ebook img

Towards an Iterated Game Model with Multiple Adversaries in Smart-World Systems PDF

28 Pages·2017·1.11 MB·English
by  
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Towards an Iterated Game Model with Multiple Adversaries in Smart-World Systems

sensors Article Towards an Iterated Game Model with Multiple † Adversaries in Smart-World Systems XiaofeiHe1,‡ ID,XinyuYang1,*,WeiYu2,*,‡,JieLin1,‡ andQingyuYang3,‡ 1 DepartmentofComputerScienceandTechnology,Xi’anJiaotongUniversity,Xi’an710049,China; [email protected](X.H.);[email protected](J.L.) 2 DepartmentofComputerandInformationSciences,TowsonUniversity,Towson,MD21252,USA 3 SKLMSELab,SchoolofElectronicandInformationEngineering,Xi’anJiaotongUniversity, Xi’an710049,China;[email protected] * Correspondence:[email protected](X.Y.);[email protected](W.Y.); Tel.:+86-186-2905-3812(X.Y.);+1-410-704-5528(W.Y.) † ThispaperisanextendedversionofourpaperpublishedinAGame-TheoreticModelonCoalitional AttacksinSmartGrid.InProceedingsofthe2016IEEETrustcom/BigDataSE/ISPA,Tianjin,China, 23–26August2016. ‡ Theseauthorscontributedequallytothiswork. Received:29December2017;Accepted:15February2018;Published:24February2018 Abstract: Diverseandvariedcyber-attackschallengetheoperationofthesmart-worldsystemthatis supportedbyInternet-of-Things(IoT)(smartcities,smartgrid,smarttransportation,etc.) andmust becarefullyandthoughtfullyaddressedbeforewidespreadadoptionofthesmart-worldsystemcan befullyrealized. Althoughanumberofresearcheffortshavebeendevotedtodefendingagainst thesethreats,amajorityofexistingschemesfocusonthedevelopmentofaspecificdefensivestrategy todealwithspecific,oftensingularthreats. Inthispaper,weaddresstheissueofcoalitionalattacks, whichcanbelaunchedbymultipleadversariescooperativelyagainstthesmart-worldsystemsuchas smartcities. Particularly,weproposeagame-theorybasedmodeltocapturetheinteractionamong multiple adversaries, and quantify the capacity of the defender based on the extended Iterated Public Goods Game (IPGG) model. In the formalized game model, in each round of the attack, aparticipantcaneithercooperatebyparticipatinginthecoalitionalattack, ordefectbystanding aside. Inourwork,weconsiderthegenericdefensivestrategythathasaprobabilitytodetectthe coalitionalattack. Whenthecoalitionalattackisdetected,allparticipatingadversariesarepenalized. The expected payoff of each participant is derived through the equalizer strategy that provides participantswithcompetitivebenefits. Themultipleadversarieswiththecollusivestrategyarealso considered. Viaacombinationoftheoreticalanalysisandexperimentation,ourresultsshowthatno matterwhichstrategiestheadversarieschoose(randomstrategy,win-stay-lose-shiftstrategy,oreven theadaptiveequalizerstrategy),ourformalizedgamemodeliscapableofenablingthedefenderto greatlyreducethemaximumvalueoftheexpectedaveragepayofftotheadversariesviaprovisioning sufficient defensive resources, which is reflected by setting a proper penalty factor against the adversaries. Inaddition,weextendourgamemodelandanalyzetheextortionstrategy,whichcan enableoneparticipanttoobtainmorepayoffbyextortinghis/heropponents. Theevaluationresults showthatthedefendercancombatthisstrategybyencouragingcompetitionamongtheadversaries, andsignificantlysuppressthetotalpayoffoftheadversariesviasettingtheproperpenaltyfactor. Keywords: InternetofThings(IoT);security;gametheory;zero-determinantstrategy;iteratedpublic goodsgame(IPGG) Sensors2018,18,674;doi:10.3390/s18020674 www.mdpi.com/journal/sensors Sensors2018,18,674 2of28 1. Introduction Therapiddevelopmentofthesmart-worldsystemssupportedbyInternet-of-Things(IoT)suchas smartcities,smartgrid,smarttransportation,etc. hasgivenrisetovarioussecurityissues,whichhave becomeoneofthemajorbarrierstowidespreadadoption[1–8]. Smart-worldsystemscovernumerous smart-worldresearchareasthatourdailylifedependson,includingsmartcities,smartgridsystems, smart transportation systems, smart medical systems, smart manufacturing systems, etc. In these smart-worldsystems,thegeographicallydistributedsensors,actuators,andcontrollersareclosely incorporatedthroughcommunicationnetworksandcomputationalinfrastructures,enablingsecured, efficient,andremoteoperationsofphysicalsystems. Withtherapiddevelopmentofsmart-worldsystems,massivenumbersofmonitoringsensors andactuators(alsocalledIoTdevices)aredeployedtoenablemonitoringandcontrollingacrossa