Cyber Threat Screening Using a Queuing-Based Game-Theoretic Approach
Abstract:
Dynamic and uncertain security environments, such as cyber systems, often involve strategic interactions among multiple decision-making agents. In this paper, the authors consider a cybersecurity setting in which a system administrator (defender) has to screen malicious service requests from an attacker seeking to exhaust available cyber resources and inconvenience users with legitimate requests. This paper proposes a novel cyber-threat inspection model, based on Stackelberg games, that unifiesaspects of Threat Security Games with the Erlang-B queuing framework to provide equilibrium strategies for both the attacker and defender. In the proposed model, the defender seeks to determine the optimal number of security inspection servers required to maximise probability of detecting malicious requests, while the attacker maximises the proba-bility of legitimate requests dropping out of the system. Analytical expressions of the equilibrium solutions of the proposed Stackelberg game are derived under realistic assumptions of system observability and payofffunctions. A numerical case study is presented, and steps for further research are identified
AUTHORS
Pacific Northwest National Laboratory
Richland, Washington, United States
Arnab Bhattacharyais an Operations Research Scientist in the Optimization and Control group at PNNL. His current work lies at the intersection of machine learning, optimization, and optimal control with applications in cyber-physical security and distributed energy systems as part of projects funded by DOE and ARPA-e. Arnab graduated with a Ph.D. in Operations Research from the University of Pittsburgh in 2017 and holds a B. Tech in Industrial Engineering from Indian Institute of Technology (IIT), Kharagpur, India. He is currently a member of IEEE, INFORMS and SIAM.
Michigan State University East Lansing, Michigan,
United States
Shaunak D. Bopardikar is an Assistant Professor with the Electrical and Computer Engineering Department at Michigan State University, East Lansing, MI. His research interests lie in scalable computation and optimisation, in cyber-physical security, and in autonomous motion planning and control. He received the Bachelor of Technology (B. Tech.) and Master of Technology (M. Tech.) degrees in Mechanical Engineering from Indian Institute of Technology, Bombay, India, in 2004, and the Ph.D. degree in Mechanical Engineering from the University of California at Santa Barbara, California, in 2010. He worked as a post-doctoral associate at UC Santa Barbara (2010-2011) during which he developed randomised algorithms for solving large matrix games. From 2011 to 2018, he was a Staff Research Scientist with the Controls group of United Technologies Research Center (UTRC) at East Hartford, Connecticut, and at Berkeley, California. He is a Senior Member of the IEEE, has over 50 refereed journal and conference publications, and has one invention filed for a U.S. patent.
Pacific Northwest National Laboratory
Richland, Washington, United States
Samrat Chatterjee is a Data/Operations Research Scientist and Team Lead with the Data Sciences and Machine Intelligence Group at PNNL. His research focuses on cyber and physical infrastructure resilience modeling, risk and decision analysis, and data/graph analytics in support of the Department of Energy (DOE), Department of Homeland Security (DHS), and the Department of Defense (DoD). He also serves as the lead for Artificial Intelligence (AI) systems thrust within PNNL’s multi-year AI research initiative and holds an affiliate faculty appointment in the Civil and Environmental Engineering department at Northeastern University in Boston, MA. Samrat conducted postdoctoral research on infrastructure risk and decision analysis at the DHS-CREATE Homeland Security Center of Excellence at the University of Southern California and holds a Ph.D. in Civil Systems Engineering from Vanderbilt University. He has authored two books, four book chapters, and over 60 peer-reviewed journal articles, conference papers, and technical reports, and received multiple best paper and poster awards. He is a senior member of the Institute of Electrical and Electronics Engineers (IEEE); and a member of the Society for Risk Analysis (SRA) and the Military Operations Research Society (MORS).
Pacific Northwest National Laboratory
Richland, Washington, United States
Draguna Vrabie is Chief Data Scientist and Team Lead with the Data Sciences and Machine Intelligence Group at PNNL. Her work at the intersection of control system theory and machine learning is aimed at design of adaptive decision and control systems. Her current focus is on methodologies and algorithms for design and operation of high-performance cyber-physical systems. Prior to joining PNNL in 2015, she was a senior scientist at United Technologies Research Center, East Hartford, Connecticut. Draguna holds a Ph.D. in Electrical Engineering from the University of Texas at Arlington, and an M.E. and B.E. in Automatic Control and Computer Engineering from Gheorghe Asachi Technical University, Iaşi, Romania. She co-authored two books on optimal control, reinforcement learning, and differential games; has published over 50 peer-reviewed journal articles and conference papers; and holds 3 patents. She is a member of the IEEE.
Published In
Journal of Information Warfare
The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.
Quick Links
Archive
