Quanyan Zhu

  • This brief introduces game- and decision-theoretical techniques for the analysis and design of resilient interdependent networks. It unites game and decision theory with network science to lay a system-theoretical foundation for understanding the resiliency of interdependent and heterogeneous network systems.

    The authors pay particular attention to critical infrastructure systems, such as electric power, water, transportation, and communications. They discuss how infrastructure networks are becoming increasingly interconnected as the integration of Internet of Things devices, and how a single-point failure in one network can propagate to other infrastructures, creating an enormous social and economic impact. The specific topics in the book include:

    ·  static and dynamic meta-network resilience game analysis and design;

    ·  optimal control of interdependent epidemics spreading over complex networks; and

    ·  applications to secure and resilient design of critical infrastructures.

    These topics are supported by up-to-date summaries of the authors' recent research findings. The authors then discuss the future challenges and directions in the analysis and design of interdependent networks and explain the role of multi-disciplinary research has in computer science, engineering, public policy, and social sciences fields of study.

    The brief introduces new application areas in mathematics, economics, and system and control theory, and will be of interest to researchers and practitioners looking for new approaches to assess and mitigate risks in their systems and enhance their network resilience. A Game- and Decision-Theoretic Approach to Resilient Interdependent Network Analysis and Design also has self-contained chapters, which allows for multiple levels of reading by anyone with an interest in game and decision theory and network science.

  • This book introduces a cross-layer design to achieve security and resilience for CPSs (Cyber-Physical Systems). The authors interconnect various technical tools and methods to capture the different properties between cyber and physical layers. Part II of this book bridges the gap between cryptography and control-theoretic tools. It develops a bespoke crypto-control framework to address security and resiliency in control and estimation problems where the outsourcing of computations is possible. Part III of this book bridges the gap between game theory and control theory and develops interdependent impact-aware security defense strategies and cyber-aware resilient control strategies.With the rapid development of smart cities, there is a growing need to integrate the physical systems, ranging from large-scale infrastructures to small embedded systems, with networked communications. The integration of the physical and cyber systems forms Cyber-Physical Systems (CPSs), enabling the use of digital information and control technologies to improve the monitoring, operation, and planning of the systems. Despite these advantages, they are vulnerable to cyber-physical attacks, which aim to damage the physical layer through the cyber network.
    This book also uses case studies from autonomous systems, communication-based train control systems, cyber manufacturing, and robotic systems to illustrate the proposed methodologies.  These case studies aim to motivate readers to adopt a cross-layer system perspective toward security and resilience issues of large and complex systems and develop domain-specific solutions to address CPS challenges.
    A comprehensive suite of solutions to a broad range of technical challenges in secure and resilient control systems are described in this book (many of the findings in this book are useful to anyone working in cybersecurity). Researchers, professors, and advanced-level students working in computer science and engineering will find this book useful as a reference or secondary text. Industry professionals and military workers interested in cybersecurity will also want to purchase this book.

  • This book introduces game theory as a means to conceptualize, model, and analyze cyber deception. Drawing upon a collection of deception research from the past 10 years, the authors develop a taxonomy of six species of defensive cyber deception. Three of these six species are highlighted in the context of emerging problems such as privacy against ubiquitous tracking in the Internet of things (IoT), dynamic honeynets for the observation of advanced persistent threats (APTs), and active defense against physical denial-of-service (PDoS) attacks. Because of its uniquely thorough treatment of cyber deception, this book will serve as a timely contribution and valuable resource in this active field.

    The opening chapters introduce both cybersecurity in a manner suitable for game theorists and game theory as appropriate for cybersecurity professionals. Chapter Four then guides readers through the specific field of defensive cyber deception. A key feature of the remaining chapters is the development of a signaling game model for the species of leaky deception featured in honeypots and honeyfiles. This model is expanded to study interactions between multiple agents with varying abilities to detect deception.

    Game Theory for Cyber Deception will appeal to advanced undergraduates, graduate students, and researchers interested in applying game theory to cybersecurity. It will also be of value to researchers and professionals working on cybersecurity who seek an introduction to game theory.

  • This contributed volume offers a collection of papers presented at the 2018 Network Games, Control, and Optimization conference (NETGCOOP), held at the New York University Tandon School of Engineering in New York City, November 14-16, 2018. These papers highlight the increasing importance of network control and optimization in many networking application domains, such as mobile and fixed access networks, computer networks, social networks, transportation networks, and, more recently, electricity grids and biological networks. Covering a wide variety of both theoretical and applied topics in the areas listed above, the authors explore several conceptual and algorithmic tools that are needed for efficient and robust control operation, performance optimization, and better understanding the relationships between entities that may be acting cooperatively or selfishly in uncertain and possibly adversarial environments. As such, this volume will be of interest to applied mathematicians, computer scientists, engineers, and researchers in other related fields.

  • This book provides a comprehensive overview of the key concerns as well as research challenges in designing secure and resilient Industrial Control Systems (ICS). It will discuss today's state of the art security architectures and couple it with near and long term research needs that compare to the baseline. It will also establish all discussions to generic reference architecture for ICS that reflects and protects high consequence scenarios.
    Significant strides have been made in making industrial control systems secure. However, increasing connectivity of ICS systems with commodity IT devices and significant human interaction of ICS systems during its operation regularly introduces newer threats to these systems resulting in ICS security defenses always playing catch-up. There is an emerging consensus that it is very important for ICS missions to survive cyber-attacks as well as failures and continue to maintain a certain level and quality of service. Such resilient ICS design requires one to be proactive in understanding and reasoning about evolving threats to ICS components, their potential effects on the ICS mission's survivability goals, and identify ways to design secure resilient ICS systems.
    This book targets primarily educators and researchers working in the area of ICS and Supervisory Control And Data Acquisition (SCADA) systems security and resiliency. Practitioners responsible for security deployment, management and governance in ICS and SCADA systems would also find this book useful. Graduate students will find this book to be a good starting point for research in this area and a reference source.

  • This book presents a compendium of selected game- and decision-theoretic models to achieve and assess the security of critical infrastructures. Given contemporary reports on security incidents of various kinds, we can see a paradigm shift to attacks of an increasingly heterogeneous nature, combining different techniques into what we know as an advanced persistent threat. Security precautions must match these diverse threat patterns in an equally diverse manner; in response, this book provides a wealth of techniques for protection and mitigation.

    Much traditional security research has a narrow focus on specific attack scenarios or applications, and strives to make an attack "practically impossible." A more recent approach to security views it as a scenario in which the cost of an attack exceeds the potential reward. This does not rule out the possibility of an attack but minimizes its likelihood to the least possible risk. The book follows this economic definition of security, offering a management scientific view that seeks a balance between security investments and their resulting benefits. It focuses on optimization of resources in light of threats such as terrorism and advanced persistent threats. 

    Drawing on the authors' experience and inspired by real case studies, the book provides a systematic approach to critical infrastructure security and resilience. Presenting a mixture of theoretical work and practical success stories, the book is chiefly intended for students and practitioners seeking an introduction to game- and decision-theoretic techniques for security. The required mathematical concepts are self-contained, rigorously introduced, and illustrated by case studies. The book also provides software tools that help guide readers in the practical use of the scientific models and computational frameworks.