varietyofdomains. ThenumberofIoTdeviceshasgrownto8.4billionintheyearof2017,andwill continuetogrowmassivelyinthenearfuture[9].Nonetheless,cyber-threatsposeseriousthreatstoIoT devicesandthesmart-worldsystemsthattheyoperateupon. Smartdeviceshavebeendemonstrated to be vulnerable, as evidenced by a recent attack on 21 October 2016, which led to many popular sitesbecomingunreachable[10]. Behindthisattackwasanetworkofunknowinglycompromised, mass-produced smart devices (webcams and other similar products). In addition, an extended functionality attack was investigated [11], which can compromise the smart lights and exfiltrate datafromahighlysecureofficebuildingbyacovertcommunicationsystemoreventriggerepileptic seizureswithstrobedlight. As a typical smart-world system, the smart cities that integrate energy, transportation and othersmart-worldcomponents,potentialadversariesmaylaunchmaliciousattacksviacontrolling smart meter and sensor devices, and may manipulate critical information, including energy consumption/supply, the state of power transmission and distribution links, electricity prices, transportationroutes,andsoon[3,12–16]. Assmartmetersinthepowergridsubsystem,whichis anessentialcomponentinthesmartcities,areoftendeployedintheopenenvironment,thepowergrid maysuffergreaterrisksthanthetraditionalpowergrid. Unlikethecyber-attacksoncommunication networksalone, thepotentialattacksinthepowergridcanleadtoseriouseconomicandphysical damages[7,13–15,17]. Inaddition,forasmarthealthcaresystem,whichisalsoanessentialcomponentinsmartcities, thedataintegrityinvolvesauthentication,accesscontrolandsecurecommunication[18]. Threatsto thehealthcaresystemcandamagethetrackingofpatients’identificationandauthenticationofpeople, patientmobility,andautomaticsensingandcollectionofdata,whichconstitutesreal-timeinformation onpatients’healthindicatorsasabasisformedicaldiagnosis. Forthesmarthome,theappliances integratedwithIoTarevulnerabletocyberattacksandtheadversarycaninstallmaliciousfirmware onthecompromisedIoTdevices. Forexample,Hernandezetal. [19]showedthatacompromised thermostatcouldactasabeachheadtoattackothernodeswithinalocalnetworkandanyinformation storedwithinthenodeisavailabletotheadversaryaftermalicioussoftwareisinstalledintothenode. Therehavebeenanumberofresearcheffortsdevotedtostudyingtheimpactsofcyber-attacksin smart-worldsystems[4–7,11–15,17–25]. Nonetheless,mostoftheexistingeffortsfocusonstrategiesof attackordefenseinasingularorspecificallyuniquesecurityissue,ofteninwhichonlyoneadversary launchesanattackatatime. Inaddition,multipleadversariescouldexistinthesmart-worldsystem, cooperativelylaunchingcoalitionalattackstodisrupttheoperationofthesmart-worldsystemmore effectively. For each participant in a coalitional attack, he/she can choose either cooperation or defectionineveryround. Thus,aniteratedgamemodelcanbeusedtoinvestigatetheinteractions amongadversaries. Noticethat,inthegamemodelthatweinvestigateinthispaper,alladversaries arereferredtoasactiveparticipants,whilethedefenderenforcesapenalty(determinedbypenalty factor)toaffectthepayoffsofadversaries. Because the strategies of one participant can affect the others, different strategies adopted by the participants result in different outcomes. Thus, the interaction between the outcomes and the Sensors2018,18,674 3of28 strategiesusedbyadversariesiscriticalinthegamemodel. Furthermore,mostexistingresearchefforts onthedefensivestrategiesagainstthreatsalsofocusheavilyonthespecificsecurityissuesratherthan evaluatingthecostfordeployingthedefensivemechanism. Toachievebetterdetection,thedefender oftenneedstodeployexpensivecountermeasurestodealwiththethreatslaunchedbyadversaries. Thus,howtoquantifytheinteractionbetweenthecostandeffectivenessofdefensivemechanismsis acriticalproblemthatneedstoberesolved. Toaddresstheseissues,ourpapermakesseveralcontributionsasfollows. • Game Theory-Based Model. We propose a game theory-based model to investigate the interaction among multiple adversaries who launch coalitional attacks against the system. WeestablishanextendedIteratedPublicGoodsGame(IPGG)modeltoanalyzetheinteractions amongadversariesandeachadversaryissubjectedbyapenaltyfactorenforcedbythedefender viathedefensivecapability. Ineachround,eachadversarymustchooseeithertocooperateby