iSTRICT: An Interdependent Strategic Trust Mechanism for the Cloud-Enabled Internet of Controlled Things

Jeffrey Pawlick, Juntao Chen, Quanyan Zhu

Research output: Contribution to journalArticle

Abstract

The cloud-enabled Internet of controlled things (IoCT) envisions a network of sensors, controllers, and actuators connected through a local cloud in order to intelligently control physical devices. Because cloud services are vulnerable to advanced persistent threats (APTs), each device in the IoCT must strategically decide whether to trust cloud services that may be compromised. In this paper, we present iSTRICT, an interdependent strategic trust mechanism for the cloud-enabled IoCT. iSTRICT is composed of three interdependent layers. In the cloud layer, iSTRICT uses FlipIt games to conceptualize APTs. In the communication layer, it captures the interaction between devices and the cloud using signaling games. In the physical layer, iSTRICT uses optimal control to quantify the utilities in the higher level games. Best response dynamics link the three layers in an overall “game-of-games,” for which the outcome is captured by a concept called Gestalt Nash equilibrium (GNE).We prove the existence of a GNE under a set of natural assumptions and develop an adaptive algorithm to iteratively compute the equilibrium. Finally, we apply iSTRICT to trust management for autonomous vehicles that rely on measurements from remote sources. We show that strategic trust in the communication layer achieves a worst-case probability of compromise for any attack and defense costs in the cyber layer.

Original languageEnglish (US)
JournalIEEE Transactions on Information Forensics and Security
DOIs
StateAccepted/In press - Jan 1 2018

Fingerprint

Internet
Communication
Adaptive algorithms
Dynamic response
Actuators
Controllers
Sensors
Costs

Keywords

  • advanced persistent threats
  • Autonomous vehicles
  • autonomous vehicles
  • Cascading style sheets
  • Cloud computing
  • cyber-physical systems
  • cybersecurity
  • game-of-games
  • Games
  • Intelligent sensors
  • Internet of controlled things
  • Physical layer
  • strategic trust

ASJC Scopus subject areas

  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications

Cite this

@article{bdf01525189b4cba927f0710497bc6a3,
title = "iSTRICT: An Interdependent Strategic Trust Mechanism for the Cloud-Enabled Internet of Controlled Things",
abstract = "The cloud-enabled Internet of controlled things (IoCT) envisions a network of sensors, controllers, and actuators connected through a local cloud in order to intelligently control physical devices. Because cloud services are vulnerable to advanced persistent threats (APTs), each device in the IoCT must strategically decide whether to trust cloud services that may be compromised. In this paper, we present iSTRICT, an interdependent strategic trust mechanism for the cloud-enabled IoCT. iSTRICT is composed of three interdependent layers. In the cloud layer, iSTRICT uses FlipIt games to conceptualize APTs. In the communication layer, it captures the interaction between devices and the cloud using signaling games. In the physical layer, iSTRICT uses optimal control to quantify the utilities in the higher level games. Best response dynamics link the three layers in an overall “game-of-games,” for which the outcome is captured by a concept called Gestalt Nash equilibrium (GNE).We prove the existence of a GNE under a set of natural assumptions and develop an adaptive algorithm to iteratively compute the equilibrium. Finally, we apply iSTRICT to trust management for autonomous vehicles that rely on measurements from remote sources. We show that strategic trust in the communication layer achieves a worst-case probability of compromise for any attack and defense costs in the cyber layer.",
keywords = "advanced persistent threats, Autonomous vehicles, autonomous vehicles, Cascading style sheets, Cloud computing, cyber-physical systems, cybersecurity, game-of-games, Games, Intelligent sensors, Internet of controlled things, Physical layer, strategic trust",
author = "Jeffrey Pawlick and Juntao Chen and Quanyan Zhu",
year = "2018",
month = "1",
day = "1",
doi = "10.1109/TIFS.2018.2883272",
language = "English (US)",
journal = "IEEE Transactions on Information Forensics and Security",
issn = "1556-6013",
publisher = "Institute of Electrical and Electronics Engineers Inc.",

}

TY - JOUR

T1 - iSTRICT

T2 - An Interdependent Strategic Trust Mechanism for the Cloud-Enabled Internet of Controlled Things

AU - Pawlick, Jeffrey

AU - Chen, Juntao

AU - Zhu, Quanyan

PY - 2018/1/1

Y1 - 2018/1/1

N2 - The cloud-enabled Internet of controlled things (IoCT) envisions a network of sensors, controllers, and actuators connected through a local cloud in order to intelligently control physical devices. Because cloud services are vulnerable to advanced persistent threats (APTs), each device in the IoCT must strategically decide whether to trust cloud services that may be compromised. In this paper, we present iSTRICT, an interdependent strategic trust mechanism for the cloud-enabled IoCT. iSTRICT is composed of three interdependent layers. In the cloud layer, iSTRICT uses FlipIt games to conceptualize APTs. In the communication layer, it captures the interaction between devices and the cloud using signaling games. In the physical layer, iSTRICT uses optimal control to quantify the utilities in the higher level games. Best response dynamics link the three layers in an overall “game-of-games,” for which the outcome is captured by a concept called Gestalt Nash equilibrium (GNE).We prove the existence of a GNE under a set of natural assumptions and develop an adaptive algorithm to iteratively compute the equilibrium. Finally, we apply iSTRICT to trust management for autonomous vehicles that rely on measurements from remote sources. We show that strategic trust in the communication layer achieves a worst-case probability of compromise for any attack and defense costs in the cyber layer.

AB - The cloud-enabled Internet of controlled things (IoCT) envisions a network of sensors, controllers, and actuators connected through a local cloud in order to intelligently control physical devices. Because cloud services are vulnerable to advanced persistent threats (APTs), each device in the IoCT must strategically decide whether to trust cloud services that may be compromised. In this paper, we present iSTRICT, an interdependent strategic trust mechanism for the cloud-enabled IoCT. iSTRICT is composed of three interdependent layers. In the cloud layer, iSTRICT uses FlipIt games to conceptualize APTs. In the communication layer, it captures the interaction between devices and the cloud using signaling games. In the physical layer, iSTRICT uses optimal control to quantify the utilities in the higher level games. Best response dynamics link the three layers in an overall “game-of-games,” for which the outcome is captured by a concept called Gestalt Nash equilibrium (GNE).We prove the existence of a GNE under a set of natural assumptions and develop an adaptive algorithm to iteratively compute the equilibrium. Finally, we apply iSTRICT to trust management for autonomous vehicles that rely on measurements from remote sources. We show that strategic trust in the communication layer achieves a worst-case probability of compromise for any attack and defense costs in the cyber layer.

KW - advanced persistent threats

KW - Autonomous vehicles

KW - autonomous vehicles

KW - Cascading style sheets

KW - Cloud computing

KW - cyber-physical systems

KW - cybersecurity

KW - game-of-games

KW - Games

KW - Intelligent sensors

KW - Internet of controlled things

KW - Physical layer

KW - strategic trust

UR - http://www.scopus.com/inward/record.url?scp=85057412054&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85057412054&partnerID=8YFLogxK

U2 - 10.1109/TIFS.2018.2883272

DO - 10.1109/TIFS.2018.2883272

M3 - Article

AN - SCOPUS:85057412054

JO - IEEE Transactions on Information Forensics and Security

JF - IEEE Transactions on Information Forensics and Security

SN - 1556-6013

ER -