# A Dynamic Games Approach to Proactive Defense Strategies against   Advanced Persistent Threats in Cyber-Physical Systems

**Authors:** Linan Huang, Quanyan Zhu

arXiv: 1906.09687 · 2019-11-11

## TL;DR

This paper models long-term interactions between attackers and defenders in cyber-physical systems using a dynamic game framework, aiming to develop proactive defense strategies against stealthy threats like APTs.

## Contribution

It introduces a multi-stage game of incomplete information and an iterative algorithm to compute equilibrium strategies for proactive defense in cyber-physical security.

## Key findings

- The equilibrium strategies predict attacker and defender behaviors effectively.
- The approach enhances understanding of proactive defense mechanisms.
- Numerical results validate the analytical model.

## Abstract

Advanced Persistent Threats (APTs) have recently emerged as a significant security challenge for a cyber-physical system due to their stealthy, dynamic and adaptive nature. Proactive dynamic defenses provide a strategic and holistic security mechanism to increase the costs of attacks and mitigate the risks. This work proposes a dynamic game framework to model a long-term interaction between a stealthy attacker and a proactive defender. The stealthy and deceptive behaviors are captured by the multi-stage game of incomplete information, where each player has his own private information unknown to the other. Both players act strategically according to their beliefs which are formed by the multi-stage observation and learning. The perfect Bayesian Nash equilibrium provides a useful prediction of both players' policies because no players benefit from unilateral deviations from the equilibrium. We propose an iterative algorithm to compute the perfect Bayesian Nash equilibrium and use the Tennessee Eastman process as a benchmark case study. Our numerical experiment corroborates the analytical results and provides further insights into the design of proactive defense-in-depth strategies.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1906.09687/full.md

## Figures

17 figures with captions in the complete paper: https://tomesphere.com/paper/1906.09687/full.md

## References

44 references — full list in the complete paper: https://tomesphere.com/paper/1906.09687/full.md

---
Source: https://tomesphere.com/paper/1906.09687