Special Issue "Game Models for Cyber-Physical Infrastructures"

A special issue of Games (ISSN 2073-4336).

Deadline for manuscript submissions: closed (15 July 2018).

Special Issue Editors

Dr. Stefan Rass
E-Mail Website
Guest Editor
Institute of Applied Informatics, Universitaet Klagenfurt, Austria
Dr. Quanyan Zhu
E-Mail Website
Guest Editor
Department of Electrical and Computer Engineering, New York University, 2 Metrotech Center, Brooklyn, 11201, USA

Special Issue Information

Dear Colleagues,

Contemporary information technology infrastructures are becoming increasingly complex, interconnected and employ a strongly growing variety of different assets and (electronic) gadgets. This trend towards the Internet of things creates new challenges and opportunities on both sides, for the defender and the attacker, which are largely unexplored so far. The power of game theory to model complex interactions between entities with conflicting interests has long been recognized for security, but game theoretic approaches to the complex domain of advanced persistent threats are still rare. The special issue therefore calls for work on modeling and complex multi-stage attacks, that can involve cyber-attacks, physical intrusion, as well as combinations and variations thereof. Accurate models are, therefore, expectedly as heterogeneous, and combining different models to describe the complex circumstances that make infrastructures vulnerable is a demanding challenge.

The Special Issue is also open to receiving regular submissions that discuss a relevant topic.

Dr. Stefan Rass
Dr. Quanyan Zhu
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All papers will be peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Games is an international peer-reviewed open access quarterly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 1000 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • Game Theoretic Treatment of Advanced Persistent Threats
  • Game-theoretic analysis of IoT/CPS security
  • Game theory for privacy
  • Cyber-Security Risk Assessment using Game and Decision Theory
  • Risk Management based on Game and Decision Theory
  • Empirical and Behavioral Game Theory
  • Model Validation and Verification
  • Simulation of Security Games
  • Models of Bounded Rationality in Decision Making
  • Organizational Behaviors and Incentives
  • Information Sharing and Cooperation
  • Mechanism Design of Security and Privacy
  • Dynamic Games for Cyber Security
  • Adversary Behavior and Ecosystem
  • Security and Resilience of Critical Infrastructures
  • Numerical Methods for Solving Security Games

Published Papers (4 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

Open AccessArticle
Optimal Control of Heterogeneous Mutating Viruses
Games 2018, 9(4), 103; https://doi.org/10.3390/g9040103 - 13 Dec 2018
Abstract
Different strains of influenza viruses spread in human populations during every epidemic season. As the size of an infected population increases, the virus can mutate itself and grow in strength. The traditional epidemic SIR model does not capture virus mutations and, hence, the [...] Read more.
Different strains of influenza viruses spread in human populations during every epidemic season. As the size of an infected population increases, the virus can mutate itself and grow in strength. The traditional epidemic SIR model does not capture virus mutations and, hence, the model is not sufficient to study epidemics where the virus mutates at the same time as it spreads. In this work, we establish a novel framework to study the epidemic process with mutations of influenza viruses, which couples the SIR model with replicator dynamics used for describing virus mutations. We formulated an optimal control problem to study the optimal strategies for medical treatment and quarantine decisions. We obtained structural results for the optimal strategies and used numerical examples to corroborate our results. Full article
(This article belongs to the Special Issue Game Models for Cyber-Physical Infrastructures)
Show Figures

Figure 1

Open AccessArticle
Security from the Adversary’s Inertia–Controlling Convergence Speed When Playing Mixed Strategy Equilibria
Games 2018, 9(3), 59; https://doi.org/10.3390/g9030059 - 21 Aug 2018
Abstract
Game-theoretic models are a convenient tool to systematically analyze competitive situations. This makes them particularly handy in the field of security where a company or a critical infrastructure wants to defend against an attacker. When the optimal solution of the security game involves [...] Read more.
Game-theoretic models are a convenient tool to systematically analyze competitive situations. This makes them particularly handy in the field of security where a company or a critical infrastructure wants to defend against an attacker. When the optimal solution of the security game involves several pure strategies (i.e., the equilibrium is mixed), this may induce additional costs. Minimizing these costs can be done simultaneously with the original goal of minimizing the damage due to the attack. Existing models assume that the attacker instantly knows the action chosen by the defender (i.e., the pure strategy he is playing in the i-th round) but in real situations this may take some time. Such adversarial inertia can be exploited to gain security and save cost. To this end, we introduce the concept of information delay, which is defined as the time it takes an attacker to mount an attack. In this period it is assumed that the adversary has no information about the present state of the system, but only knows the last state before commencing the attack. Based on a Markov chain model we construct strategy policies that are cheaper in terms of maintenance (switching costs) when compared to classical approaches. The proposed approach yields slightly larger security risk but overall ensures a better performance. Furthermore, by reinvesting the saved costs in additional security measures it is possible to obtain even more security at the same overall cost. Full article
(This article belongs to the Special Issue Game Models for Cyber-Physical Infrastructures)
Show Figures

