announcement

Game-Theory-Based Active Defense for Intrusion Detection in Cyber-Physical Embedded Systems

Authors:
Kun Wang

Nanjing University of Posts and Telecommunications, Nanjing, China

Nanjing University of Posts and Telecommunications, Nanjing, China
View Profile

,
Miao Du

Nanjing University of Posts and Telecommunications, Nanjing, China

Nanjing University of Posts and Telecommunications, Nanjing, China
View Profile

,
Dejun Yang

Colorado School of Mines, Denver, USA

Colorado School of Mines, Denver, USA
View Profile

,
Chunsheng Zhu

University of British Columbia, BC, Canada

University of British Columbia, BC, Canada
View Profile

,
Jian Shen

Nanjing University of Information Science and Technology, Nanjing, China

Nanjing University of Information Science and Technology, Nanjing, China
View Profile

,
Yan Zhang

Simula Research Laboratory 8 University of Oslo, Norway

Simula Research Laboratory 8 University of Oslo, Norway
View Profile

Authors Info & Claims

ACM Transactions on Embedded Computing Systems Volume 16 Issue 1Article No.: 18pp 1–21https://doi.org/10.1145/2886100

Published:13 October 2016Publication History

ACM Transactions on Embedded Computing Systems

Abstract

Cyber-Physical Embedded Systems (CPESs) are distributed embedded systems integrated with various actuators and sensors. When it comes to the issue of CPES security, the most significant problem is the security of Embedded Sensor Networks (ESNs). With the continuous growth of ESNs, the security of transferring data from sensors to their destinations has become an important research area. Due to the limitations in power, storage, and processing capabilities, existing security mechanisms for wired or wireless networks cannot apply directly to ESNs. Meanwhile, ESNs are likely to be attacked by different kinds of attacks in industrial scenarios. Therefore, there is a need to develop new techniques or modify the current security mechanisms to overcome these problems. In this article, we focus on Intrusion Detection (ID) techniques and propose a new attack-defense game model to detect malicious nodes using a repeated game approach. As a direct consequence of the game model, attackers and defenders make different strategies to achieve optimal payoffs. Importantly, error detection and missing detection are taken into consideration in Intrusion Detection Systems (IDSs), where a game tree model is introduced to solve this problem. In addition, we analyze and prove the existence of pure Nash equilibrium and mixed Nash equilibrium. Simulations show that the proposed model can both reduce energy consumption by up to 50% compared with the existing All Monitor (AM) model and improve the detection rate by up to 10% to 15% compared with the existing Cluster Head (CH) monitor model.

