IDEAS home Printed from https://ideas.repec.org/a/spr/annopr/v294y2020i1d10.1007_s10479-019-03381-1.html
   My bibliography  Save this article

Discrete game-theoretic analysis of defense in correlated cyber-physical systems

Author

Listed:
  • Fei He

    (Texas A&M University-Kingsville)

  • Jun Zhuang

    (University at Buffalo, The State University of New York)

  • Nageswara S. V. Rao

    (Oak Ridge National Laboratory)

Abstract

A cyber-physical system (CPS) is composed of a discrete number of cyber and physical components and subject to internal failures and external disruptions. The functionality of CPS therefore is determined not only by cyber and physical components but the adversary’s attacker strategy. We characterize the effect of cyber-physical interdependency on the CPS survival probability using a product-form function with cyber and physical exponential correlation coefficients. We model simultaneous and sequential discrete games between the provider and attacker on a CPS infrastructure to analyze its survivability and reinforcement strategy at Nash equilibrium. Our results show that the cyber and physical correlation coefficients can significantly affect CPS survival probability. In general, the provider’s cyber- (or physical-) reinforcement level increases as the cyber- (or physical-) attack level increases. In each of cyber and physical domains, the reinforcement level first increases then decreases in its own correlation coefficient, probability of successful component attacks, and maximum level of available resources, but decreases in the correlation coefficient of the other domain. We apply this game-theoretic analysis to a cloud computing infrastructure, and show that its residual capacity is relatively high when the attacker has no information about the distribution of servers. Also, a high level of survival probability does not necessarily lead to high utility.

Suggested Citation

  • Fei He & Jun Zhuang & Nageswara S. V. Rao, 2020. "Discrete game-theoretic analysis of defense in correlated cyber-physical systems," Annals of Operations Research, Springer, vol. 294(1), pages 741-767, November.
  • Handle: RePEc:spr:annopr:v:294:y:2020:i:1:d:10.1007_s10479-019-03381-1
    DOI: 10.1007/s10479-019-03381-1
    as

    Download full text from publisher

    File URL: http://link.springer.com/10.1007/s10479-019-03381-1
    File Function: Abstract
    Download Restriction: Access to the full text of the articles in this series is restricted.

    File URL: https://libkey.io/10.1007/s10479-019-03381-1?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Golany, Boaz & Kaplan, Edward H. & Marmur, Abraham & Rothblum, Uriel G., 2009. "Nature plays with dice - terrorists do not: Allocating resources to counter strategic versus probabilistic risks," European Journal of Operational Research, Elsevier, vol. 192(1), pages 198-208, January.
    2. Zhuang, Jun & Bier, Vicki M. & Alagoz, Oguzhan, 2010. "Modeling secrecy and deception in a multiple-period attacker-defender signaling game," European Journal of Operational Research, Elsevier, vol. 203(2), pages 409-418, June.
    3. Levitin, Gregory & Hausken, Kjell, 2009. "False targets vs. redundancy in homogeneous parallel systems," Reliability Engineering and System Safety, Elsevier, vol. 94(2), pages 588-595.
    4. Jia Guo & Yuqi Han & Chuangxin Guo & Fengdan Lou & Yanbo Wang, 2017. "Modeling and Vulnerability Analysis of Cyber-Physical Power Systems Considering Network Topology and Power Flow Properties," Energies, MDPI, vol. 10(1), pages 1-21, January.
    5. Zhang, Chi & Ramirez-Marquez, José Emmanuel & Wang, Jianhui, 2015. "Critical infrastructure protection using secrecy – A discrete simultaneous game," European Journal of Operational Research, Elsevier, vol. 242(1), pages 212-221.
    6. Gerald Brown & Matthew Carlyle & Javier Salmerón & Kevin Wood, 2006. "Defending Critical Infrastructure," Interfaces, INFORMS, vol. 36(6), pages 530-544, December.
    7. Nageswara S. V. Rao & Chris Y. T. Ma & Fei He & David K. Y. Yau & Jun Zhuang, 2018. "Cyber–Physical Correlation Effects in Defense Games for Large Discrete Infrastructures," Games, MDPI, vol. 9(3), pages 1-24, July.
    8. Kjell Hausken & Jun Zhuang, 2011. "Governments' and Terrorists' Defense and Attack in a T -Period Game," Decision Analysis, INFORMS, vol. 8(1), pages 46-70, March.
    9. Liu, Xiaoxue & Zhang, Jiexin & Zhu, Peidong, 2017. "Modeling cyber-physical attacks based on probabilistic colored Petri nets and mixed-strategy game theory," International Journal of Critical Infrastructure Protection, Elsevier, vol. 16(C), pages 13-25.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Susu Ni & Shuliang Zou & Jiahua Chen, 2022. "Evolutionary Game Model of Internal Threats to Nuclear Security in Spent Fuel Reprocessing Plants Based on RDEU Theory," Sustainability, MDPI, vol. 14(4), pages 1-16, February.
    2. Hunt, Kyle & Zhuang, Jun, 2024. "A review of attacker-defender games: Current state and paths forward," European Journal of Operational Research, Elsevier, vol. 313(2), pages 401-417.
    3. Dacorogna, Michel & Debbabi, Nehla & Kratz, Marie, 2023. "Building up cyber resilience by better grasping cyber risk via a new algorithm for modelling heavy-tailed data," European Journal of Operational Research, Elsevier, vol. 311(2), pages 708-729.

