Stackelberg-Game-Based Defense Analysis Against Advanced Persistent Threats on Cloud Control System

• Published in: IEEE transactions on industrial informatics Vol. 16; no. 3; pp. 1571 - 1580
• Main Authors: Yuan, Huanhuan, Xia, Yuanqing, Zhang, Jinhui, Yang, Hongjiu, Mahmoud, Magdi S.
• Format: Journal Article
• Language: English
• Published: Piscataway IEEE 01.03.2020; The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
• Subjects: Advanced persistent threats (APTs); Cloud computing; cloud control system (CCS); Computer simulation; Constraint modelling; Control systems; Game theory; Games; Informatics; Quality of service; Security; security as a service; Stackelberg game; Task analysis; Threat evaluation
• ISSN: 1551-3203; 1941-0050
• DOI: 10.1109/TII.2019.2925035

In this paper, the security problem for a cloud control system (CCS) is studied. In the CCS, so-called advanced persistent threats (APTs) can be launched by a malicious attacker to reduce the quality of service of cloud and deteriorate the system performance further. To defend against APTs and create a security as a service scheme, a defender needs to allocate defense resource to different units serving to different plants for improving the overall system performance when the CCS accommodates multiple physical plants simultaneously. After observing the defender's action, the attacker decides which serve units to comprise. Considering that both defender and attacker are subject to resource constraints, the interaction of two sides is modeled by a Stackelberg game. The optimal solutions for two players under different types of budget constraints are investigated. Simulation examples and comparison results are provided to verify the main results of this paper.