.

In Bitcoin's incentive system that supports open mining pools, block withholding attacks incur huge security threats. In this paper, we investigate the mutual attacks among pools as this determines the macroscopic utility of the whole distributed system. Existing studies on pools' interactive attacks usually employ the conventional game theory, where the strategies of the players are considered pure and equal, neglecting the existence of powerful strategies and the corresponding favorable game results. In this study, we take advantage of the Zero-Determinant (ZD) strategy to analyze the block withholding attack between any two pools, where the ZD adopter has the unilateral control on the expected payoffs of its opponent and itself. In this case, we are faced with the following questions: who can adopt the ZD strategy? individually or simultaneously? what can the ZD player achieve? In order to answer these questions, we derive the conditions under which two pools can individually or simultaneously employ the ZD strategy and demonstrate the effectiveness. To the best of our knowledge, we are the first to use the ZD strategy to analyze the block withholding attack among pools.

In this paper, we study system security against Advanced Persistent Threats (APTs). APTs are stealthy and persistent but APTs interact with system and introduce information flows in the system as data-flow and control-flow commands. Dynamic Information Flow Tracking (DIFT) is a promising detection mechanism against APTs which taints suspicious input sources in the system and performs online security analysis when a tainted information is used in unauthorized manner. Our objective in this paper is to model DIFT that handle data-flow and conditional branches in the program that arise from control-flow commands. We use game theoretic framework and provide the first analytical model of DIFT with data-flow and conditional-branch tracking. Our game model which is an undiscounted infinite-horizon stochastic game captures the interaction between APTs and DIFT and the notion of conditional branching. We prove that the best response of the APT is a maximal reachability probability problem and provide a polynomial-time algorithm to find the best response by solving a linear optimization problem. We formulate the best response of the defense as a linear optimization problem and show that an optimal solution to the linear program returns a deterministic optimal policy for the defense. Since finding Nash equilibrium for infinite-horizon undiscounted stochastic games is computationally difficult, we present a nonlinear programming based polynomial-time algorithm to find an E-Nash equilibrium. Finally, we perform experimental analysis of our algorithm on real-world data for NetRecon attack augmented with conditional branching.

Today's network is distributed and heterogeneous in nature and has numerous applications which affect day to day life, such as e-Banking, e-Booking of tickets, on line shopping etc. Hence the security of the network is crucial. Threats in the network can be due to intrusions. Such threats can be observed and handled using Intrusion Detection System. The security can be achieved using intrusion detection system, which observes the data traffic and identifies it as an intrusion or not. The objective of this paper is to design a model using game theoretic approach for intrusion detection. Game model is designed by defining players, strategies and utility functions to identify the Probe attacks. This model is tested with NSLKDD data set. The model is the Probe attacks are identified by dominated strategies elimination method. Experimental results shows that game model identifies the attacks with good detection rate.

This paper presents a novel game theoretic attack-defence decision making framework for cyber-physical system (CPS) security. Game theory is a powerful tool to analyse the interaction between the attacker and the defender in such scenarios. In the formulation of games, participants are usually assumed to be rational. They will always choose the action to pursuit maximum payoff according to the knowledge of the strategic situation they are in. However, in reality the capacity of rationality is often bounded by the level of intelligence, computational resources and the amount of available information. This paper formulates the concept of bounded rationality into the decision making process, in order to optimise the defender's strategy considering that the defender and the attacker have incomplete information of each other and limited computational capacity. Under the proposed framework, the defender can often benefit from deviating from the minimax Nash Equilibrium strategy, the theoretically expected outcome of rational game playing. Numerical results are presented and discussed in order to demonstrate the proposed technique.

Blockchain has been applied to study data privacy and network security recently. In this paper, we propose a punishment scheme based on the action record on the blockchain to suppress the attack motivation of the edge servers and the mobile devices in the edge network. The interactions between a mobile device and an edge server are formulated as a blockchain security game, in which the mobile device sends a request to the server to obtain real-time service or launches attacks against the server for illegal security gains, and the server chooses to perform the request from the device or attack it. The Nash equilibria (NEs) of the game are derived and the conditions that each NE exists are provided to disclose how the punishment scheme impacts the adversary behaviors of the mobile device and the edge server.