participatinginthecoalitionalattack,ortodefectbystandingaside. Theparticipatingadversaries contributetheirownendowmentandthegainobtainedthroughtheattackisdistributedtoall adversaries. Onlyparticipatingadversarieswillsufferthepenaltyfromthedefenderwhenthe coalitional attack is detected. Our proposed game model reveals the expected payoff of the participants through the equalizer strategy. The equalizer strategy can help a participant to choose cooperation or defection according to the last round outcomes, in order to control the payoff of his/her opponents to be a fixed value. In this paper, we present two typical cases: Foranaltruisticparticipant,he/shewillsetthepayoffofhis/heropponentstothemaximum value. For an adaptive participant, he/she will set the payoff of his/her opponents to be the sameashis/herowndynamically,meaningallparticipantsobtainthesamepayoff. Inaddition, wefurtherstudythegamemodelwithmultipleparticipantsandacollusivestrategy,whichhas thesameobjectiveastheequalizerstrategy,butthestrategyadoptedbyparticipantsistotally different. Thecollusivestrategyrequiresmorethanoneparticipanttocolludewitheachotherto controlthepayoffoftheiropponentstobeafixedvalue,makingitmoredifficulttobedetected. With our proposed game model, we can quantify the capacity of the defender to reduce the expectedpayoffofadversaries. • Theoretical Analysis and Evaluation. Via a combination of comprehensive analysis and performance evaluation on our developed game model, we show the maximum payoff of adversariesindifferentcases.Forexample,withtheincreaseoftherateofattackgain,theexpected averagepayoffcanreachthemaximumvalue. Withtheaidofthepenaltyfactorintroducedby defensivemechanisms,themaximumvalueoftheexpectedaveragepayoffcanbereducedto theminimumvalue. Thismeansthattheparticipatingadversariescanobtainlittlegainfromthe coalitionalattack,whichreducesincentivetoparticipateintheattack. Meanwhile,ourproposed game model can help the defender set a proper defense level based on the affordable cost to reducetheattackconsequenceraisedbytheattack,improvingtheeffectivenessofthedefense. • ExtortionStrategy. Weextendourdevelopedgamemodeltoconsidertheextortionstrategyas well. Inthisstrategy,aselfishparticipantcanextorthis/heropponents,seekingtoalwaysobtain agreaterpayoffthanhis/heropponents,evenifthetotalpayoffdecreases. Viathecombined theoretical analysis and evaluation results, we find that the penalty of the defender can lead to more severe competition among the participants in the game. Therefore, it is difficult for adversariestoachieveglobaloptimaloutcomes,limitingtheimpactscausedbyadversaries. Notice that this paper is an extension of our prior work [26]. Based on the much shorter conferenceversion,thissubmittedjournalversionconsistsofaboutsubstantialnewlyaddedmaterials in comparison with the shorter conference version. The important new materials include a new gamemodelthatconsiderscollusiveadversaries,anewgamemodelconsideringanadversarywith anextortionstrategy,theproofforNashequilibrium,asetofnewperformanceevaluationresultswith adaptiveequalizerstrategy,additionaldiscussion,newliteraturereview,andothers. Sensors2018,18,674 4of28 The remainder of this paper is organized as follows: in Section 2, we give a literature review aboutthesmart-worldsystemsandgametheory;inSection3,weintroducetheiteratedgamemodel andthreatmodel;inSection4,wepresentourproposedgameformalizationindetail;inSection5, weconductthetheoreticalanalysisoftheformalizedgamewithrespecttotheinteractionbetweenthe expectedpayoffofadversaries,andthepenaltyfactorenforcedbythedefender;inSection6,weshow theexperimentalresultstovalidatetheeffectivenessofourproposedscheme;weenhancetheproposed game model to include adversaries with the extortion strategy in Section 7; we discuss possible extensionsofourdevelopedgamemodelinSection8;finally,weconcludethepaperinSection9. 