CERIAS - Center for Education and Research in Information Assurance and Security

Skip Navigation
CERIAS Logo
Purdue University - Discovery Park
Center for Education and Research in Information Assurance and Security

Game theoretic modeling of cyber deception in the Internet of Battlefield Things

Charles Kamhoua - US Army Research Laboratory

Mar 06, 2019

Size: 173.8MB

Download: Video Icon MP4 Video  
Watch in your Browser   Watch on Youtube Watch on YouTube

Abstract

Most sophisticated cyber attack follow the well-known cyber kill chain. The first step of the cyber kill chain is the reconnaissance phase where attacker probe the network in search of weakness, misconfiguration, vulnerabilities, and identify potential targets before the actual attack start. To this end, the attacker need to collect important information about the characteristics of each devices (i.e., hardware, operating system, applications), the network topology, the different subnet, firewall rules, access control, privilege, the communication protocol at each layer, and the machine learning algorithm on each IoBT devices. The attacker reconnaissance can be summarized by an attack graph in which the node represent vulnerable IoBT devices and the edge show their associated vulnerabilities.
This work investigates cyber deception as a complex game in which each player has three concurrent and interdependent objectives. Each players imperfectly monitor (partial observation) other players’ action to find out each player’s identity, strategies, payoff, available information, capability, and to continuously predict their intent. Each player strategically select to which players to hide particular information (e.g., camouflage). Each player judiciously manipulate other players’ perception (e.g., decoy) based on his observed action, estimated capability, and predicted intent. This work examines from the defender’s perspective several deception game on an attack graph. The defender goal is to stop the attacker early in the cyber kill chain and prevents the subsequent more dangerous phases.

About the Speaker

Charles A. Kamhoua is a researcher at the Network Security Branch of the U.S. Army Research Laboratory (ARL) in Adelphi, MD, where he is responsible for conducting and directing basic research in the area of game theory applied to cyber security. Prior to joining the Army Research Laboratory, he was a researcher at the U.S. Air Force Research Laboratory (AFRL), Rome, New York for 6 years and an educator in different academic institutions for more than 10 years. He has held visiting research positions at the University of Oxford and Harvard University. He has co-authored more than 150 peer-reviewed journal and conference papers. He is a co-inventor of 2 patents and 5 patent applications. He has been at the forefront of several new technologies, co-editing three books at Wiley-IEEE Press entitled "Assured Cloud Computing", "Blockchain for Distributed System Security" and "Modeling and Design of Secure Internet of Things", forthcoming. He has presented over 50 invited keynote and distinguished speeches and has co-organized over 10 conferences and workshops. He has mentored more than 60 young scholars, including students, postdocs, and Summer Faculty Fellow. He has been recognized for his scholarship and leadership with numerous prestigious awards, including the 2019 Federal 100-FCW annual awards for individuals that have had an exceptional impact on federal IT, the 2018 ARL Achievement Award for leadership and outstanding contribution to the ARL Cyber Camo (cyber deception) project, the 2018 Fulbright Senior Specialist Fellowship, the 2017 AFRL Information Directorate Basic Research Award “For Outstanding Achievements in Basic Research,” the 2017 Fred I. Diamond Award for the best paper published at AFRL’s Information Directorate, 40 Air Force Notable Achievement Awards, the 2016 FIU Charles E. Perry Young Alumni Visionary Award, the 2015 Black Engineer of the Year Award (BEYA), the 2015 NSBE Golden Torch Award—Pioneer of the Year, and selection to the 2015 Heidelberg Laureate Forum, to name a few. He has been congratulated by the White House, the US Congress and the Pentagon for those achievements. He received a B.S. in electronics from the University of Douala (ENSET), Cameroon, in 1999, an M.S. in Telecommunication and Networking from Florida International University (FIU) in 2008, and a Ph.D. in Electrical Engineering from FIU in 2011. He is currently an advisor for the National Research Council postdoc program, a member of the FIU alumni association and ACM, and a senior member of IEEE.

Unless otherwise noted, the security seminar is held on Wednesdays at 4:30P.M. STEW G52 (Suite 050B), West Lafayette Campus. More information...

Disclaimer

The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.