Biblio

The article by Amin, Schwartz, Cárdenas, and Sastry investigates energy theft in smart utility networks using techniques from game theory and detection theory. The game-theoretic model considers pricing and investment decisions by a distribution utility when it serves a population of strategic customers, and a fraction of customers are fraudulent. Each fraudulent customer chooses to steal electricity after accounting for the probability of fraud detection and the amount of fine that they pay if detected. The probabilistic rate of successful detection depends on the distributor's implementation of a diagnostic scheme and increases with level of investment made by the distributor monitoring fraud. The distributor (leader) chooses the level of investment, the price per unit quantity of billed electricity, and the fine schedule. The customers (followers) make their choices after they learn the distributor's decision. For specific assumptions on customer utilities and a distributor's profit function, this leader-follower game is used to compute equilibrium customer and distributor choices. For two environments, namely an unregulated monopoly and the case of perfect competition, the results provide an estimate of the extent of stealing for different levels of investment (high versus low). These results point toward the need for creating regulatory measures to incentivize investments in security and fraud monitoring.

In recent years, we have seen a number of successful attacks against high-profile targets, some of which have even caused severe physical damage. These examples have shown us that resourceful and determined attackers can penetrate virtually any system, even those that are secured by the "air-gap." Consequently, in order to minimize the impact of stealthy attacks, defenders have to focus not only on strengthening the first lines of defense but also on deploying effective intrusion-detection systems. Intrusion-detection systems can play a key role in protecting sensitive computer systems since they give defenders a chance to detect and mitigate attacks before they could cause substantial losses. However, an over-sensitive intrusion-detection system, which produces a large number of false alarms, imposes prohibitively high operational costs on a defender since alarms need to be manually investigated. Thus, defenders have to strike the right balance between maximizing security and minimizing costs. Optimizing the sensitivity of intrusion detection systems is especially challenging in the case when multiple interdependent computer systems have to be defended against a strategic attacker, who can target computer systems in order to maximize losses and minimize the probability of detection. We model this scenario as an attacker-defender security game and study the problem of finding optimal intrusion detection thresholds.