2. RelatedWork Wenowreviewtheexistingresearcheffortsrelevanttoourstudy. Inthesmart-worldsystems (e.g.,smartcities,smartgrid,smarttransportation),anumberofeffortshavebeendevotedtostudying theimpactsofcyberattacksaswellasthedevelopmentofdefensiveschemes[5–7,11,13,17–25,27–32]. For example, Ericsson et al. [33] presented some important issues on the cyber security and informationsecurityintheenergy-basedcyber-physicalsystems. Moetal. [34]establishedascienceof cyber-physicalsystemsecuritybyintegratingsystemtheoryandcybersecurity.Particularly,therehave beenanumberofresearcheffortsdevotedtodataintegrityattacksagainstkeyfunctionalmodulesin theenergy-basedcyber-physicalsystems,aswellasdefensethereof[7,14,15,32,35,36]. Forexample, Yangetal. [13]developedanoptimalattackstrategyagainstthestateestimationprocessthatenables a minimum set of compromised sensors to launch a successful attack. Yang et al. [35] developed mechanismsforoptimalPMU(PhasorMeasurementUnit)placementtodefendagainstdataintegrity attacks. Li[37]proposedalightweightkeyestablishmentprotocolforsmarthomeenergymanagement systemsandpresentedtheimplementationdetailsofthedesignedprotocol. Game theory has been widely studied in a broad range of areas as well. For example, someresearcheffortsfocusonapplyinggametheorytonetworksecurityandsecurityinavarietyof systems [38–50]. For example, Xiao et al. [41] investigated an indirect reciprocity security game for mobile wireless networks. Zhang et al. [44] applied the game theory to carry out a path selectionalgorithmtoprotecttheanonymityofprivacy-preservingcommunicationnetworkssuchas Tor. Yuetal. [43]appliedthegametheorymodeltoinvestigatetheinteractionsbetweentheintelligent adversariesthatinstigatewormpropagationovertheInternetanddefenderswithasetofstrategies. Hilbe et al. [51] showed the evolution of direct reciprocity in a group of multiple players and the instructiveness of the zero-determinant strategies. Zhang et al. [52] presented an iterated game model for resource sharing among a variety of participants. In this model, an administrator of cooperation(AoC)isresponsibleformaintainingthesocialwelfare,whiletheregularparticipants ofcooperation(PoCs)areselfishparticipants. Guo[53]investigatedzero-determinantstrategiesfor multi-strategygames. For cyber-physical and smart-world systems such as energy-based cyber-physical systems, game theory has strong potential to provide solutions for pertinent problems [18,48,54–56]. For example, Saad et al. [55] presented an overview of applying game theory in three emerging areas, including microgrid systems, demand-side management, and smart grid communications. Furthermore, a growing number of research efforts have adopted game theory-based models to addresssecurityissues. Forexample,Zhuetal. [54]proposedaniteratedzero-sumgametomodel security policies at the cyber-level with corresponding optimal control response at the physical layer. Maetal. [57] developed a zero-sum game with a mixed strategies model to formulate the survivabilityforcyber-physicalsystems,inwhichtheadversaryanddefenderplayoverresources beingdisruptedandmaintained/restored,respectively. Sieveletal. [58]formulatedtheplacementand utilizationofunifiedpowerflowcontrollers(UPFCs)inapowertransmissionsystemasaniterative game. Inresponsetotrippingtransmissionlinesfromtheadversary,thedefendercouldoptimizethe installationlocationsoftheUPFCstomaximizetheamountofpowerdeliveredwhenthesystemis underattack. Lawetal. [58]proposedagame-theoryformulationoftheriskdynamicsoffalsedata Sensors2018,18,674 5of28 injectionattackstargetingautomaticgenerationcontrol,whichadoptsazero-sumMarkovsecurity gamemodel. Inthismodel,riskstatesaredefinedasfunctionsoftheprobabilityofattackandthe potential impact corresponding to the attack. Esmalifalak et al. [48] presented a zero-sum game betweentheadversaryandthedefendertomodelthescenarioinwhichthepriceofelectricitycanbe manipulatedbytheadversaryintheelectricitymarket. Abieetal. [18]describedarisk-basedadaptive securityframeworkforIoTsineHealththatcouldbeusedtoestimateandpredictriskdamageand futurebenefitsusinggametheoryandcontext-awarenesstechnology. Distinct from existing research efforts, which have not taken into account cooperation and competitionamongthemultipleadversaries,inthiswork,wefocusonthepayoffsthattheadversaries canobtainintheircoalitionalattacksandpresenttheroleofthedefender. Viatheoreticalanalysis, ourproposedgametheorymodelcanquantifythepayoffsofadversarieswithdifferentstrategiesunder differentpenaltyfactors,whichcanbeimposedbythedefender.Thus,ourpaperestablishesaniterated gametheory-basedgamethatdemonstratesthecooperationandcompetitionrelationshipsamong adversaries,andprovidesaguideforselectingtheappropriatedefensivestrengthofthedefender. 3. Model Inthissection,wefirstintroducetheiteratedgamemodel,andthenpresentthethreatmodel. 