# Proactive Population-Risk Based Defense Against Denial of Cyber-Physical   Service Attacks

**Authors:** Jeffrey Pawlick, Quanyan Zhu

arXiv: 1705.00682 · 2017-10-17

## TL;DR

This paper introduces a game-theoretic model to quantify and mitigate the risk of physical denial-of-service attacks in IoT-enabled cyber-physical systems, demonstrating that active defense strategies are highly effective.

## Contribution

It develops a Poisson signaling game model to analyze botnet recruitment and evaluates legal and economic mechanisms for proactive defense in IoT cyber-physical systems.

## Key findings

- Legislating minimum security levels has limited impact.
- Active defense incentives can arbitrarily reduce botnet activity.
- Defenders can effectively bound botnet activity.

## Abstract

While the Internet of things (IoT) promises to improve areas such as energy efficiency, health care, and transportation, it is highly vulnerable to cyberattacks. In particular, DDoS attacks work by overflowing the bandwidth of a server. But many IoT devices form part of cyber-physical systems (CPS). Therefore, they can be used to launch a "physical" denial-of-service attack (PDoS) in which IoT devices overflow the "physical bandwidth" of a CPS. In this paper, we quantify the population-based risk to a group of IoT devices targeted by malware for a PDoS attack. To model the recruitment of bots, we extend a traditional game-theoretic concept and create a "Poisson signaling game." Then we analyze two different mechanisms (legal and economic) to deter botnet recruitment. We find that 1) defenders can bound botnet activity and 2) legislating a minimum level of security has only a limited effect, while incentivizing active defense can decrease botnet activity arbitrarily. This work provides a quantitative foundation for designing proactive defense against PDoS attacks.

---
Source: https://tomesphere.com/paper/1705.00682