Cyber Threat Screening Using a Queuing-Based Game-Theoretic Approach

Abstract:

Dynamic and uncertain security environments, such as cyber systems, often involve strategic interactions among multiple decision-making agents. In this paper, the authors consider a cybersecurity setting in which a system administrator (defender) has to screen malicious service requests from an attacker seeking to exhaust available cyber resources and inconvenience users with legitimate requests. This paper proposes a novel cyber-threat inspection model, based on Stackelberg games, that unifiesaspects of Threat Security Games with the Erlang-B queuing framework to provide equilibrium strategies for both the attacker and defender. In the proposed model, the defender seeks to determine the optimal number of security inspection servers required to maximise probability of detecting malicious requests, while the attacker maximises the proba-bility of legitimate requests dropping out of the system. Analytical expressions of the equilibrium solutions of the proposed Stackelberg game are derived under realistic assumptions of system observability and payofffunctions. A numerical case study is presented, and steps for further research are identified


AUTHORS

Photo of Arnab Bhattacharya

Pacific Northwest National Laboratory Richland, Washington, 
United States

Arnab Bhattacharya is an Operations Research Scientist with the Environment and Energy Directorate (EED) at PNNL. His current work focuses on sequential decision-making problems under uncertainty, with methodological interests in the areas of stochastic optimisation, Markov decision processes, reinforcement learning, and game theory. Arnab received his Bachelor of Technology (B. Tech) degree in Industrial Engineering from the Indian Institute of Technology, Kharagpur, India, in 2012, and his Ph.D. in Industrial Engineering (with emphasis on Operations Research) from the University of Pittsburgh in 2012. He is currently a member of IEEE, INFORMS, and SIAM.

Photo of Shaunak D. Bopardikar

Michigan State University East Lansing, Michigan,
United States

Shaunak D. Bopardikar is an Assistant Professor with the Electrical and Computer Engineering Department at Michigan State University, East Lansing, MI. His research interests lie in scalable computation and optimisation, in cyber-physical security, and in autonomous motion planning and control. He received the Bachelor of Technology (B. Tech.) and Master of Technology (M. Tech.) degrees in Mechanical Engineering from Indian Institute of Technology, Bombay, India, in 2004, and the Ph.D. degree in Mechanical Engineering from the University of California at Santa Barbara, California, in 2010. He worked as a post-doctoral associate at UC Santa Barbara (2010-2011) during which he developed randomised algorithms for solving large matrix games. From 2011 to 2018, he was a Staff Research Scientist with the Controls group of United Technologies Research Center (UTRC) at East Hartford, Connecticut, and at Berkeley, California. He is a Senior Member of the IEEE, has over 50 refereed journal and conference publications, and has one invention filed for a U.S. patent.

Photo of Samrat Chatterjee

Pacific Northwest National Laboratory Richland, Washington, 
United States

Samrat Chatterjee is a Senior Operations Research Scientist and Team Lead with the National Security Directorate at PNNL. His research focuses on assessing and managing risks to critical cyber and physical infrastructure systems from multiple hazards using interdisciplinary methods from probabilistic risk analysis, decision making under uncertainty, multi-objective optimisation, game theory, statistical learning, and network science. He recently co-authored a book on economic consequence analysis of disasters; has published over 50 peer-reviewed journal articles, conference papers, and technical reports; and received two best paper awards in cybersecurity and disaster resilience at an Institute of Electrical and Electronics Engineers (IEEE) homeland security conference. Prior to joining PNNL, he was a postdoctoral researcher in infrastructure system risk and decision analysis at the DHS-CREATE Homeland Security Center of Excellence at University of Southern California. Samrat holds a Ph.D. from Vanderbilt University, an M.S. from University of Texas at Austin, and a B.E. (Honors) from Punjab Engineering College, India, all in Civil Systems Engineering. He is a member of the Society for Risk Analysis (SRA) and the Military Operations Research Society (MORS).

Photo of Draguna Vrabie

Pacific Northwest National Laboratory Richland, Washington,
United States

Draguna Vrabie is Chief Scientist in Optimization and Control with the Energy and Environment Directorate at PNNL. Her work at the intersection of control system theory and machine learning is aimed at design of adaptive decision and control systems. Her current focus is on methodologies and algorithms for design and operation of high-performance cyber-physical systems. Prior to joining PNNL in 2015, she was a senior scientist at United Technologies Research Center, East Hartford, Connecticut. Draguna holds a Ph.D. in Electrical Engineering from the University of Texas at Arlington, and an M.E. and B.E. in Automatic Control and Computer Engineering from Gheorghe Asachi Technical University, Iaşi, Romania. She co-authored two books on optimal control, reinforcement learning and differential games, has published over 50 peer-reviewed journal articles and conference papers, and holds 3 patents. She is a member of the IEEE.

 

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Quick Links

View the latest issue of JIW.

Latest Edition

Purchase a subscription to JIW.

Subscribe

Keywords

C

C2
C2S
CDX
CIA
CIP
CPS

I

IA
ICS

S

SOA

X

XRY

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

  • Journal of Information Warfare
    114 Ballard Street
    Yorktown, VA
    23690
  • 757.871.3949
  • jiw@gbpts.com