3.1. IteratedGameModel Theiteratedgamemodelhasbeenwidelyusedinthegame-theorystudyandhasbeenapplied indifferentfields[59]. Particularly,inaniteratedgame,theselfishbehaviorofparticipantscanlead toalossforboththeiropponentsandthemselves. Thereareanumberofresearcheffortsfocusedon theiteratedgame[25,38,60–65]. Theiteratedgameproblemhasbeenconsideredtohavenounilateral ultimatesolutionastheresultsofthegamearejointlydeterminedbyallparticipants. Forinstance, Pressetal.[60]proposedthezero-determinantstrategy,showingthat,inaniteratedgame,aparticipant canunilaterallydeterminetheexpectedpayoffofhis/heropponentsbythepinningstrategy,orobtain a higher payoff than his/her opponents by the extortion strategy. Furthermore, Pan et al. [63] investigatedamulti-playeriteratedgamestrategy,whichextendsthezero-determinantstrategyto solvetheIPGGproblem[66]. InaconventionalIPGGmodel,allparticipantshavetheirownendowmentatthebeginningof eachroundofthegameplayed. Then,eachparticipantmustchooseeithertocooperatebycontributing his endowment or to defect by standing aside. At the end of each round, the endowment will be multipliedbyarateofgaintoobtaintherewardorpayoff,whichwillbeequallydistributedtoall participants. Generally speaking, the strategies of participants often depend on the last move of his/her opponents, which can be represented as the condition probability. The main issue is how participantscooperatewitheachother,andavoidtheobviousNashequilibriumatzero[67]. 3.2. ThreatModel Inthesmart-worldsystemsuchassmartcitiesthatintegrateenergy,transportationandother critical infrastructures in cities, the adversaries can obtain the economic benefits or achieve their maliciousobjectivebylaunchingvariouscyber-attacks. Forexample,dataintegrityattacks[7,13,20] could be used to disrupt the key functional modules in the power grid operation, including the integrationofdistributedenergyresources,stateestimation,energypricing,andothers. Dataintegrity attacks [4] can be launched to disrupt the efficiency of the smart transportation. Furthermore, data integrity attacks can also be launched in the smart home automation system, so that the adversarycanmakeunauthorizedaccesstosystemorevenperformsystemmanipulationanddata leakage[68]. Generallyspeaking,adversariesneedtousetheirresourcestolaunchattackstoinfluence theeffectivenessofthesmartIoTsystemandobtainsomegainfromtheattackslaunched. Forexample, Farrajetal. [25]presentedananalysisofacyber-attackinwhichanadversarycanusethestorage resourcestoaffecttherotationspeedofsynchronousgeneratorsinthepowergrid. Ronenetal. [11] Sensors2018,18,674 6of28 alsopresentedfourtypesofattackingbehaviorandsomeofthemcanbringbenefitstoadversaries fromtheattacks,suchasforminganumberofcompromisedIoTdevicesintoabotnetinordertosend spamortominebitcoins. Thegame-theorymodelthatconsidersmultipleadversariesandadefenderinthesmart-world systemcanbeformalizedasanextendedIPGGmodel. Whentheadversariesattempttolaunchattacks, participantswhochoosetocooperatewillcontributetheirownresources,andtakeariskbeingdetected bythedefender, inordertoobtainthegainfromincreasingtheattackdamagetothesmart-world system. Furthermore, when the launched attacks are detected by the defender, the participating adversarieswillsufferapenalty. Theparticipantswhochoosetodefectcansharetheattackgainfrom theimpairedsmart-worldsystem,butwillnottakeanycostorsufferanyrisk. Theobjectiveoftheadversariesistomaximizetheirpayoffintheiteratedgame,whichissimilar totheIPGGmodel. Thepenaltyfactorreflectstheintensityofthedefender,meaningthatalarger penaltyfactorcorrespondstoastrongdefensivemechanismanditsdeployment,whichcommonly incurs a higher cost. Notice that, in this paper, we consider a generic defensive strategy that can captureasetofdefensiveschemestodetectthecoalitionattacktosomeextent,determinedbythe probabilityofdetectionintroducedinthegamemodel. Inaddition,anotherobjectiveofthisstudyisto investigatetherelationshipbetweentheeffectivenesstomitigateattacksandthecostassociatedwith thedefense. 4. OurApproach In this section, we introduce our proposed game-theory model to investigate the interaction among multiple adversaries, and quantify the capacity of the defender. In the following, we first introducethebasicidea,thenshowthetwokeycomponentsindetail,andfinallydiscussthescenario withmultiplecollusiveparticipants. 