Data sharing between different organizations is an essential process in todays connected world. However, recently there were many concerns about data sharing as sharing sensitive information can jeopardize users privacy. To preserve the privacy, orga
nizations use anonymization techniques to conceal users sensitive data. However, these techniques are vulnerable to de-anonymization attacks which aim to identify individual records within a dataset. In this paper, a two-tier mathematical framework is proposed for analyzing and mitigating the de-anonymization attacks, by studying the interactions between sharing organizations, data collector, and a prospective attacker. In the first level, a game-theoretic model is proposed to enable sharing organizations to optimally select their anonymization levels for k-anonymization under two potential attacks: background-knowledge attack and homogeneity attack. In the second level, a contract-theoretic model is proposed to enable the data collector to optimally reward the organizations for their data. The formulated problems are studied under single-time sharing and repeated sharing scenarios. Different Nash equilibria for the proposed game and the optimal solution of the contract-based problem are analytically derived for both scenarios. Simulation results show that the organizations can optimally select their anonymization levels, while the data collector can benefit from incentivizing the organizations to share their data.
The operation of future intelligent transportation systems (ITSs), communications infrastructure (CI), and power grids (PGs) will be highly interdependent. In particular, autonomous connected vehicles require CI resources to operate, and, thus, commu
nication failures can result in non-optimality in the ITS flow in terms of traffic jams and fuel consumption. Similarly, CI components, e.g., base stations (BSs) can be impacted by failures in the electric grid that is powering them. Thus, malicious attacks on the PG can lead to failures in both the CI and the ITSs. To this end, in this paper, the security of an ITS against indirect attacks carried out through the PG is studied in an interdependent PG-CI-ITS scenario. To defend against such attacks, the administrator of the interdependent critical infrastructure can allocate backup power sources (BPSs) at every BS to compensate for the power loss caused by the attacker. However, due to budget limitations, the administrator must consider the importance of each BS in light of the PG risk of failure, while allocating the BPSs. In this regard, a rigorous analytical framework is proposed to model the interdependencies between the ITS, CI, and PG. Next, a one-to-one relationship between the PG components and ITS streets is derived in order to capture the effect of the PG components failure on the optimality of the traffic flow in the streets. Moreover, the problem of BPS allocation is formulated using a Stackelberg game framework and the Stackelberg equilibrium (SE) of the game is characterized. Simulation results show that the derived SE outperforms any other BPS allocation strategy and can be scalable in linear time with respect to the size of the interdependent infrastructure.
One prominent security threat that targets unmanned aerial vehicles (UAVs) is the capture via GPS spoofing in which an attacker manipulates a UAVs global positioning system (GPS) signals in order to capture it. Given the anticipated widespread deploy
ment of UAVs for various purposes, it is imperative to develop new security solutions against such attacks. In this paper, a mathematical framework is introduced for analyzing and mitigating the effects of GPS spoofing attacks on UAVs. In particular, system dynamics are used to model the optimal routes that the UAVs will adopt to reach their destinations. The GPS spoofers effect on each UAVs route is also captured by the model. To this end, the spoofers optimal imposed locations on the UAVs, are analytically derived; allowing the UAVs to predict their traveling routes under attack. Then, a countermeasure mechanism is developed to mitigate the effect of the GPS spoofing attack. The countermeasure is built on the premise of cooperative localization, in which a UAV can determine its location using nearby UAVs instead of the possibly compromised GPS locations. To better utilize the proposed defense mechanism, a dynamic Stackelberg game is formulated to model the interactions between a GPS spoofer and a drone operator. In particular, the drone operator acts as the leader that determines its optimal strategy in light of the spoofers expected response strategy. The equilibrium strategies of the game are then analytically characterized and studied through a novel proposed algorithm. Simulation results show that, when combined with the Stackelberg strategies, the proposed defense mechanism will outperform baseline strategy selection techniques in terms of reducing the possibility of UAV capture
In this paper, a software-based simulator for the deployment of base station-equipped unmanned aerial vehicles (UAVs) in a cellular network is proposed. To this end, the Google Earth Engine platform and its included image processing functions are use
d to collect geospatial data and to identify obstacles that can disrupt the line-of-sight (LoS) communications between UAVs and ground users. Given such geographical information, three environment-aware optimal UAV deployment scenarios are investigated using the developed simulator. In the first scenario, the positions of UAVs are optimized such that the number of ground users covered by UAVs is maximized. In the second scenario, the minimum number of UAVs needed to provide full coverage for all ground users is determined. Finally, given the load requirements of the ground users, the total flight time (i.e., energy) that the UAVs need to completely serve the ground users is minimized. Simulation results using a real area of the Virginia Tech campus show that the proposed environment-aware drone deployment framework with Google Earth input significantly enhances the network performance in terms of coverage and energy consumption, compared to classical deployment approaches that do not exploit geographical information. In particular, the results show that the proposed approach yields a coverage enhancement by a factor of 2, and a 65% improvement in energy-efficiency. The results have also shown the existence of an optimal number of drones that leads to a maximum wireless coverage performance.
