Sensor Manipulation Games in Cyber Security

Abstract

This chapter addresses the problem of making decisions based on sensor measurements that may have been manipulated by an adversary. For concreteness, we focus our attention on making binary decisions that, in the context of cyber security, could correspond to denying access to a sensitive resource, flagging a computer as compromised, deauthorizing a user, closing a firewall, etc. The chapter presents a game theoretical treatment of sensor manipulation and considers two types of sensor manipulation: In measurement manipulation games, the attacker is able to manipulate the measurements of M out of N sensors available to the defender, but the latter does not know which sensors have been manipulated. In sensor reveal games, the attacker exposes to the defender the measurement of a single sensor out of N sensor possibilities, with the caveat that revealing data from non-informative sensors may be costly and interpreted by the defender as strong indication that an attack is afoot. These games cover different aspects of sensor manipulation: Measurement manipulation games