Stackelberg-Game-Based Defense Analysis against Advanced Persistent Threats on Cloud Control System

In this paper, the security problem for a cloud control system (CCS) is studied. In the CCS, so-called advanced persistent threats (APTs) can be launched by a malicious attacker to reduce the quality of service of cloud and deteriorate the system performance further. To defend against APTs and create a security as a service scheme, a defender needs to allocate defense resource to different units serving to different plants for improving the overall system performance when the CCS accommodates multiple physical plants simultaneously. After observing the defender's action, the attacker decides which serve units to comprise. Considering that both defender and attacker are subject to resource constraints, the interaction of two sides is modeled by a Stackelberg game. The optimal solutions for two players under different types of budget constraints are investigated. Simulation examples and comparison results are provided to verify the main results of this paper.