IoDM: A Study on a IoT-Based Organizational Deception Modeling with Adaptive General-Sum Game Competition

Seo, Sang; Kim, Do-Hoon

doi:10.3390/electronics11101623

Cited by 3 publications

(6 citation statements)

References 68 publications

(94 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In addition, the formal feedback flow of the mutation scheme was also normalized to suit the drone-type MTD designed to meet the continuity and compatibility of tactical drones operated on the battlefield. [38] Wired/mixed net Game X X Hong et al [41,42] Wired/mixed net Graph & metric O X Zhou et al [43] Wired net Game & tree X X Rahim et al [44] Wired net Formalism X X Ballot et al [18] Wired net Formalism Seo et al [50] Wireless This study extended the scope of adaptation of mutation principles as 'what-to-move,' 'when-tomove,' 'how-to-move' and the scope of a configuration of the MTD mechanisms selected to provide high attenuation of the spatial-temporal asymmetry of attacker dominance over the potential attack surface of mission-critical systems that must be highly secure and safe to unmanned wireless embedded maneuvering platforms such as tactical drones. Based on a Pareto solver that considers both cyberagility and resilience, to reason and prove the adaptive deception performance of the proposed dronetype MTD based on a formal method, this study integrated and performed a structural specification based on diversified decision trees according to PTMDP-based formalism, and verification based on zero-sum games and model checking.…”

Section: Summary Of Experimental Results and Comparisonmentioning

confidence: 99%

“…In a related followup study, Li et al [16] further amplified the hydraulic properties of the spatial-temporal attack surface that changed with MTD mutation by formalizing the Markov Stackelberg model optimized based on the average-cost semi-Markov decision process and discrete-time Markov decision process. Finally, Seo et al [38] added an adaptive cognitive disturbance scheme to the existing MTD and constructed a deceptive game considering the continuous operability of the organization by combining this with a layered social engineering decoy. Also, in this work, a general sum game-based testbed was proposed to improve the proactive defense of the IoT-based sub-farm network cluster further.…”

Section: Stackelberg Game Theoretic Literaturementioning

confidence: 99%

See 1 more Smart Citation

MF2-DMTD: A Formalism and Game-Based Reasoning Framework for Optimized Drone-Type Moving Target Defense

Seo,

Lee,

Kim

et al. 2023

CMC

View full text Add to dashboard Cite

Moving-target-defense (MTD) fundamentally avoids an illegal initial compromise by asymmetrically increasing the uncertainty as the attack surface of the observable defender changes depending on spatial-temporal mutations. However, the existing naive MTD studies were conducted focusing only on wired network mutations. And these cases have also been no formal research on wireless aircraft domains with attributes that are extremely unfavorable to embedded system operations, such as hostility, mobility, and dependency. Therefore, to solve these conceptual limitations, this study proposes normalized drone-type MTD that maximizes defender superiority by mutating the unique fingerprints of wireless drones and that optimizes the period-based mutation principle to adaptively secure the sustainability of drone operations. In addition, this study also specifies MF2-DMTD (model-checkingbased formal framework for drone-type MTD), a formal framework that adopts model-checking and zero-sum game, for attack-defense simulation and performance evaluation of drone-type MTD. Subsequently, by applying the proposed models, the optimization of deceptive defense performance of drone-type MTD for each mutation period also additionally achieves through mixed-integer quadratic constrained programming (MIQCP) and multiobjective optimization-based Pareto frontier. As a result, the optimal mutation cycles in drone-type MTD were derived as (65, 120, 85) for each control-mobility, telecommunication, and payload component configured inside the drone. And the optimal MTD cycles for each swarming cluster, ground control station (GCS), and zone service provider (ZSP) deployed outside the drone were also additionally calculated as (70, 60, 85), respectively. To the best of these authors' knowledge, this study is the first to calculate the deceptive efficiency and functional continuity of the MTD against drones and to normalize the trade-off according to a sensitivity analysis with the optimum.

show abstract

Section: Summary Of Experimental Results and Comparisonmentioning

confidence: 99%

Section: Stackelberg Game Theoretic Literaturementioning

confidence: 99%

MF2-DMTD: A Formalism and Game-Based Reasoning Framework for Optimized Drone-Type Moving Target Defense

Seo,

Lee,

Kim

et al. 2023

CMC

View full text Add to dashboard Cite

show abstract

“…Seo et al [44], [45] added a dynamic cognitive disturbance function that the existing MTD concept was not contain, and combined it with layered social engineering decoy as an organizational open-source intelligence (OSINT) element, thereby strategizing a defensive deception process discretely optimized for real operational goals. In a follow-up study [46], IoT-based organizational deception modeling (IoDM), which represents a partial general-sum-based lightweight deception modeling designed to protect Internet-of-Things (IoT)-based organizational networks built by domain, was presented.…”