Mobile Ad-hoc Networks are dynamic in nature and do not have fixed infrastructure to govern nodes in the networks. The mission lies ahead in coordinating among such dynamically shifting nodes. The root problem of identifying and isolating misbehaving nodes that refuse to forward packets in multi-hop ad hoc networks is solved by the development of a comprehensive system called Audit-based Misbehavior Detection (AMD) that can efficiently isolates selective and continuous packet droppers. AMD evaluates node behavior on a per-packet basis, without using energy-expensive overhearing techniques or intensive acknowledgment schemes. Moreover, AMD can detect selective dropping attacks even in end-to-end encrypted traffic and can be applied to multi-channel networks. Game theoretical approaches are more suitable in deciding upon the reward mechanisms for which the mobile nodes operate upon. Rewards or penalties have to be decided by ensuring a clean and healthy MANET environment. A non-routine yet surprise alterations are well required in place in deciding suitable and safe reward strategies. This work focuses on integrating a Audit-based Misbehaviour Detection (AMD)scheme and an incentive based reputation scheme with game theoretical approach called Supervisory Game to analyze the selfish behavior of nodes in the MANETs environment. The proposed work GAMD significantly reduces the cost of detecting misbehavior nodes in the network.

Allocating several Virtual Machines (VMs) onto a single server helps to increase cloud computing resource utilization and to reduce its operating expense. However, multiplexing VMs with different security levels on a single server gives rise to major VM-to-VM cybersecurity interdependency risks. In this paper, we address the problem of the static VM allocation with cybersecurity loss awareness by modeling it as a two-player zero-sum game between an attacker and a provider. We first obtain optimal solutions by employing the mathematical programming approach. We then seek to find the optimal solutions by quickly identifying the equilibrium allocation strategies in our formulated zero-sum game. We mean by "equilibrium" that none of the provider nor the attacker has any incentive to deviate from one's chosen strategy. Specifically, we study the characteristics of the game model, based on which, to develop effective and efficient allocation algorithms. Simulation results show that our proposed cybersecurity-aware consolidation algorithms can significantly outperform the commonly used multi-dimensional bin packing approaches for large-scale cloud data centers.

Privacy preserving on data publication has been an important research field over the past few decades. One of the fundamental challenges in privacy preserving data publication is the trade-off problem between privacy and utility of the single and independent data set. However, recent research works have shown that the advanced privacy mechanism, i.e., differential privacy, is vulnerable when multiple data sets are correlated. In this case, the trade-off problem between privacy and utility is evolved into a game problem, in which the payoff of each player is dependent not only on his privacy parameter, but also on his neighbors' privacy parameters. In this paper, we firstly present the definition of correlated differential privacy to evaluate the real privacy level of a single data set influenced by the other data sets. Then, we construct a game model of multiple players, who each publishes the data set sanitized by differential privacy. Next, we analyze the existence and uniqueness of the pure Nash Equilibrium and demonstrate the sufficient conditions in the game. Finally, we refer to a notion, i.e., the price of anarchy, to evaluate efficiency of the pure Nash Equilibrium.

This survey provides a structured and comprehensive overview of research on security and privacy in computer and communication networks that use game-theoretic approaches. We present a selected set of works to highlight the application of game theory in addressing different forms of security and privacy problems in computer networks and mobile applications. We organize the presented works in six main categories: security of the physical and MAC layers, security of self-organizing networks, intrusion detection systems, anonymity and privacy, economics of network security, and cryptography. In each category, we identify security problems, players, and game models. We summarize the main results of selected works, such as equilibrium analysis and security mechanism designs. In addition, we provide a discussion on the advantages, drawbacks, and future direction of using game theory in this field. In this survey, our goal is to instill in the reader an enhanced understanding of different research approaches in applying gametheoretic methods to network security. This survey can also help researchers from various fields develop game-theoretic solutions to current and emerging security problems in computer networking.

Recent attacks show that threats to cyber infrastructure are not only increasing in volume, but are getting more sophisticated. The attacks may comprise multiple actions that are hard to differentiate from benign activity, and therefore common detection techniques have to deal with high false positive rates. Because of the imperfect performance of automated detection techniques, responses to such attacks are highly dependent on human-driven decision-making processes. While game theory has been applied to many problems that require rational decisionmaking, we find limitation on applying such method on security games. In this work, we propose Q-Learning to react automatically to the adversarial behavior of a suspicious user to secure the system. This work compares variations of Q-Learning with a traditional stochastic game. Simulation results show the possibility of Naive Q-Learning, despite restricted information on opponents.

