Cyber Threat Screening Using a Queuing-Based Game-Theoretic Approach
Dynamic and uncertain security environments, such as cyber systems, often involve strategic interactions among multiple decision-making agents. In this paper, we consider a cybersecurity setting where a system administrator (defender) has to screen malicious service requests of an attacker who seeks to exhaust available cyber resources and inconvenience users with normal requests. We propose a novel cyber-threat inspection model, based on Stackelberg games, that unies aspects of Threat Security Games with the Erlang-B queuing framework to provide equilibrium strategies for both the attacker and defender. In our proposed model, the defender seeks to determine the optimal number of inspection nodes required to maximize detection probability of malicious requests, while the attacker maximizes the probability of legitimate requests dropping out of the system. We derive analytical expressions of the equilibrium solutions of the proposed Stackelberg game under realistic assumptions on system observability and payoff structure of the players. A numerical case study is presented, and steps for further research are identified.
- Research Organization:
- Pacific Northwest National Lab. (PNNL), Richland, WA (United States)
- Sponsoring Organization:
- USDOE
- DOE Contract Number:
- AC05-76RL01830
- OSTI ID:
- 1595269
- Report Number(s):
- PNNL-SA-145431
- Journal Information:
- Journal of Information Warfare, Vol. 18, Issue 4 (Special Edition)
- Country of Publication:
- United States
- Language:
- English
Similar Records
Support for Reactor Operators in Case of Cyber-Security Threats (NEUP Final Report)
A Game-Theoretic Approach to Modeling Attacks and Defenses of Smart Grids at Three Levels