Securing infrastructure facilities: when does proactive defense help?
From MaRDI portal
Publication:2292114
Abstract: Infrastructure systems are increasingly facing new security threats due to the vulnerabilities of cyber-physical components that support their operation. In this article, we investigate how the infrastructure operator (defender) should prioritize the investment in securing a set of facilities in order to reduce the impact of a strategic adversary (attacker) who can target a facility to increase the overall usage cost of the system. We adopt a game-theoretic approach to model the defender-attacker interaction and study two models: normal-form game -- where both players move simultaneously; and sequential game -- where attacker moves after observing the defender's strategy. For each model, we provide a complete characterization of how the set of facilities that are secured by the defender in equilibrium vary with the costs of attack and defense. Importantly, our analysis provides a sharp condition relating the cost parameters for which the defender has the first mover advantage. Specifically, we show that to fully deter the attacker from targeting any facility, the defender needs to proactively secure all "vulnerable facilities" at an appropriate level of effort. We illustrate the outcome of the attacker-defender interaction on a simple transportation network. We also suggest a dynamic learning setup to understand how this outcome can affect the ability of imperfectly informed users to make their decisions about using the system in the post-attack stage.
Recommendations
Cites work
- scientific article; zbMATH DE number 706270 (Why is no real title available?)
- scientific article; zbMATH DE number 232878 (Why is no real title available?)
- scientific article; zbMATH DE number 3069635 (Why is no real title available?)
- A payoff-based learning procedure and its application to traffic games
- Attack, Defence, and Contagion in Networks
- Attacker–defender models and road network vulnerability
- Commitment and observability in games
- Consistency and cautious fictitious play
- Correlated equilibria in some classes of two-person games
- Cyberphysical Security in Networked Control Systems: An Introduction to the Issue
- Game theory meets network security and privacy
- How do you defend a network?
- Learning in extensive-form games. I: Self-confirming equilibria
- Markov perfect equilibrium. I: Observable actions
- Network design and defence
- Network security and contagion
- Network security. A decision and game-theoretic approach.
- On the Global Convergence of Stochastic Fictitious Play
- On the convergence of reinforcement learning
- Potential games with continuous player sets
- Rational Learning Leads to Nash Equilibrium
- Routing without regret, on convergence to Nash equilibria of regret-minimizing algorithms in routing games
- Security of interdependent and identical networked control systems
- Subjective Equilibrium in Repeated Games
- Two-Person Zero-Sum Games for Network Interdiction
Cited in
(6)- Protecting complex infrastructures against multiple strategic attackers
- Upper and lower values in zero-sum stochastic games with asymmetric information
- Critical infrastructure protection using secrecy -- a discrete simultaneous game
- Role of intelligence inputs in defending against cyber warfare and cyberterrorism
- A large-scale Markov game approach to dynamic protection of interdependent infrastructure networks
- Two-stage invest-defend game: balancing strategic and operational decisions
This page was built for publication: Securing infrastructure facilities: when does proactive defense help?
Report a bug (only for logged in users!)Click here to report a bug for this page (MaRDI item Q2292114)