References

A. Abduvaliyev, A. S. K. Pathan, Z. Jianying, R. Roman, and W. Wai Choong. 2013. On the vital areas of intrusion detection systems in wireless sensor networks. Commun. Surveys Tuts. 15, 3, 1223--1237.Google ScholarCross Ref
A. Bradai and H. Afifi. 2013. Game theoretic framework for reputation-based distributed intrusion detection. In Proceedings of the IEEE International Conference on Social Computing, pp. 558--563. Google ScholarDigital Library
S. D. Babar, N. R. Prasad, and R. Prasad. 2013. Game theoretic modelling of WSN jamming attack and detection mechanism. Proc. IEEE Int. Conf. WPMC. 34, 1, 1--5.Google Scholar
S. Chun Jen, C. Kuan Yu, L. Yu Huei, C. Wei Chung, L. Hsin Yu, and C. Ke Horng. 2013. A power cloud system (PCS) for high efficiency and enhanced transient response in SoC. IEEE Trans. Ind. Electron. 28, 3, 1320--1330.Google Scholar
L. A. DaSilva, H. Bogucka, and A. B. MacKenzie. 2011. Game theory in wireless networks. IEEE Commun. Mag. 49, 8, 110--111.Google ScholarCross Ref
X. Sheng Dong and W. Yu Xiang. 2014. Construction of tree network with limited delivery latency in homogeneous wireless sensor networks. Wireless Pers. Commun. 78, 1, 231--246. Google ScholarDigital Library
N. C. Ekneligoda and W. W. Weaver. 2014. Game-theoretic cold-start transient optimization in DC microgrids. IEEE.Trans. Ind. Electron. 61, 12, 6681--6690.Google ScholarCross Ref
C. J. Fung, J. Zhang, I. Aib, and R. Boutaba. 2011. Dirichlet-based trust management for effective collaborative intrusion detection networks. IEEE Trans. Netw. 8, 2, 79--91.Google Scholar
C. J. Fung, Z. Jie, and R. Boutaba. 2012. Effective acquaintance management based on Bayesian learning for distributed intrusion detection networks. IEEE Trans. Netw. Service Manag. 9, 3, 320--332.Google ScholarCross Ref
E. Germano, L. Dias Knob, A. Araujo Wickboldt, J. Paschoal, and L.Gaspary. 2015. Capitalizing on SDN-based SCADA systems: An anti-eavesdropping case-study. In 2015 IFIP/IEEE International Symposium on Integrated Network Management, pp. 165--173.Google ScholarCross Ref
C. Grothoff. 2003. An excess-based economic model for resource allocation in peer-to-peer networks. IEEE Trans. Internet Comput. 45, 3, 285--292.Google Scholar
Y. Hairong, Z. Yan, P. Zhibo, and X. Li Da. 2014. Superframe planning and access latency of slotted mac for industrial WSN in IoT environment. IEEE Trans. Ind. Inf. 10, 2, 1242--1251.Google ScholarCross Ref
W. Ikram, S. Petersen, P. Orten, and N. F. Thornhill. 2014. Adaptive multi-channel transmission power control for industrial wireless instrumentation. IEEE Trans. Ind. Informat. 10, 2, 978--990.Google ScholarCross Ref
C. Isci, A. Buyuktosunoglu, C. Cher, P. Bose, and M. Martonosi. 2006. An analysis of efficient multi-core global power management policies: Maximizing performance for a given power budget. In Proceedings of the 39th Annual IEEE/ACM international Symposium on Microarchitecture, pp. 347--358. Google ScholarDigital Library
L. B. Jonathan, D. D. Erik, T. H. Mohammad, and R. Daniela. 2010. Deploying sensor networks with guaranteed fault tolerance. IEEE/ACM Trans. Netw. 18, 1, 216--228. Google ScholarDigital Library
S. Jian, T. Hao Wen, W. Jin, W. Jin Wei, and L. Sungyoung. 2015. A novel routing protocol providing good transmission reliability in underwater sensor networks. J. Internet Technol. 16, 1, 171--178.Google Scholar
L. Kyoung Jun, L. Jong Pil, S. Dongsul, Y. Dong Wook, and K. HeeJe. 2014. A novel grid synchronization pll method based on adaptive low-pass notch filter for grid-connected PCS. IEEE Trans. Ind. Electron. 61, 1, 292--301.Google ScholarCross Ref
A. Kansal, H. Jason, S. Zahedi, and M. B. Srivastava. 2007. Power management in energy harvesting sensor networks. ACM Trans. Embedd. Comput. Syst. 6, 4, 32--44. Google ScholarDigital Library
J. Kirsch, S. Goose, Y. Amir, Dong Wei, and P. Skare. 2014. Survivable SCADA via intrusion-tolerant replication. IEEE Trans. Smart Grid. 5, 1, 60--70.Google ScholarCross Ref
S. Khanna, S. S. Venkatesh, O. Fatemieh, F. Khan, and C. A. Gunter. 2012. Adaptive selective verification: An efficient adaptive countermeasure to thwart DoS attacks. IEEE/ACM Trans. Netw. 20, 3, 715--728. Google ScholarDigital Library
O. Kreibich, J. Neuzil, and R. Smid. 2014. Quality-based multiple-sensor fusion in an industrial wireless sensor network for MCM. IEEE Trans. Ind. Electron. 61, 9, 4903--4911.Google ScholarCross Ref
E. Lee. 2008. Cyber physical systems: Design challenges. Tech. Rep. No. UCB/EECS-2008-8, University of California, Berkeley.Google Scholar
H. Liqun and N. W. Bergmann. 2012. Novel industrial wireless sensor networks for machine condition monitoring and fault diagnosis. IEEE Trans. Instrum. Meas. 61, 10, 2787--2798.Google ScholarCross Ref
C. Lin and J. Leneutre. 2009. A game theoretical framework on intrusion detection in heterogeneous networks,” IEEE Trans. Inf. Forens. Secur. 4, 2, 165--178. Google ScholarDigital Library