Instilling resilience in critical infrastructure (CI) such as dams or power grids is a major challenge for tomorrows cities and communities. Resilience, here, pertains to a CIs ability to adapt or rapidly recover from disruptive events. In this paper
, the problem of optimizing and managing the resilience of CIs is studied. In particular, a comprehensive two-fold framework is proposed to improve CI resilience by considering both the individual CIs and their collective contribution to an entire system of multiple CIs. To this end, a novel analytical resilience index is proposed to measure the effect of each CIs physical components on its probability of failure. In particular, a Markov chain defining each CIs performance state and a Bayesian network modeling the probability of failure are introduced to infer each CIs resilience index. Then, to maximize the resilience of a system of CIs, a novel approach for allocating resources, such as drones or maintenance personnel, is proposed. In particular, a comprehensive resource allocation framework, based on the tools of contract theory, is proposed enabling the system operator to optimally allocate resources, such as, redundant components or monitoring devices to each individual CI based on its economic contribution to the entire system. The optimal solution of the contract-based resilience resource allocation problem is analytically derived using dynamic programming. The proposed framework is then evaluated using a case study pertaining to hydropower dams and their interdependence to the power grid. Simulation results, within the case study, show that the system operator can economically benefit from allocating the resources while dams have a 60% average improvement over their initial resilience indices.
Critical infrastructure protection (CIP) is envisioned to be one of the most challenging security problems in the coming decade. One key challenge in CIP is the ability to allocate resources, either personnel or cyber, to critical infrastructures wit
h different vulnerability and criticality levels. In this work, a contract-theoretic approach is proposed to solve the problem of resource allocation in critical infrastructure with asymmetric information. A control center (CC) is used to design contracts and offer them to infrastructures owners. A contract can be seen as an agreement between the CC and infrastructures using which the CC allocates resources and gets rewards in return. Contracts are designed in a way to maximize the CCs benefit and motivate each infrastructure to accept a contract and obtain proper resources for its protection. Infrastructures are defined by both vulnerability levels and criticality levels which are unknown to the CC. Therefore, each infrastructure can claim that it is the most vulnerable or critical to gain more resources. A novel mechanism is developed to handle such an asymmetric information while providing the optimal contract that motivates each infrastructure to reveal its actual type. The necessary and sufficient conditions for such resource allocation contracts under asymmetric information are derived. Simulation results show that the proposed contract-theoretic approach maximizes the CCs utility while ensuring that no infrastructure has an incentive to ask for another contract, despite the lack of exact information at the CC.
Moving target defense (MTD) techniques that enable a system to randomize its configuration to thwart prospective attacks are an effective security solution for tomorrows wireless networks. However, there is a lack of analytical techniques that enable
one to quantify the benefits and tradeoffs of MTDs. In this paper, a novel approach for implementing MTD techniques that can be used to randomize cryptographic techniques and keys in wireless networks is proposed. In particular, the problem is formulated as a stochastic game in which a base station (BS), acting as a defender seeks to strategically change its cryptographic techniques and keys in an effort to deter an attacker that is trying to eavesdrop on the data. The game is shown to exhibit a single-controller property in which only one player, the defender, controls the state of the game. For this game, the existence and properties of the Nash equilibrium are studied, in the presence of a defense cost for using MTD. Then, a practical algorithm for deriving the equilibrium MTD strategies is derived. Simulation results show that the proposed game-theoretic MTD framework can significantly improve the overall utility of the defender, while enabling effective randomization over cryptographic techniques.
