Title: A Markov Game Theoretic Approach for Power Grid Security
Abstract: The extensive use of information and communication technologies in power grid systems make them vulnerable to cyber-attacks which can be performed remotely. One particular class of cyber-attack is advanced persistent threats where highly skilled attackers can steal user authentication information’s and then move laterally in the network, from host to host in a hidden manner, until they reach a sensitive target. Once the presence of the attacker has been detected in the network, appropriate actions should be taken quickly to prevent the attacker going deeper. This paper presents a game theoretic approach to optimize the defense against an invader attempting to use a set of known vulnerabilities to reach critical nodes in the network. First, the network is modeled as a vulnerability multi-graph where the nodes represent physical hosts and edges the vulnerabilities that the attacker can exploit to move laterally from one host to another. Secondly, a two-player zero-sum Markov game is built where the states of the game represent the nodes of the vulnerability multi-graph graph and transitions correspond to the edge vulnerabilities that the attacker can exploit. The solution of the game gives the optimal strategy to disconnect vulnerable services and thus slow down the attack.
Speaker: Charles A. Kamhoua (Cyber Assurance Branch, Air Force Research Laboratory)
Speak Bio: Charles A. Kamhoua received the BS in electronic from the University of Douala (ENSET), Cameroon, in 1999, and the MS in telecommunication and networking and the PhD in electrical engineering from Florida International University (FIU), in 2008 and 2011, respectively. He is a Research Electronics Engineer at the Cyber Assurance Branch of the U.S. Air Force Research Laboratory (AFRL), Rome, New York, where he has been working since 2011. He has held visiting positions at Oxford and Harvard. Prior to joining AFRL, he was an educator for more than 10 years. He has co-authored more than 80 peer-reviewed journal and conference papers including best paper awards in the area of game theory applied to cyber security, survivability, cloud computing, hardware Trojan, cyber threat information sharing, wireless communication, online social network and blockchain. He has been invited to more than 40 keynote and distinguished speeches and co-organized more than 10 conferences and workshops. He has mentored more than 50 young scholars counting students, postdocs, and AFRL Summer Faculty Fellow. He has been recognized for his scholarship and leadership with numerous prestigious awards including the 2017 AFRL’s Information Directorate Basic Research Award “for outstanding achievements in basic research”, the 2017 Fred I. Diamond Award for the best paper published at AFRL’s Information Directorate, 40 Air Force Notable Achievement Awards, the 2016 FIU Charles E. Perry Young Alumni Visionary Award, the 2015 Black Engineer of the Year Award (BEYA), the 2015 NSBE Golden Torch Award—Pioneer of the Year, and a selection to the 2015 Heidelberg Laureate Forum, to name a few. He is currently an advisor for the National Research Council, a member of the FIU alumni association, the ACM, and a senior member of IEEE.
Abstract: The extensive use of information and communication technologies in power grid systems make them vulnerable to cyber-attacks which can be performed remotely. One particular class of cyber-attack is advanced persistent threats where highly skilled attackers can steal user authentication information’s and then move laterally in the network, from host to host in a hidden manner, until they reach a sensitive target. Once the presence of the attacker has been detected in the network, appropriate actions should be taken quickly to prevent the attacker going deeper. This paper presents a game theoretic approach to optimize the defense against an invader attempting to use a set of known vulnerabilities to reach critical nodes in the network. First, the network is modeled as a vulnerability multi-graph where the nodes represent physical hosts and edges the vulnerabilities that the attacker can exploit to move laterally from one host to another. Secondly, a two-player zero-sum Markov game is built where the states of the game represent the nodes of the vulnerability multi-graph graph and transitions correspond to the edge vulnerabilities that the attacker can exploit. The solution of the game gives the optimal strategy to disconnect vulnerable services and thus slow down the attack.
Speaker: Charles A. Kamhoua (Cyber Assurance Branch, Air Force Research Laboratory)
Speak Bio: Charles A. Kamhoua received the BS in electronic from the University of Douala (ENSET), Cameroon, in 1999, and the MS in telecommunication and networking and the PhD in electrical engineering from Florida International University (FIU), in 2008 and 2011, respectively. He is a Research Electronics Engineer at the Cyber Assurance Branch of the U.S. Air Force Research Laboratory (AFRL), Rome, New York, where he has been working since 2011. He has held visiting positions at Oxford and Harvard. Prior to joining AFRL, he was an educator for more than 10 years. He has co-authored more than 80 peer-reviewed journal and conference papers including best paper awards in the area of game theory applied to cyber security, survivability, cloud computing, hardware Trojan, cyber threat information sharing, wireless communication, online social network and blockchain. He has been invited to more than 40 keynote and distinguished speeches and co-organized more than 10 conferences and workshops. He has mentored more than 50 young scholars counting students, postdocs, and AFRL Summer Faculty Fellow. He has been recognized for his scholarship and leadership with numerous prestigious awards including the 2017 AFRL’s Information Directorate Basic Research Award “for outstanding achievements in basic research”, the 2017 Fred I. Diamond Award for the best paper published at AFRL’s Information Directorate, 40 Air Force Notable Achievement Awards, the 2016 FIU Charles E. Perry Young Alumni Visionary Award, the 2015 Black Engineer of the Year Award (BEYA), the 2015 NSBE Golden Torch Award—Pioneer of the Year, and a selection to the 2015 Heidelberg Laureate Forum, to name a few. He is currently an advisor for the National Research Council, a member of the FIU alumni association, the ACM, and a senior member of IEEE.