Section: Bayesian Stackelberg Game Theoretic Mtdmentioning

confidence: 99%

“…In addition, they did not adaptively optimize the MTD strategies to fit the unique characteristics of the target network or organizational environment, or consider hierarchical state-transition couplings with other deception elements in detail. Seo et al [44], [45], [46] attempted to mitigate these limitations by additionally selecting the unique organizational OSINT elements as the primary mutation set groups of MTD while constructing a virtualized sandbox container-based social engineering decoy, thereby formalizing the game logic framework combined with the MTD sequence.…”

Section: E Comparative Analysis By Previous Studies For Proposed Modelmentioning

confidence: 99%

D3GF: A Study on Optimal Defense Performance Evaluation of Drone-Type Moving Target Defense Through Game Theory

Seo¹,

Moon²,

Lee³

et al. 2023

IEEE Access

Self Cite

View full text Add to dashboard Cite

Based on the paradigm shift in modern warfare, ground forces conduct pilot operations of wireless unmanned maneuvering systems, such as tactical drones, in the form of manned and unmanned cooperative tactics after deploying the relevant systems in the battlefield. However, security considerations for relevant systems are limited to the scope of using only the existing end-to-end encryption and public key authentication modules, and no defense strategy to actively respond to specialized cyber-electronic warfare threats has been officially established. To drastically reduce both the potential attack surface and security vulnerabilities of drones employed in network-centric-warfare, a proactive defense technology that expires the effectiveness of attacks by avoiding invasive action at the target is expected to be essential. Accordingly, this paper proposes the concept of active moving-target-defense (MTD), an element of cyber deception that minimizes the rate of success of cyber-attacks while conversely maximizing both defense predominance and attack complexity asymmetrically, exclusive according to partially observable Markov decision process (POMDP)-based threat modeling that considers both the internal and external operation sequences of target drones. To optimally design the proposed drone-type MTD based on the Pareto frontier, we additionally advanced and simulated a drone-based defensive deception game framework (D3GF), which represents a general-sum combat framework reflecting decision logics such as the perfect Bayesian Nash equilibrium, stochastic Stackelberg, and partial signal game. This study was conducted to compare and calculate the efficiencies of the drone-type MTD's deceptive defense, which had not been considered in prior studies, by unique environmental features inside and outside the drone. Furthermore, we conducted a detailed performance evaluation considering game metrics based on sensitivity analysis. Hereafter, the drone-type MTD will be extended into an actual active drone protection technology combining cyber flare-type avoidance strategies and cyber camouflage-type disarrangement strategies by expanding its optimization domain as a hypergame, while integrating it with drone decoy elements.

show abstract

“…One possible feature involved in building an IoT infrastructure is an IoT system of groups of identical or similar technical characteristic devices. If a specified device has a vulnerability, such homogeneity multiplies its impact [3][4][5].…”

Section: Introduction 1motivationmentioning

confidence: 99%

IoT Multi-Vector Cyberattack Detection Based on Machine Learning Algorithms: Traffic Features Analysis, Experiments, and Efficiency

et al. 2022

View full text Add to dashboard Cite

Cybersecurity is a common Internet of Things security challenge. The lack of security in IoT devices has led to a great number of devices being compromised, with threats from both inside and outside the IoT infrastructure. Attacks on the IoT infrastructure result in device hacking, data theft, financial loss, instability, or even physical damage to devices. This requires the development of new approaches to ensure high-security levels in IoT infrastructure. To solve this problem, we propose a new approach for IoT cyberattack detection based on machine learning algorithms. The core of the method involves network traffic analyses that IoT devices generate during communication. The proposed approach deals with the set of network traffic features that may indicate the presence of cyberattacks in the IoT infrastructure and compromised IoT devices. Based on the obtained features for each IoT device, the feature vectors are formed. To conclude the possible attack presence, machine learning algorithms were employed. We assessed the complexity and time of machine learning algorithm implementation considering multi-vector cyberattacks on IoT infrastructure. Experiments were conducted to approve the method’s efficiency. The results demonstrated that the network traffic feature-based approach allows the detection of multi-vector cyberattacks with high efficiency.

show abstract

IoDM: A Study on a IoT-Based Organizational Deception Modeling with Adaptive General-Sum Game Competition

Cited by 3 publications

References 68 publications

MF2-DMTD: A Formalism and Game-Based Reasoning Framework for Optimized Drone-Type Moving Target Defense

MF2-DMTD: A Formalism and Game-Based Reasoning Framework for Optimized Drone-Type Moving Target Defense

D3GF: A Study on Optimal Defense Performance Evaluation of Drone-Type Moving Target Defense Through Game Theory

IoT Multi-Vector Cyberattack Detection Based on Machine Learning Algorithms: Traffic Features Analysis, Experiments, and Efficiency

Contact Info

Product

Resources

About