Abstract
When looking at security incidents in Industrial Control System (ICS) networks, it appears that the interplay between an attacker and a defender can be modeled using a game-theoretic approach. Preparing a game require several steps, including the definition of attack and defense strategies, estimation of payoffs, etc. Specifically, during the preparation of a game, the estimation of payoffs (i.e. damage) for each possible scenario is one of its core tasks. However, damage estimation is not always a trivial task since it cannot be easily predicted, primarily due to incomplete information about the attack or due to external influences (e.g. weather conditions, etc.). Therefore, it is evident that describing the payoffs by means of a probability distribution may be an appropriate approach to deal with this uncertainty. In this chapter, we show that if the network structure of an organization is known, it is possible to estimate the payoff distribution by means of a stochastic spreading model. To this extend, the underlying network is modeled as a graph whose edges are classified depending on their properties. Each of these classes has a different probability of failure (e.g. probability of transmitting a malware). Finally, we demonstrate how these probabilities can be estimated, even if only subjective information is available.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Busby, J., Gouglidis, A., Rass, S., König, S.: Modelling security risk in critical utilities: The system at risk as a three player game and agent society. In: Proceedings of 2016 IEEE International conference on System, Man, and Cybernetics (SMC) Budapest, October 9-12 (2016). https://doi.org/10.1109/SMC.2016.7844492
Chen, Z., Ji, C.: Spatial-temporal modeling of malware propagation in networks. IEEE Transactions on Neural networks 16(5), 1291–1303 (2005)
Dudenhoeffer, D.D., Permann M.R. und Manic, M.: CIMS: A framework for infrastructure interdependency modeling and analysis. In: Proceedings of the 2006 Winter Simulation Conference. New Jersey (2006)
Dudenhoeffer, D.D., Permann M.R. und Boring, R.: Decision consequence in complex environments: Visualizing decision impact. In: Proceeding of Sharing Solutions for Emergencies and Hazardous Environments. American Nuclear Society Joint Topical Meeting: 9th Emergency Preparedness and Response/11th Robotics and Remote Systems for Hazardous Environments (2006)
Erdős, P., Rényi, A.: On random graphs. Publicationes Mathematicae 6, 290–297 (1959)
Gao, C., Liu, J.: Modeling and restraining mobile virus propagation. IEEE Transactions on Mobile Computing 12(3), 529–541 (2013)
Knapp, E.D., Langill, J.T.: Industrial Network Security: Securing critical infrastructure networks for smart grid, SCADA, and other Industrial Control Systems. Syngress (2014)
König, S.: Error propagation through a network with non-uniform failure. arXiv:1604.03558 (2016)
König, S., Rass, S., Schauer, S., Beck, A.: Risk propagation analysis and visualization using percolation theory. International Journal of Advanced Computer Science and Applications (IJACSA) 7(1) (2016)
König, S., Schauer, S., Rass, S.: A Stochastic Framework for Prediction of Malware Spreading in Heterogeneous Networks, pp. 67–81. Springer, Cham (2016)
Mell, P., Scarfone, K., Romanosky, S.: A complete guide to the common vulnerability scoring system version 2.0. In: Published by FIRST-Forum of Incident Response and Security Teams, vol. 1, p. 23 (2007)
Meyers, L.A., Newman, M.E.J., Pourbohloul, B.: Predicting epidemics on directed contact networks. Journal of Theoretical Biology 240(3), 400–418 (2006)
Microsoft: Chapter 3 threat modeling (2003). URL https://msdn.microsoft.com/en-us/library/ff648644.aspx,[retrieved:26/09/2017]
Miller, J.C.: Bounding the size and probability of epidemics on networks. Applied Probability Trust 45, 498–512 (2008)
Miller, J.C., Volz, E.M.: Incorporating disease and population structure into models of SIR disease in contact networks. PLoS ONE 8(8), 1–14 (2013)
MITRE: Common vulnerabilities and exposure. URL https://cve.mitre.org/,[retrieved:26/09/2017]
NIST: National vulnerability database. URL https://nvd.nist.gov/,[retrieved:26/09/2017]
OpenVAS: Open vulnerability assessment system. URL http://www.openvas.org/,[retrieved:26/09/2017]
Pederson, P., Dudenhoeffer, D.D., Hartley, S., Permann, M.R.: Critical infrastructure interdependency modeling: A survey of U.S. and international research. Tech. rep., Idaho National Laboratory (2006). INL/EXT-06-11464
Rass, S., König, S.: Package ’HyRiM’: Multicriteria risk management using zero-sum games with vector-valued payoffs that are probability distributions. http://hyrim.net (2016). Version 1.0 (current stable release as of Sep.16; ongoing development)
Rass, S., König, S., Schauer, S.: Uncertainty in games: Using probability distributions as payoffs. In: M. Khouzani, E. Panaousis, G. Theodorakopoulos (eds.) Decision and Game Theory for Security, 6th International Conference, GameSec 2015, LNCS 9406. Springer (2015)
Rinaldi, S., Peerenboom, J., Kelly, T.: Identifying, understanding, and analyzing critical infrastructure interdependencies. IEEE Control Systems Magazine pp. 11–25 (2001)
Sellke, S.H., Shroff, N.B., Bagchi, S.: Modeling and automated containment of worms. IEEE Transactions on Dependable and Secure Computing 5(2), 71–86 (2008)
Symantec: What you need to know about the wannacry ransomware (2017). URL https://www.symantec.com/connect/blogs/what-you-need-know-about-wannacry-ransomware,[retrieved:25/09/2017]
Tenable: Nessus vulnerability scanner. URL https://www.tenable.com/products/nessus-vulnerability-scanner,[retrieved:26/09/2017]
TrendMicro: Frequently asked questions: The petya ransomware outbreak (2017). URL https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/frequently-asked-questions-the-petya-ransomware-outbreak,[retrieved:25/09/2017]
US Government: Executive order, 13010. critical infrastructure protection (1996). Federal Register
Yan, G., Eidenbenz, S.: Modeling propagation dynamics of bluetooth worms (extended version). IEEE Transactions on Mobile Computing 8(3), 353–368 (2009)
Yu, S., Gu, G., Barnawi, A., Guo, S., Stojmenovic, I.: Malware propagation in large-scale networks. IEEE Transactions on Knowledge and Data Engineering 27(1) (2015)
Acknowledgements
The research leading to these results has received funding from the European Union Seventh Framework Programme under grant agreement no. 608090, Project HyRiM (Hybrid Risk Management for Utility Networks).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG, part of Springer Nature
About this chapter
Cite this chapter
König, S., Gouglidis, A. (2018). Random Damage in Interconnected Networks. In: Rass, S., Schauer, S. (eds) Game Theory for Security and Risk Management. Static & Dynamic Game Theory: Foundations & Applications. Birkhäuser, Cham. https://doi.org/10.1007/978-3-319-75268-6_8
Download citation
DOI: https://doi.org/10.1007/978-3-319-75268-6_8
Published:
Publisher Name: Birkhäuser, Cham
Print ISBN: 978-3-319-75267-9
Online ISBN: 978-3-319-75268-6
eBook Packages: Mathematics and StatisticsMathematics and Statistics (R0)