Proactive Defense Against Physical Denial of Service Attacks Using Poisson Signaling Games

Jeffrey Pawlick, Quanyan Zhu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

While the Internet of things (IoT) promises to improve areas such as energy efficiency, health care, and transportation, it is highly vulnerable to cyberattacks. In particular, distributed denial-of-service (DDoS) attacks overload the bandwidth of a server. But many IoT devices form part of cyber-physical systems (CPS). Therefore, they can be used to launch “physical” denial-of-service attacks (PDoS) in which IoT devices overflow the “physical bandwidth” of a CPS. In this paper, we quantify the population-based risk to a group of IoT devices targeted by malware for a PDoS attack. In order to model the recruitment of bots, we develop a “Poisson signaling game,” a signaling game with an unknown number of receivers, which have varying abilities to detect deception. Then we use a version of this game to analyze two mechanisms (legal and economic) to deter botnet recruitment. Equilibrium results indicate that (1) defenders can bound botnet activity, and (2) legislating a minimum level of security has only a limited effect, while incentivizing active defense can decrease botnet activity arbitrarily. This work provides a quantitative foundation for proactive PDoS defense.

Original languageEnglish (US)
Title of host publicationDecision and Game Theory for Security - 8th International Conference, GameSec 2017, Proceedings
PublisherSpringer Verlag
Pages336-356
Number of pages21
Volume10575 LNCS
ISBN (Print)9783319687100
DOIs
StatePublished - 2017
Event8th International Conference on Decision and Game Theory for Security, GameSec 2017 - Vienna, Austria
Duration: Oct 23 2017Oct 25 2017

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume10575 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other8th International Conference on Decision and Game Theory for Security, GameSec 2017
CountryAustria
CityVienna
Period10/23/1710/25/17

Fingerprint

Denial of Service
Internet of Things
Siméon Denis Poisson
Attack
Game
Bandwidth
Deception
Health care
Malware
Overflow
Energy efficiency
Overload
Energy Efficiency
Servers
Healthcare
Quantify
Receiver
Server
Economics
Internet of things

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

Pawlick, J., & Zhu, Q. (2017). Proactive Defense Against Physical Denial of Service Attacks Using Poisson Signaling Games. In Decision and Game Theory for Security - 8th International Conference, GameSec 2017, Proceedings (Vol. 10575 LNCS, pp. 336-356). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10575 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-319-68711-7_18

Proactive Defense Against Physical Denial of Service Attacks Using Poisson Signaling Games. / Pawlick, Jeffrey; Zhu, Quanyan.

Decision and Game Theory for Security - 8th International Conference, GameSec 2017, Proceedings. Vol. 10575 LNCS Springer Verlag, 2017. p. 336-356 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10575 LNCS).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Pawlick, J & Zhu, Q 2017, Proactive Defense Against Physical Denial of Service Attacks Using Poisson Signaling Games. in Decision and Game Theory for Security - 8th International Conference, GameSec 2017, Proceedings. vol. 10575 LNCS, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 10575 LNCS, Springer Verlag, pp. 336-356, 8th International Conference on Decision and Game Theory for Security, GameSec 2017, Vienna, Austria, 10/23/17. https://doi.org/10.1007/978-3-319-68711-7_18
Pawlick J, Zhu Q. Proactive Defense Against Physical Denial of Service Attacks Using Poisson Signaling Games. In Decision and Game Theory for Security - 8th International Conference, GameSec 2017, Proceedings. Vol. 10575 LNCS. Springer Verlag. 2017. p. 336-356. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/978-3-319-68711-7_18
Pawlick, Jeffrey ; Zhu, Quanyan. / Proactive Defense Against Physical Denial of Service Attacks Using Poisson Signaling Games. Decision and Game Theory for Security - 8th International Conference, GameSec 2017, Proceedings. Vol. 10575 LNCS Springer Verlag, 2017. pp. 336-356 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
@inproceedings{4dff27b4971a443fa49868518307a784,
title = "Proactive Defense Against Physical Denial of Service Attacks Using Poisson Signaling Games",
abstract = "While the Internet of things (IoT) promises to improve areas such as energy efficiency, health care, and transportation, it is highly vulnerable to cyberattacks. In particular, distributed denial-of-service (DDoS) attacks overload the bandwidth of a server. But many IoT devices form part of cyber-physical systems (CPS). Therefore, they can be used to launch “physical” denial-of-service attacks (PDoS) in which IoT devices overflow the “physical bandwidth” of a CPS. In this paper, we quantify the population-based risk to a group of IoT devices targeted by malware for a PDoS attack. In order to model the recruitment of bots, we develop a “Poisson signaling game,” a signaling game with an unknown number of receivers, which have varying abilities to detect deception. Then we use a version of this game to analyze two mechanisms (legal and economic) to deter botnet recruitment. Equilibrium results indicate that (1) defenders can bound botnet activity, and (2) legislating a minimum level of security has only a limited effect, while incentivizing active defense can decrease botnet activity arbitrarily. This work provides a quantitative foundation for proactive PDoS defense.",
author = "Jeffrey Pawlick and Quanyan Zhu",
year = "2017",
doi = "10.1007/978-3-319-68711-7_18",
language = "English (US)",
isbn = "9783319687100",
volume = "10575 LNCS",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer Verlag",
pages = "336--356",
booktitle = "Decision and Game Theory for Security - 8th International Conference, GameSec 2017, Proceedings",
address = "Germany",

