A Game-Theoretic Approach for Minimizing Security Risks in the Internet-of-Things

George Rontidis, Emmanouil Panaousis, Aron Laszka, Tasos Dagiuklas, Pasquale Malacaria, Tansu Alpcan

Research output: Chapter in Book/Conference proceeding with ISSN or ISBNConference contribution with ISSN or ISBNpeer-review

Abstract

In the Internet-of-Things (IoT), users might share part of their data with different IoT prosumers, which offer applications or services. Within this open environment, the existence of an adversary introduces security risks. These can be related, for instance, to the theft of user data, and they vary depending on the security controls that each IoT prosumer has put in place. To minimize such risks, users might seek an “optimal” set of prosumers. However, assuming the adversary has the same information as the users about the existing security measures, he can then devise which prosumers will be preferable (e.g., with the highest security levels) and attack them more intensively. This paper proposes a decision-support approach that minimizes security risks in the above scenario. We propose a non-cooperative, two-player game entitled Prosumers Selection Game (PSG). The Nash Equilibria of PSG determine subsets of prosumers that optimize users’ payoffs. We refer to any game solution as the Nash Prosumers Selection (NPS), which is a vector of probabilities over subsets of prosumers. We show that when using NPS, a user faces the least expected damages. Additionally, we show that according to NPS every prosumer, even the least secure one, is selected with some non-zero probability. We have also performed simulations to compare NPS against two different heuristic selection algorithms. The former is proven to be approximately 38% more effective in terms of security-risk mitigation.
Original languageEnglish
Title of host publication2015 IEEE International Conference on Communication Workshop (ICCW)
Place of PublicationLondon
PublisherIEEE
Pages2639-2644
Number of pages6
ISBN (Print)9781467363051
DOIs
Publication statusPublished - 10 Mar 2015
Event2015 IEEE International Conference on Communication Workshop (ICCW) - London, UK, 8-12 June 2015
Duration: 10 Mar 2015 → …

Conference

Conference2015 IEEE International Conference on Communication Workshop (ICCW)
Period10/03/15 → …

Bibliographical note

© 2015 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.

Fingerprint

Dive into the research topics of 'A Game-Theoretic Approach for Minimizing Security Risks in the Internet-of-Things'. Together they form a unique fingerprint.

Cite this