A Game-Theoretical Self-Adaptation Framework for Securing Software-Intensive Systems
release_7vhrtvbd6jbfvhracubumdu7c4
by
Mingyue Zhang, Nianyu Li, Sridhar Adepu, Eunsuk Kang, Zhi Jin
2021
Abstract
The increasing prevalence of security attacks on software-intensive systems
calls for new, effective methods for detecting and responding to these attacks.
As one promising approach, game theory provides analytical tools for modeling
the interaction between the system and the adversarial environment and
designing reliable defense. In this paper, we propose an approach for securing
software-intensive systems using a rigorous game-theoretical framework. First,
a self-adaptation framework is deployed on a component-based software intensive
system, which periodically monitors the system for anomalous behaviors. A
learning-based method is proposed to detect possible on-going attacks on the
system components and predict potential threats to components. Then, an
algorithm is designed to automatically build a Bayesian game based on
the system architecture (of which some components might have been compromised)
once an attack is detected, in which the system components are modeled as
independent players in the game. Finally, an optimal defensive policy is
computed by solving the Bayesian game to achieve the best system utility, which
amounts to minimizing the impact of the attack. We conduct two sets of
experiments on two general benchmark tasks for security domain. Moreover, we
systematically present a case study on a real-world water treatment testbed,
i.e. the Secure Water Treatment System. Experiment results show the
applicability and the effectiveness of our approach.
In text/plain
format
Archived Files and Locations
application/pdf 5.4 MB
file_zw5we6l345gydhmzwl3orcfbam
|
arxiv.org (repository) web.archive.org (webarchive) |
2112.07588v1
access all versions, variants, and formats of this works (eg, pre-prints)