}

TY - GEN

T1 - Proactive Defense Against Physical Denial of Service Attacks Using Poisson Signaling Games

AU - Pawlick, Jeffrey

AU - Zhu, Quanyan

PY - 2017

Y1 - 2017

N2 - While the Internet of things (IoT) promises to improve areas such as energy efficiency, health care, and transportation, it is highly vulnerable to cyberattacks. In particular, distributed denial-of-service (DDoS) attacks overload the bandwidth of a server. But many IoT devices form part of cyber-physical systems (CPS). Therefore, they can be used to launch “physical” denial-of-service attacks (PDoS) in which IoT devices overflow the “physical bandwidth” of a CPS. In this paper, we quantify the population-based risk to a group of IoT devices targeted by malware for a PDoS attack. In order to model the recruitment of bots, we develop a “Poisson signaling game,” a signaling game with an unknown number of receivers, which have varying abilities to detect deception. Then we use a version of this game to analyze two mechanisms (legal and economic) to deter botnet recruitment. Equilibrium results indicate that (1) defenders can bound botnet activity, and (2) legislating a minimum level of security has only a limited effect, while incentivizing active defense can decrease botnet activity arbitrarily. This work provides a quantitative foundation for proactive PDoS defense.

AB - While the Internet of things (IoT) promises to improve areas such as energy efficiency, health care, and transportation, it is highly vulnerable to cyberattacks. In particular, distributed denial-of-service (DDoS) attacks overload the bandwidth of a server. But many IoT devices form part of cyber-physical systems (CPS). Therefore, they can be used to launch “physical” denial-of-service attacks (PDoS) in which IoT devices overflow the “physical bandwidth” of a CPS. In this paper, we quantify the population-based risk to a group of IoT devices targeted by malware for a PDoS attack. In order to model the recruitment of bots, we develop a “Poisson signaling game,” a signaling game with an unknown number of receivers, which have varying abilities to detect deception. Then we use a version of this game to analyze two mechanisms (legal and economic) to deter botnet recruitment. Equilibrium results indicate that (1) defenders can bound botnet activity, and (2) legislating a minimum level of security has only a limited effect, while incentivizing active defense can decrease botnet activity arbitrarily. This work provides a quantitative foundation for proactive PDoS defense.

UR - http://www.scopus.com/inward/record.url?scp=85032860002&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85032860002&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-68711-7_18

DO - 10.1007/978-3-319-68711-7_18

M3 - Conference contribution

AN - SCOPUS:85032860002

SN - 9783319687100

VL - 10575 LNCS

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 336

EP - 356

BT - Decision and Game Theory for Security - 8th International Conference, GameSec 2017, Proceedings

PB - Springer Verlag

ER -