Figure 1

Open AccessArticle
Cyber–Physical Correlation Effects in Defense Games for Large Discrete Infrastructures
Games 2018, 9(3), 52; https://doi.org/10.3390/g9030052 - 23 Jul 2018
Cited by 5
Abstract
In certain critical infrastructures, correlations between cyber and physical components can be exploited to launch strategic attacks, so that disruptions to one component may affect others and possibly the entire infrastructure. Such correlations must be explicitly taken into account in ensuring the survival [...] Read more.
In certain critical infrastructures, correlations between cyber and physical components can be exploited to launch strategic attacks, so that disruptions to one component may affect others and possibly the entire infrastructure. Such correlations must be explicitly taken into account in ensuring the survival of the infrastructure. For large discrete infrastructures characterized by the number of cyber and physical components, we characterize the cyber–physical interactions at two levels: (i) the cyber–physical failure correlation function specifies the conditional survival probability of the cyber sub-infrastructure given that of the physical sub-infrastructure (both specified by their marginal probabilities), and (ii) individual survival probabilities of both sub-infrastructures are characterized by first-order differential conditions expressed in terms of their multiplier functions. We formulate an abstract problem of ensuring the survival probability of a cyber–physical infrastructure with discrete components as a game between the provider and attacker, whose utility functions are composed of infrastructure survival probability terms and cost terms, both expressed in terms of the number of components attacked and reinforced. We derive Nash equilibrium conditions and sensitivity functions that highlight the dependence of infrastructure survival probability on cost terms, correlation functions, multiplier functions, and sub-infrastructure survival probabilities. We apply these analytical results to characterize the defense postures of simplified models of metro systems, cloud computing infrastructures, and smart power grids. Full article
(This article belongs to the Special Issue Game Models for Cyber-Physical Infrastructures)
Show Figures

Figure 1

Open AccessArticle
Risk Assessment Uncertainties in Cybersecurity Investments
Games 2018, 9(2), 34; https://doi.org/10.3390/g9020034 - 09 Jun 2018
Cited by 2
Abstract
When undertaking cybersecurity risk assessments, it is important to be able to assign numeric values to metrics to compute the final expected loss that represents the risk that an organization is exposed to due to cyber threats. Even if risk assessment is motivated [...] Read more.
When undertaking cybersecurity risk assessments, it is important to be able to assign numeric values to metrics to compute the final expected loss that represents the risk that an organization is exposed to due to cyber threats. Even if risk assessment is motivated by real-world observations and data, there is always a high chance of assigning inaccurate values due to different uncertainties involved (e.g., evolving threat landscape, human errors) and the natural difficulty of quantifying risk. Existing models empower organizations to compute optimal cybersecurity strategies given their financial constraints, i.e., available cybersecurity budget. Further, a general game-theoretic model with uncertain payoffs (probability-distribution-valued payoffs) shows that such uncertainty can be incorporated in the game-theoretic model by allowing payoffs to be random. This paper extends previous work in the field to tackle uncertainties in risk assessment that affect cybersecurity investments. The findings from simulated examples indicate that although uncertainties in cybersecurity risk assessment lead, on average, to different cybersecurity strategies, they do not play a significant role in the final expected loss of the organization when utilising a game-theoretic model and methodology to derive these strategies. The model determines robust defending strategies even when knowledge regarding risk assessment values is not accurate. As a result, it is possible to show that the cybersecurity investments’ tool is capable of providing effective decision support. Full article
(This article belongs to the Special Issue Game Models for Cyber-Physical Infrastructures)
Show Figures

Figure 1

Back to TopTop