5G mobile networks promise universal communication environment and aims at providing higher bandwidth, increased communication and networking capabilities, and extensive signal coverage by using multiple communication technologies including Device-to-Device (D-to-D). This paradigm, will allow scalable and ubiquitous connectivity for large-scale mobile networks where a huge number of heterogeneous devices with limited resources will cooperate to enhance communication efficiency in terms of link reliability, spectral efficiency, system capacity, and transmission range. However, owing to its decentralized nature, cooperative D-to-D communication could be vulnerable to attacks initiated on relay nodes. Consequently, a source node has the interest to select the more protected relay to ensure the security of its traffic. Nevertheless, an improvement in the protection level has a counterpart cost that must be sustained by the device. To address this trade-off as well as the interaction between the attacker and the source device, we propose a dynamic game theoretic based approach to model and analyze this problem as a cost model. The utility function of the proposed non-cooperative game is based on the concepts of return on protection and return on attack which illustrate the gain of selecting a relay for transmitting a data packet by a source node and the reward of the attacker to perform an attack to compromise the transmitted data. Moreover, we discuss and analyze Nash equilibrium convergence of this attack-defense model and we propose an heuristic algorithm that can determine the equilibrium state in a limited number of running stages. Finally, we perform simulation work to show the effectiveness of the game model in assessing the behavior of the source node and the attacker and its ability to reach equilibrium within a finite number of steps.

Security evaluation of diverse SDN frameworks is of significant importance to design resilient systems and deal with attacks. Focused on SDN scenarios, a game-theoretic model is proposed to analyze their security performance in existing SDN architectures. The model can describe specific traits in different structures, represent several types of information of players (attacker and defender) and quantitatively calculate systems' reliability. Simulation results illustrate dynamic SDN structures have distinct security improvement over static ones. Besides, effective dynamic scheduling mechanisms adopted in dynamic systems can enhance their security further.

Wireless sensor networks are subject to attacks such as node capture and cloning, where an attacker physically captures sensor nodes, replicates the nodes, which are deployed into the network, and proceeds to take over the network. In this paper, we develop models for such an attack when there are multiple attackers in a network, and formulate multi-player games to model the noncooperative strategic behavior between the attackers and the network. We consider two cases: a static case where the attackers’ node capture rates are time-invariant and the network’s clone detection/revocation rate is a linear function of the state, and a dynamic case where the rates are general functions of time. We characterize Nash equilibrium solutions for both cases and derive equilibrium strategies for the players. In the static case, we study both the single-attacker and the multi-attacker games within an optimization framework, provide conditions for the existence of Nash equilibria and characterize them in closed forms. In the dynamic case, we study the underlying multi-person differential game under an open-loop information structure and provide a set of conditions to characterize the open-loop Nash equilibrium. We show the equivalence of the Nash equilibrium for the multi-person game to the saddle-point equilibrium between the network and the attackers as a team. We illustrate our results with numerical examples.

Large-scale infrastructures are critical to economic and social development, and hence their continued performance and security are of high national importance. Such an infrastructure often is a system of systems, and its functionality critically depends on the inherent robustness of its constituent systems and its defense strategy for countering attacks. Additionally, interdependencies between the systems play another critical role in determining the infrastructure robustness specified by its survival probability. In this paper, we develop game-theoretic models between a defender and an attacker for a generic system of systems using inherent parameters and conditional survival probabilities that characterize the interdependencies. We derive Nash Equilibrium conditions for the cases of interdependent and independent systems of systems under sum-form utility functions. We derive expressions for the infrastructure survival probability that capture its dependence on cost and system parameters, and also on dependencies that are specified by conditional probabilities. We apply the results to cyber-physical systems which show the effects on system survival probability due to defense and attack intensities, inherent robustness, unit cost, target valuation, and interdependencies.

In this paper, we consider an attack on a string of automated vehicles, or platoons, from a game-theoretic standpoint. Game theory enables us to ask the question of optimality in an adversarial environment; what is the optimal strategy that an attacker can use to disrupt the operation of automated vehicles, considering that the defenders are also optimally trying to maintain normal operation. We formulate a zero-sum game and find optimal controllers for different game parameters. A platoon is then simulated and its closed loop stability is then evaluated in the presence of an optimal attack. It is shown that with the constraint of optimality, the attacker cannot significantly degrade the stability of a vehicle platoon in nominal cases. It is motivated that in order to have an optimal solution that is nearly unstable, the game has to be formulated almost unfairly in favor of the attacker.