4.1. BasicIdea In the paper, we propose a game-theory model to deal with the coalitional attack that can be launchedbymultipleadversariescooperativelyinthesmart-worldsystem. Basedontheextended IPGGmodel,wedesignagame-theorymodelthatconsistsofmultipleadversariesandonedefender. Inourmodel,weintroduceapenaltyfactorthatreferstothepenaltytoadversarieswhenthelaunched attacksaredetectedbythedefender. Again,itisworthnotingthatweconsideragenericdefensive strategy, which captures a set of defensive schemes to detect the coalition attack to some extent, determinedbyaprobabilityofdetectionintroducedinthegamemodel. Thus,thepenaltyfactorcan generallyreflectthecapacityofthedefender. At the beginning of each round in the game played, some adversaries will contribute their endowmenttolaunchacoalitionalattackwhiletheothersdonotjointhecoalitionalattack. Ifthe coalitional attack is successful, the obtained attack gain will be distributed to all adversaries who participate in the coalitional attack. In a similar way, only the involved adversaries will suffer the penalty when the coalitional attack is detected. We assume that the probability of the attack being detected will increase when the number of participating adversaries increases, which is areasonableassumption. Inaddition,weadoptthezero-determinantstrategytoderivetheexpectedpayoffofparticipants andunderstandtherelationshipbetweentheexpectedpayoffandthepenaltyfactorenforcedbythe defender. Bydoingthis,thedefendercanreducethemaximumexpectedpayoffofadversariessothat thecoalitionalattackcanbedefeatedwhenanadequatepenaltyfactorisselected. Our proposed game-theory model consists of the following two key components. First, theextendedIPGGmodelisestablishedtomodelthepayoffoftheadversariesintheiteratedgame, in which the defender can affect their payoff via the penalty factor. When the coalitional attack is detected, the participating adversaries will pay for the penalty. Second, the expected payoff of participantsisderivedbytheequalizerstrategy. Withtheequalizerstrategythatbelongstoonekind Sensors2018,18,674 7of28 ofthezero-determinantstrategy,aparticipantcancontroltheexpectedpayoffofhis/heropponents. Finally,wepresentthecasewherethemultiplecolludingparticipantsareinvolvedinthegame.Thekey notationsusedinthispaperareshowninTable1. Table1.Notation. X ParticipantX pX StrategyofparticipantX pX ProbabilityforparticipantXtocooperateundertheithoutcomeinthelastround i N Numberofalltheparticipantsintheiteratedgame uX PayoffvectorobtainedbyparticipantX r Rateofgainfromthecoalitionalattack Probabilityforparticipant1tocooperateinthecurrentroundifhe/shechoosescooperation p1 C,n (C)andhis/hernopponentschoosecooperationinthelastround Probabilityforparticipant1tocooperateinthecurrentroundifhe/shechoosesdefection(D) p1 D,n andhis/hernopponentschoosecooperationinthelastround ps Probabilitythatasingleadversaryattemptstolaunchanattackwithoutbeingdetected α ,α Coefficientsforlinearcombinationinzero-determinantstrategy 0 X β Penaltyfactorwhentheattackisdetected γ Parameterthatcontrolsthetotalpayofffortheopponents µ,ξ Coefficientssatisfyingthelinearrelationshipintheequalizerstrategy EX ExpectedpayoffobtainedbytheopponentsofparticipantX L Numberofthecolludingparticipantsinthecollusivestrategy χ Extortionatefactorintheextortionstrategy Φ Freeparameterintheextortionstrategy 4.2. AnExtendedIPGGModel Inthispaper,weconsideranextendedIPGGmodelforNparticipants,inwhicheachparticipant obtains an initial endowment c = 1 at the beginning of each round [69,70]. Each participant has twochoices: (i)Cooperation(C);or(ii)Defection(D).Here,Cooperationreferstothechoicethatthe participantchoosestocooperateandcontributehis/herownendowmentintothecoalitionalattack, whileDefectionreferstothechoicethattheparticipantwillkeephis/herownendowment,anddoes notparticipateinthecoalitionalattack. Attheendofeachroundinthegameplayed,ifthecoalitional attackissuccessful,theendowmentwillbemultipliedbyarateofattackgainrandtheobtainedgain willbedistributedtoallNparticipants.Ifthecoalitionalattackisdetected,theparticipatingadversaries willsufferapenalty,whichisrepresentedasthepenaltyfactorβenforcedbythedefender. Wedenote thesuccessfulprobabilitythatasingleadversarylaunchesanattackas p ,andtheprobabilitythatthe s coalitionalattackisdetectedas1−pn,wherenisthenumberofparticipatingadversarieswhochoose s tocooperateintheattack. For