International audienceThe widespread deployment of smart meters in the advanced metering infrastructure (AMI) raises privacy concerns. Analyzing the data collected from smart meters can expose habits and can be potentially used to predict consumers' behaviors. In this paper, we analyze the confidentiality of information in the AMI consisting of nodes with interdependent correlated security assets. On each node, the defender can choose one of several security modes available. We try to answer the following questions: 1) What is the expected behavior of a rational attacker?; 2) What is the optimal strategy of the defender?; and 3) Can we configure the security modes on each node to discourage the attacker from launching any attacks? In this paper, we formulate the problem as a noncooperative game and analyze the behavior of the attacker and the defender at the Nash equilibrium. The attacker chooses his targets in order to collect the maximum amount of data on consumers, and the defender chooses the encryption level of outbound data on each device in the AMI. Using our model, we derive the minimum defense resources required and the optimal strategy of the defender. Finally, we show how our framework can be applied in a real-world scenario via a case study
Intrusion Detection Systems (IDS) are key components for securing critical infrastructures, capable of detecting malicious activities on networks or hosts. However, the efficiency of an IDS depends primarily on both its configuration and its precision. The large amount of network traffic that needs to be analyzed, in addition to the increase in attacks’ sophistication, renders the optimization of intrusion detection an important requirement for infrastructure security, and a very active research subject. In the state of the art, a number of approaches have been proposed to improve the efficiency of intrusion detection and response systems. In this article, we review the works relying on decision-making techniques focused on game theory and Markov decision processes to analyze the interactions between the attacker and the defender, and classify them according to the type of the optimization problem they address. While these works provide valuable insights for decision-making, we discuss the limitations of these solutions as a whole, in particular regarding the hypotheses in the models and the validation methods. We also propose future research directions to improve the integration of game-theoretic approaches into IDS optimization techniques.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.