Defending Against Stealthy Attacks on Multiple Nodes with Limited Resources: A Game-Theoretic Analysis

TL;DR

This paper models the strategic interaction between attackers and defenders in a multi-node system under resource constraints using game theory, analyzing equilibrium strategies and proposing algorithms for robust defense.

Contribution

It introduces a novel game-theoretic framework for multi-node cyber defense considering resource limitations and asymmetric information, extending prior single-node models.

Findings

Characterizes best response strategies for attacker and defender.

Identifies Nash Equilibria in the proposed game.

Develops an algorithm for near-optimal defender strategies.

Abstract

Stealthy attacks are a major cyber-security threat. In practice, both attackers and defenders have resource constraints that could limit their capabilities. Hence, to develop robust defense strategies, a promising approach is to utilize game theory to understand the fundamental trade-offs involved. Previous works in this direction, however, mainly focus on the single-node case without considering strict resource constraints. In this paper, a game-theoretic model for protecting a system of multiple nodes against stealthy attacks is proposed. We consider the practical setting where the frequencies of both attack and defense are constrained by limited resources, and an asymmetric feedback structure where the attacker can fully observe the states of nodes while largely hiding its actions from the defender. We characterize the best response strategies for both attacker and defender in the space of both non-adaptive and adaptive strategies, and study the Nash Equilibria of the game. We further study a sequential game where the defender first announces its strategy and the attacker then responds accordingly, and design an algorithm that finds a nearly optimal strategy for the defender to commit to.