| Title | Evolving Risk Management Against Advanced Persistent Threats in Fog Computing |
| Publication Type | Conference Paper |
| Year of Publication | 2018 |
| Authors | Feng, S., Xiong, Z., Niyato, D., Wang, P., Leshem, A. |
| Conference Name | 2018 IEEE 7th International Conference on Cloud Networking (CloudNet) |
| Date Published | oct |
| Keywords | advanced persistent threats, advanced persistent threats attack, Advanced Persistent Threats attacks, Computational modeling, cyber risk management, cyber-insurace, cyber-insurance, cyberattack, defense computing resources, distributed processing, edge computing, evolutionary computation, evolutionary subgame, Fog Computing, fog computing provider, game theory, Games, Human Behavior, Insurance, Metrics, mobile computing, neutralizing cyber risks, optimisation, Optimization, probability, pubcrawl, purchases ratio, Resiliency, risk management, Scalability, security of data, Stackelberg game, virtualization |
| Abstract | With the capability of support mobile computing demand with small delay, fog computing has gained tremendous popularity. Nevertheless, its highly virtualized environment is vulnerable to cyber attacks such as emerging Advanced Persistent Threats attack. In this paper, we propose a novel approach of cyber risk management for the fog computing platform. Particularly, we adopt the cyber-insurance as a tool for neutralizing cyber risks from fog computing platform. We consider a fog computing platform containing a group of fog nodes. The platform is composed of three main entities, i.e., the fog computing provider, attacker, and cyber-insurer. The fog computing provider dynamically optimizes the allocation of its defense computing resources to improve the security of the fog computing platform. Meanwhile, the attacker dynamically adjusts the allocation of its attack resources to improve the probability of successful attack. Additionally, to prevent from the potential loss due to attacks, the provider also makes a dynamic decision on the purchases ratio of cyber-insurance from the cyber-insurer for each fog node. Thereafter, the cyber-insurer accordingly determines the premium of cyber-insurance for each fog node. In our formulated dynamic Stackelberg game, the attacker and provider act as the followers, and the cyber-insurer acts as the leader. In the lower level, we formulate an evolutionary subgame to analyze the provider's defense and cyber-insurance subscription strategies as well as the attacker's attack strategy. In the upper level, the cyber-insurer optimizes its premium determination strategy, taking into account the evolutionary equilibrium at the lower-level evolutionary subgame. We analytically prove that the evolutionary equilibrium is unique and stable. Moreover, we provide a series of insightful analytical and numerical results on the equilibrium of the dynamic Stackelberg game. |
| DOI | 10.1109/CloudNet.2018.8549403 |
| Citation Key | feng_evolving_2018 |
Evolving Risk Management Against Advanced Persistent Threats in Fog Computing