In the Internet-of-Things (IoT), users might share part of their data with different IoT prosumers, which offer applications or services. Within this open environment, the existence of an adversary introduces security risks. These can be related, for instance, to the theft of user data, and they vary depending on the security controls that each IoT prosumer has put in place. To minimize such risks, users might seek an “optimal” set of prosumers. However, assuming the adversary has the same information as the users about the existing security measures, he can then devise which prosumers will be preferable (e.g., with the highest security levels) and attack them more intensively. This paper proposes a decision-support approach that minimizes security risks in the above scenario. We propose a non-cooperative, two-player game entitled Prosumers Selection Game (PSG). The Nash Equilibria of PSG determine subsets of prosumers that optimize users' payoffs. We refer to any game solution as the Nash Prosumers Selection (NPS), which is a vector of probabilities over subsets of prosumers. We show that when using NPS, a user faces the least expected damages. Additionally, we show that according to NPS every prosumer, even the least secure one, is selected with some non-zero probability. We have also performed simulations to compare NPS against two different heuristic selection algorithms. The former is proven to be approximately 38% more effective in terms of security-risk mitigation.

The static nature of computer networks allows malicious attackers to easily gather useful information about the network using network scanning and packet sniffing. The employment of secure perimeter firewalls and intrusion detection systems cannot fully protect the network from sophisticated attacks. As an alternative to the expensive and imperfect detection of attacks, it is possible to improve network security by manipulating the attack surface of the network in order to create a moving target defense. In this paper, we introduce a proactive defense scheme that dynamically alters the attack surface of the network to make it difficult for attackers to gather system information by increasing complexity and reducing its signatures. We use concepts from systems and control literature to design an optimal and efficient multi-stage defense mechanism based on a feedback information structure. The change of
attack surface involves a reconfiguration cost and a utility gain resulting from risk reduction. We use information- and control-theoretic tools to provide closed-form optimal randomization strategies. The results are corroborated by a case study and several numerical examples.

Performance of routing is severely degraded when misbehaving nodes drop packets instead of properly forwarding them. In this paper, we propose a Game-Theoretic Adaptive Multipath Routing (GTAMR) protocol to detect and punish selfish or malicious nodes which try to drop information packets in routing phase and defend against collaborative attacks in which nodes try to disrupt communication or save their power. Our proposed algorithm outranks previous schemes because it is resilient against attacks in which more than one node coordinate their misbehavior and can be used in networks which wireless nodes use directional antennas. We then propose a game theoretic strategy, ERTFT, for nodes to promote cooperation. In comparison with other proposed TFT-like strategies, ours is resilient to systematic errors in detection of selfish nodes and does not lead to unending death spirals.

To meet the growing railway-transportation demand, a new train control system, communication-based train control (CBTC) system, aims to maximize the ability of train lines by reducing the headway of each train. However, the wireless communications expose the CBTC system to new security threats. Due to the cyber-physical nature of the CBTC system, a jamming attack can damage the physical part of the train system by disrupting the communications. To address this issue, we develop a secure framework to mitigate the impact of the jamming attack based on a security criterion. At the cyber layer, we apply a multi-channel model to enhance the reliability of the communications and develop a zero-sum stochastic game to capture the interactions between the transmitter and jammer. We present analytical results and apply dynamic programming to find the equilibrium of the stochastic game. Finally, the experimental results are provided to evaluate the performance of the proposed secure mechanism.

With a large number of sensors and control units in networked systems, distributed support vector machines (DSVMs) play a fundamental role in scalable and efficient multi-sensor classification and prediction tasks. However, DSVMs are vulnerable to adversaries who can modify and generate data to deceive the system to misclassification and misprediction. This work aims to design defense strategies for DSVM learner against a potential adversary. We use a game-theoretic framework to capture the conflicting interests between the DSVM learner and the attacker. The Nash equilibrium of the game allows predicting the outcome of learning algorithms in adversarial environments, and enhancing the resilience of the machine learning through dynamic distributed algorithms. We develop a secure and resilient DSVM algorithm with rejection method, and show its resiliency against adversary with numerical experiments.