Y. Liu and C. Comaniciu. 2006. A Bayesian game approach for intrusion detection in wireless ad hoc networks. In Proceedings of the IEEE International Conferences on Valuetools, pp. 1--5. Google ScholarDigital Library
W. Min and K. Keecheon. 2012. Intrusion detection scheme using traffic prediction for wireless industrial networks. IEEE Trans. Commun. 14, 3, 310--318.Google Scholar
R. Mitchell and C. Ing Ray. 2014. Adaptive intrusion detection of malicious unmanned air vehicles using behavior rule specifications. IEEE Trans. Syst. Man Cybern. 44, 5, 593--604.Google ScholarCross Ref
H. Moosavi and F. M. Bui. 2014. A game-theoretic framework for robust optimal intrusion detection in wireless sensor networks. IEEE Trans. Inf. Forens. Secur. 9, 9, 1367--1379. Google ScholarDigital Library
M. Mohi, A. Movaghar, and P. M. Zadeh. 2009. A Bayesian game approach for preventing DoS attacks in wireless sensor networks. In Proceedings of the IEEE International Conference on Communications and Mobile Computing, pp. 507--511. Google ScholarDigital Library
T. Mylvaganam, M. Sassano, and A. Astolfi. 2015. Constructive &epsi; -Nash equilibria for nonzero-sum differential games. IEEE Trans. Automat. Contr. 60, 4, 950--965.Google ScholarCross Ref
A. Nadeem and M. P. Howarth. 2013. A survey of MANET intrusion detection and prevention approaches for network layer attacks. Commun. Surveys Tuts. 15, 4, 2027--2045.Google ScholarCross Ref
D. Parikh and C. T. Suhan. 2008. Data fusion and cost minimization for intrusion detection. IEEE Trans. Inf. Forens. Secur. 3, 3, 381--389. Google ScholarDigital Library
G. Ping, W. Jin, L. Bing, and L. Sungyoung. 2014. A variable threshold-value authentication architecture for wireless mesh networks. J. Internet Technol., vol. 15, no. 6, pp. 929--936.Google Scholar
M. Ting Huai, Z. Jin Juan, T. Mei Li, T. Yuan, A. Al-Dhelaan, M. Al-Rodhaan, and L. Sungyoung. Social network and tag sources based augmenting collaborative recommender system. IEICE Trans. Inf. Syst. E98-D, 4, 902--910.Google Scholar
K. Wang and M. Wu. 2010. Cooperative communications based on trust model for mobile ad hoc networks, IET Inf. Secur. 4, 2, 68--79.Google ScholarCross Ref
A. Weissel and F. Bellosa. 2002. Process cruise control: Eventdriven clock scaling for dynamic power management. In Proceedings of the International Conference on Compilers, Architecture, and Synthesis for Embedded Systems, pp. 240--246. Google ScholarDigital Library
K. Wang, Y. Shao, L. Shu, G. Han, and C. Zhu. 2015. LDPA: A local data processing architecture in ambient assisted living communications, IEEE Commun. Mag. 53, 1, 56--63.Google ScholarCross Ref
K. Wang, H. Lu, L. Shu, and J. J. P. C. Rodrigues. 2014. A context-aware system architecture for leak point detection in the large-scale petrochemical industry. IEEE Commun. Mag. 52, 6, 62--69.Google ScholarCross Ref
K. Wang and Y. Yu. 2013. A query-matching mechanism over out-of-order event stream in IoT. Int. J. Ad Hoc Ubiq. Comput. 13, 3/4, 197--208. Google ScholarDigital Library
K. Wang, Z. Ouyang, R. Krishnan, L. Shu, and L. He. 2015. A game theory based energy management system using price elasticity for smart grids. IEEE Trans. Ind. Inf. 11, 6, 1607--1616.Google ScholarCross Ref
K. Wang and M. Wu. 2012. Nash equilibrium of node cooperation based on metamodel for MANETs. J. Informat. Sci. Eng. 28, 2, 317--333.Google Scholar
K. Wang, Y. Shao, L. Shu, Y. Zhang, and C. Zhu. 2016. Mobile big data fault-tolerant processing for eHealth networks. IEEE Netw. 30, 1, 1--7.Google ScholarDigital Library
R. Yong Jun, S. Jian, W. Jin, H. Jin, and L. Sungyoung. 2015. Mutual verifiable provable data auditing in public cloud storage. J. Internet Technol. 16, 2, 317--323.Google Scholar
Y. Yan, A. El-Atawy, and E. Al-Shaer. 2009. Ranking-based optimal resource allocation in peer-to-peer networks. In Proceedings of the IEEE International Conferences on Computer Communications, pp. 1--6.Google Scholar
X. Zhi Hua, W. Xin Hui, S. Xing Ming, and W. Qian. 2016. A secure and dynamic multi-keyword ranked search scheme over encrypted cloud data. IEEE Trans. Parallel Distrib. Syst. 27, 2, 340--352. DOI: 10.1109/TPDS.2015.2401003 Google ScholarDigital Library
P. Zhao Qing, Z. Yun, and S. Kwong. 2015. Efficient motion and disparity estimation optimization for low complexity multiview video coding. IEEE Trans. Broadcast. 61, 2, 166--176. DOI:10.1109/TBC.2015.2419824Google ScholarCross Ref
Z. Ziming, S. Lambotharan, C. Woon Hau, and F. Zhong. 2015. A game theoretic optimization framework for home demand management incorporating local energy resources. IEEE Trans. Ind. Inf. 11, 2, 353--362.Google Scholar
F. Zhao, C. Bailey-Kellog, and M. Fromherz. 2003. Physics-based encapsulation in embedded software for distributed sensing and control applications. Proc. IEEE. 91, 1, 40--63.Google ScholarCross Ref