an arbitrary participant, he/she will first obtain the positive gain, which represents the gain from launching the attack, similar to the conventional IPGG model. This positive gain is the benefitfromtheattackbehavior, includingtheillegallygainedfinancialincome, physicaldamage ofthetargeteddevices,etc. Nonetheless,iftheattackisdetectedbythedefender,theparticipating adversarieswillbepenalized,withthedetectedprobabilitybeing1−pn.Thus,inthispaper,weextend s theabovegamemodelbyaddingthenegativepayoff,whichrepresentsthepotentialpenaltyincurred whentheattackisdetectedbythedefender. Thisnegativepayoffcanincludeafine,thelimitationof furtherparticipationorotherbehavior,etc. Sensors2018,18,674 8of28 Then,wehaveuX = r(n+hX) +(1−hX),uX = −β(1−pn+1)·hX,whereuX isthepositive pos N neg s pos payoff,uX isthenegativepayoff,nisthenumberofcooperatorsamongthetotalN−1opponentsof neg participantXinthecurrentroundofthegameplayed. IfaparticipantXchoosestocooperate,wehave hX = 1. Otherwise,wehavehX = 0. Inaddition,ristherateofattackgain, βisthepenaltyfactor whenthecoalitionalattackisdetected, and p ∈ [0,1] referstotheprobabilitythataparticipating s adversarylaunchesthesuccessfulattackwithoutbeingdetected. Then,thetotalpayoffofparticipantXcanberepresentedas uX = uX +uX pos neg r(n+hX) (1) = +(1−hX)−β(1−pn+1)×hX. N s Thus, theconventionalIPGGmodelisaspecialcaseinEquation(1)when β = 0. Noticethat theobjectiveoftheadversaryXistomaximizehis/herpayoffuX viausingvariousavailableattack strategies. Next,wepresentthepayoffoftheequalizerstrategiesindetail. 4.3. ExpectedPayoffofEqualizerStrategy Thezero-determinantstrategywasproposedbyPressandDyson[60]. Inthisstrategy,wecan makeaparticipantunilaterallysetthepayoffofhis/heropponenttoafixedvalueintheprisoner’s dilemma.Toachievethecompetitivebenefit,theparticipantsmayintendtoadoptthezero-determinant strategies. Pan et al. [63] extended it to the multi-player IPGG problem and demonstrated that, inaninfiniterepeatedgame,thelong-memoryplayerhasnoadvantagesovershort-memoryplayers (i.e., the length of memory does not affect the results). Thus, we can assume that the choices of participantsinthecurrentroundonlydependontheoutcomesinthelastround. Becausethereare2N possibleoutcomesineachround,thestrategyofparticipantXcanbedenotedbya2N-dimensionvector, (cid:104) (cid:105) pX = pX,··· ,pX,··· ,pX , (2) 1 i 2N whereiisthesequencenumberofallpossibleoutcomes,and pX istheconditionalprobabilitythat i participantXchoosestocooperateundertheithoutcomeinthelastround. In the multi-player repeated game process, a participant does not need to know the accurate choicesofhis/heropponentsineachround. Thismeansthatitissufficientforaparticipanttoknow howmanyofhis/heropponentschoosetocooperate,whichisdenotedasn. Iftheparticipant’slast moveisC(cooperation)orD(defection),theprobabilitythattheparticipantchoosestocooperatein thecurrentroundis p or p ,respectively. AsshowninFigure1,theprobability p and p are C,n D,n C,n D,n thekeyparametersintheiteratedgame. Tosimplifytheproblem,weignorethespecificchoicesof theopponentsineachroundandjustfocusonthenumberofcooperatorsamongtheopponentsof participant X. Bydoingso,weonlyneedtoanalyze2N outcomes,insteadof2N outcomes. Inthe iteratedgameprocess,theprobabilitiesreflectthelikelihoodthatparticipantXandhis/heropponents willchooseCooperationbasedonthelastmoveoutcome. Obviously,theprobabilitythatparticipant X and his/her opponents will choose Defection are 1− p or 1− p , depending on their last C,n D,n moveoutcome. Asdescribedin[63],along-memoryplayercanbeconsideredasamemory-oneplayer. Then, the game can be characterized by a Markov Chain with a state transition matrix M. Denoting the stationary vector of M as vT, we have vT ·M = vT. For this Markov model, Pan et al. [63] have demonstratedthat,forparticipant1,thereexistsaspecialcolumninthedeterminantvT·u1,which canbedeterminedbyonlytheparticipant’sstrategyp1(Noticethat,astheparticipantsaresymmetric, Sensors2018,18,674 9of28 we use participant 1 as an example for the analysis). We denote this special column as p˜1. If the participantscanproperlysetp1,wehave N p˜1 = ∑ α uX+α 1, (3) X 0 X=1 whereuX = [uX,··· ,uX,··· ,uX ]isthepayoffvector,anduX isthepayoffofparticipant X inthe 1 i 2N i ithoutcome. Number of cooperators among the opponents !)#&'( !)#% !)#$ !"#&'( N-1 n 0 !"#% N-1 n 0 Choice of C C C !"