Cybersecurity resource allocation for connected and autonomous vehicles using Bayesian games

Connected and autonomous vehicles (CAVs) are the key elements of intelligent transportation systems (ITS). Although CAVs promise higher efficiency, safety and user satisfaction, they are highly susceptible to cyber-attacks. This necessitates balanced resource allocation to ensure the cybersecurity of CAVs. This article proposes a Bayesian game-theoretic model for cybersecurity resource allocation of CAVs in a multi-target multi-attacker situation, considering the uncertainties due to different categories of threat agents with varying capabilities. We have developed this model from the perspective of the ITS administrator, who aims to minimize the total expected loss due to cyber-attacks. We have derived the conditions for Bayesian Nash Equilibrium using Karush-Kuhn-Tucker conditions for sequential and simultaneous move games. We have developed heuristic methods to obtain approximate solutions for these formulations. A numerical illustration of the proposed method is presented with five attacker categories targeting six types of vehicles of varying valuations. Our results indicate that the simultaneous and sequential games provide similar expected loss for the defender. Different attacker strategies are evaluated to study the robustness of the solutions, and the factorial analysis is used to assess the impact of various attack scenarios. This research offers valuable insights for traffic administrators, vehicle manufacturers, and cybersecurity practitioners.