Game-Theory-Based Active Defense for Intrusion Detection in Cyber-Physical Embedded Systems
Title | Game-Theory-Based Active Defense for Intrusion Detection in Cyber-Physical Embedded Systems |
Publication Type | Journal Article |
Year of Publication | 2016 |
Authors | Wang, Kun, Du, Miao, Yang, Dejun, Zhu, Chunsheng, Shen, Jian, Zhang, Yan |
Journal | ACM Trans. Embed. Comput. Syst. |
Volume | 16 |
Pagination | 18:1–18:21 |
ISSN | 1539-9087 |
Keywords | actuator security, composability, Cyber-physical embedded systems, embedded sensor network, game theory, Human Behavior, Intrusion detection, Metrics, Network security, optimal active defense, pubcrawl, Resiliency |
Abstract | Cyber-Physical Embedded Systems (CPESs) are distributed embedded systems integrated with various actuators and sensors. When it comes to the issue of CPES security, the most significant problem is the security of Embedded Sensor Networks (ESNs). With the continuous growth of ESNs, the security of transferring data from sensors to their destinations has become an important research area. Due to the limitations in power, storage, and processing capabilities, existing security mechanisms for wired or wireless networks cannot apply directly to ESNs. Meanwhile, ESNs are likely to be attacked by different kinds of attacks in industrial scenarios. Therefore, there is a need to develop new techniques or modify the current security mechanisms to overcome these problems. In this article, we focus on Intrusion Detection (ID) techniques and propose a new attack-defense game model to detect malicious nodes using a repeated game approach. As a direct consequence of the game model, attackers and defenders make different strategies to achieve optimal payoffs. Importantly, error detection and missing detection are taken into consideration in Intrusion Detection Systems (IDSs), where a game tree model is introduced to solve this problem. In addition, we analyze and prove the existence of pure Nash equilibrium and mixed Nash equilibrium. Simulations show that the proposed model can both reduce energy consumption by up to 50% compared with the existing All Monitor (AM) model and improve the detection rate by up to 10% to 15% compared with the existing Cluster Head (CH) monitor model. |
URL | http://doi.acm.org/10.1145/2886100 |
DOI | 10.1145/2886100 |
Citation Key | wang_game-theory-based_2016 |