#$ C C C Participant X N-1 n 0 N-1 n 0 D D D D D D Last move outcome This move Figure1.Theiteratedprocessinginthegamemodel. Then,theexpectedpayoffofallparticipantssatisfiesthelinearrelationship,andwehave N ∑ α EX+α =0. (4) X 0 X=1 Here,EX denotestheexpectedpayoffforparticipantXandα ,α ,··· ,α arethecoefficientsfor 0 1 X linearcombination.Then,participant1’sstrategyp1,whichleadstothelinearrelationshipEquation(4), isdenotedastheequalizerstrategyofmultipleparticipants. Tosimplifytheproblem,weassumethataparticipantwiththeequalizerstrategywillattemptto controltheaveragepayoffofhis/heropponents,whichreferstotheequalizerstrategy.Forparticipant1, he/shecanchoosetheproperstrategyp1suchthat N p˜1 = µ ∑ uX+ξ1. (5) X=2 Here,theparticipantonlyneedstosetα1 =0andαX(cid:54)=1 = µ. Noticethatp˜1isthespecialcolumn, whichcanonlybedeterminedbyparticipant1’sstrategyp1. Withtheabovestrategyp˜1andEquation(4),thelinearrelationshipbetweentheexpectedpayoff ofalltheopponentscanbeestablishedbytheparticipant1asfollows: N µ ∑ EX+ξ =0. (6) X=2 Without loss of generality, we omit the sequence number of the participant 1 to simplify the expression. Equation(5)isequivalenttoaseriesof2N linearequations. Then,wehave µ (cid:104) (cid:105) µ p =1+ rN−r−N−β(1−pn+1) n+ [(r+N)(N−1)]+ξ, (7) C,n N s N µ (cid:104) (cid:105) µ p = rN−r−N−β(1−pn+1) n+ [N(N−1)]+ξ, (8) D,n N s N wheren =0,1,...,N−1. Sensors2018,18,674 10of28 The above 2N probabilities pC,n and pD,n can be represented by pC,N−1 and pD,0, which are reflectedtobetheprobabilitiesformutualcooperationandmutualdefection,respectively.Accordingto Equations(7)and(8),wehave µ (cid:104) (cid:105) pC,N−1 =1+ N rN−β(1−psN) (N−1)+ξ, (9) p = µ(N−1)+ξ. (10) D,0 Theparametersµandξ mustsatisfytheprobabilityconstraints0≤ pC,N−1 ≤1and0≤ pD,0 ≤1. Thus,therangeofµandξ canbeobtained. Denoteµandξ asfollows: µ = − (1−pC,N−1+pD,0)N , (11) [(r−1)N−β(1−pN)](N−1) s ξ = (1−pC,N−1+rpD,0)N−β(1−psN)pD,0. (12) (r−1)N−β(1−pN) s Wecanseethatthesignofµdependson(r−1)N−β(1−pN). Withrespecttoµ,wewillconduct s furtheranalysisinSection5. Finally,substitutingEquations(11)and(12)intoEquation(6),theparticipantcansettheexpected payoffofhis/heropponentstoafixedvalue. Then,wehave ∑N EX = −ξ = (N−1)+ (N−1)[(r−1)N−β(1−psN)], (13) µ N(1+γ) X=2 whereγ = 1−ppDC,,N0−1 denotesthelinearrelationship pC,N−1+γpD,0−1=0between pC,N−1and pD,0. Tosummarize,wecanseethatthetotalexpectedpayoffoftheopponentsdependsonthenumber ofplayersN,therateofattackgainr,andtheparameterγ. Then,participant1cansettheexpected payoffofhis/heropponentsbysettingtheparameterγtovariousvalues. 4.4. CollusiveStrategy As mentioned above, we have already studied the game scenario with multiple adversaries, inwhichonlyoneparticipantattemptstocontrolthepayoffofhis/heropponents. Nonetheless,itis possiblethatmorethanoneadversarycooperatescollusivelytocontrolthepayoffoftheiropponents, whichisdenotedascollusivestrategy. Thiscollusivestrategyisdifferentfromtheequalizerstrategy mentionedinSection4.3. Nonetheless,itwillachieveasimilarperformancebecausebothstrategies havethesameobjectives(i.e.,controllingthepayoffoftheiropponents). InSection4.3,itisshownthat,inthedeterminantvT·u1,therealsoexistsomecolumns,whichcan bedeterminedbymultipleparticipants’strategies. Thus,someparticipantscancollusivelychoose theproperstrategies,andenforcealinearrelationshipbetweentheirownexpectedpayoffandtheir opponents’,whichissimilartoEquation(3),asfollows: N p˜(cid:48) = ∑ α uX+α 1, (14) X 0 X=1 wherep˜(cid:48) isthespecialcolumninthedeterminantvT·u1,uX = [uX,··· ,uX,··· ,uX ]isthepayoff 1 i 2N vector,uX isthepayoffofparticipantXintheithoutcome,andα ,α ,··· ,α arethecoefficientsfor i 0 1 X linearcombination. Toextendourmodeltoageneralcase,weassumethatLadversariescolludetogetherandattempt tosetthepayoffoftheirN−Lopponentstoafixedvalue. Wecanseetheobjectiveofthiscollusive strategyissimilartotheequalizerstrategyinSection4.3. Noticethatthisstrategyonlyexistswhenthe collusivegroupsizeL = N−1[63].

Description:
N. Number of all the participants in the iterated game. uX. Payoff vector obtained by participant X r. Rate of gain from the coalitional attack p1. C,n. Probability for participant 1 to cooperate in the current round if he/she chooses cooperation. (C) and his/her n opponents choose cooperation in t
See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.