Index Terms

Game-Theory-Based Active Defense for Intrusion Detection in Cyber-Physical Embedded Systems
1. Computer systems organization
  1. Dependable and fault-tolerant systems and networks
    1. Redundancy
  2. Embedded and cyber-physical systems
    1. Embedded systems
2. Networks
  1. Network properties
    1. Network reliability

Recommendations

Syntax vs. semantics: competing approaches to dynamic network intrusion detection

Malicious network traffic, including widespread worm activity, is a growing threat to internet-connected networks and hosts. In this paper, we consider both syntax and semantics based approaches for dynamic network intrusion detection. The semantics-...
Read More
Signaling game based strategy of intrusion detection in wireless sensor networks

As Wireless Sensor Networks (WSNs) become increasingly popular, it is necessary to require Intrusion Detection System (IDS) available to detect internal malicious sensor nodes. Because sensor nodes have limited capabilities in terms of their computation,...
Read More
Securing Collaborative Intrusion Detection Systems

One threat to collaborative intrusion detection systems (CIDSs) is statistic-poisoning attacks. In these attacks, adversaries inject incorrect security sensor reports to the system's repository to corrupt the published attack statistics. A novel, robust ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Published in
ACM Transactions on Embedded Computing Systems Volume 16, Issue 1
Special Issue on VIPES, Special Issue on ICESS2015 and Regular Papers
February 2017
602 pages
ISSN:1539-9087
EISSN:1558-3465
DOI:10.1145/3008024
Editor:
Sandeep K. Shukla
Indian Institute of Technology, India
Issue’s Table of Contents
Copyright © 2016 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States

Journal Family
ACM Journals for the Design of Smart and Connected Systems
Publication History
- Published: 13 October 2016
- Revised: 1 January 2016
- Accepted: 1 January 2016
- Received: 1 October 2015
Published in tecs Volume 16, Issue 1

Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
Cyber-physical embedded systems
embedded sensor network
game theory
intrusion detection
network security
optimal active defense
Qualifiers
- announcement
- Research
- Refereed
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 69
  Total Citations
  View Citations
- 866
  Total Downloads
- Downloads (Last 12 months)72
- Downloads (Last 6 weeks)9
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Game-Theory-Based Active Defense for Intrusion Detection in Cyber-Physical Embedded Systems

ACM Transactions on Embedded Computing Systems

Abstract

References

Cited By

Index Terms

Recommendations

Syntax vs. semantics: competing approaches to dynamic network intrusion detection

Signaling game based strategy of intrusion detection in wireless sensor networks

Securing Collaborative Intrusion Detection Systems