Dynamic resource management to defend against advanced persistent threats in fog computing: a game theoretic approach

Fog computing has gained tremendous popularity due to its capability of addressing the surging demand on high-quality ubiquitous mobile services. Nevertheless, the highly virtualized environment in fog computing leads to vulnerability to cyber attacks such as advanced persistent threats. In this pap...

Full description

Saved in:
Bibliographic Details
Main Authors: Feng, Shaohan, Xiong, Zehui, Niyato, Dusit, Wang, Ping
Other Authors: School of Computer Science and Engineering
Format: Article
Language:English
Published: 2022
Subjects:
Online Access:https://hdl.handle.net/10356/159931
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Nanyang Technological University
Language: English
Description
Summary:Fog computing has gained tremendous popularity due to its capability of addressing the surging demand on high-quality ubiquitous mobile services. Nevertheless, the highly virtualized environment in fog computing leads to vulnerability to cyber attacks such as advanced persistent threats. In this paper, we propose a novel game approach of cyber risk management for the fog computing platform. We adopt the cyber-insurance concept to transfer cyber risks from fog computing platform to a third party. The system model under consideration consists of three main entities, i.e., the fog computing provider, attacker, and cyber-insurer. The fog computing provider dynamically optimizes the allocation of its defense computing resources to improve the security of the fog computing platform which is composed of multiple fog nodes. Meanwhile, the attacker dynamically adjusts the allocation of its attack computing resources to increase the probability of successful attack. Additionally, to prevent from the potential loss due to the attacks, the provider also makes a dynamic decision on the subscription of cyber-insurance for each fog node. Thereafter, the cyber-insurer accordingly determines the premium of cyber-insurance for each fog node. To model this dynamic interactive decision making problem, we formulate a dynamic Stackelberg game. In the lower-level, we formulate an evolutionary subgame to analyze the provider's defense and cyber-insurance subscription strategies as well as the attacker's attack strategy. In the upper-level, the cyber-insurer optimizes its premium strategy, taking into account the evolutionary equilibrium at the lower-level evolutionary subgame. We analytically prove that the evolutionary equilibrium is unique and stable, and we investigate the Stackelberg equilibrium by capitalizing on tools from the optimal control theory. Moreover, we provide a series of insightful analytical and numerical results on the equilibrium of the dynamic Stackelberg game.