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Jiang, J. & Liu, X., 2018. "Multi-objective Stackelberg game model for water supply networks against interdictions with incomplete information," European Journal of Operational Research, Elsevier, vol. 266(3), pages 920-933.
    2. Sushil Gupta & Martin K. Starr & Reza Zanjirani Farahani & Mahsa Mahboob Ghodsi, 2020. "Prevention of Terrorism–An Assessment of Prior POM Work and Future Potentials," Production and Operations Management, Production and Operations Management Society, vol. 29(7), pages 1789-1815, July.
    3. Nikoofal, Mohammad E. & Zhuang, Jun, 2015. "On the value of exposure and secrecy of defense system: First-mover advantage vs. robustness," European Journal of Operational Research, Elsevier, vol. 246(1), pages 320-330.
    4. Zhang, Chi & Ramirez-Marquez, José Emmanuel & Wang, Jianhui, 2015. "Critical infrastructure protection using secrecy – A discrete simultaneous game," European Journal of Operational Research, Elsevier, vol. 242(1), pages 212-221.
    5. Chi Zhang & Jose Ramirez-Marquez, 2013. "Protecting critical infrastructures against intentional attacks: a two-stage game with incomplete information," IISE Transactions, Taylor & Francis Journals, vol. 45(3), pages 244-258.
    6. Andrew Samuel & Seth D. Guikema, 2012. "Resource Allocation for Homeland Defense: Dealing with the Team Effect," Decision Analysis, INFORMS, vol. 9(3), pages 238-252, September.
    7. Haphuriwat, N. & Bier, V.M., 2011. "Trade-offs between target hardening and overarching protection," European Journal of Operational Research, Elsevier, vol. 213(1), pages 320-328, August.
    8. Xiaojun (Gene) Shan & Jun Zhuang, 2014. "Modeling Credible Retaliation Threats in Deterring the Smuggling of Nuclear Weapons Using Partial Inspection---A Three-Stage Game," Decision Analysis, INFORMS, vol. 11(1), pages 43-62, March.
    9. Mohammad E. Nikoofal & Mehmet Gümüs, 2015. "On the value of terrorist’s private information in a government’s defensive resource allocation problem," IISE Transactions, Taylor & Francis Journals, vol. 47(6), pages 533-555, June.
    10. Hunt, Kyle & Zhuang, Jun, 2024. "A review of attacker-defender games: Current state and paths forward," European Journal of Operational Research, Elsevier, vol. 313(2), pages 401-417.
    11. Shan, Xiaojun & Zhuang, Jun, 2018. "Modeling cumulative defensive resource allocation against a strategic attacker in a multi-period multi-target sequential game," Reliability Engineering and System Safety, Elsevier, vol. 179(C), pages 12-26.
    12. González-Ortega, Jorge & Ríos Insua, David & Cano, Javier, 2019. "Adversarial risk analysis for bi-agent influence diagrams: An algorithmic approach," European Journal of Operational Research, Elsevier, vol. 273(3), pages 1085-1096.
    13. Mohammad E. Nikoofal & Jun Zhuang, 2012. "Robust Allocation of a Defensive Budget Considering an Attacker's Private Information," Risk Analysis, John Wiley & Sons, vol. 32(5), pages 930-943, May.
    14. Zhang, Jing & Zhuang, Jun, 2019. "Modeling a multi-target attacker-defender game with multiple attack types," Reliability Engineering and System Safety, Elsevier, vol. 185(C), pages 465-475.
    15. David Simchi-Levi & Nikolaos Trichakis & Peter Yun Zhang, 2019. "Designing Response Supply Chain Against Bioattacks," Operations Research, INFORMS, vol. 67(5), pages 1246-1268, September.
    16. Kjell Hausken & Jun Zhuang, 2011. "Governments' and Terrorists' Defense and Attack in a T -Period Game," Decision Analysis, INFORMS, vol. 8(1), pages 46-70, March.
    17. Shan, Xiaojun & Zhuang, Jun, 2013. "Hybrid defensive resource allocations in the face of partially strategic attackers in a sequential defender–attacker game," European Journal of Operational Research, Elsevier, vol. 228(1), pages 262-272.
    18. Liang, Liang & Chen, Jingxian & Siqueira, Kevin, 2020. "Revenge or continued attack and defense in defender–attacker conflicts," European Journal of Operational Research, Elsevier, vol. 287(3), pages 1180-1190.
    19. Li, Yapeng & Qiao, Shun & Deng, Ye & Wu, Jun, 2019. "Stackelberg game in critical infrastructures from a network science perspective," Physica A: Statistical Mechanics and its Applications, Elsevier, vol. 521(C), pages 705-714.
    20. Song, Cen & Zhuang, Jun, 2017. "N-stage security screening strategies in the face of strategic applicants," Reliability Engineering and System Safety, Elsevier, vol. 165(C), pages 292-301.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:spr:annopr:v:294:y:2020:i:1:d:10.1007_s10479-019-03381-1. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Sonal Shukla or Springer Nature Abstracting and Indexing (email available below). General contact details of provider: http://www.springer.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.