Game-theoretic analysis of active attacks

Game theory is a study of mathematical models which provides a set of tools for analysing interactive decision problems. It is usually used to model the strategic interaction be- tween two or more players in situations where a player’s choice have direct impact on others [275, 276]. The type of games within the theory can be divided as cooperative games and non-cooperative games. In a cooperative game players form coalitions in or- der to strengthen their position in a game. In a non-cooperative games each player is independent and chooses their strategy in order to increase their own benefit. The present thesis focus on non-cooperative games. More specifically, Section 5.5.1 uses the theory to evaluate the optimal strategy of a pair of legitimate users in the presence of a jammer.

cations [15,74,277–279]. A non-cooperative game is framed by 1) identifying the players and their possible actions; 2) defining the payoffs as a function of the actions; 3) evaluat- ing equilibria and possible outcomes. The mathematical definition of a non-cooperative game is described by three elements, G = ({L, J }, {AL, AJ(p)}, {uL, uJ})). First the players are identified, i.e., player L representing the legitimate users, who are considered to act as a single player, and player J representing the jammer. Secondly, the action set of player L and player J are determined as AL and AJ, respectively. Finally the utility function (payoff) of each player is defined as uL, for player L, and uJ for player J . A fundamental assumption of the theory is that the players are rational, i.e., each player chooses the action that optimises his utility knowing that the other players will act like- wise. The games defined in this chapter belong to the group of zero-sum games. This is a type of game where the gain of one player equals the loss of the other player, i.e., uL= −uJ, hence while maximising their utility function each player minimises the profit of the others.

In a game-theoretic analysis the saddle point of a game is defined by its Nash or Stackelberg equilibria. A Nash equilibrium is the profile of strategies where all player choose simultaneously their best responses to the equilibrium strategies of the other play- ers [280, 281], such that:

ui(a∗i, a ∗

−i) ≥ ui(bi, a∗−i), (5.1)

where a∗_i ∈ BRi and a∗−i ∈ BR−i define the fixed points of best responses for players i and all other players in the game, respectively, bi ∈ Ai∩ BRCi denotes all other actions that player i can take. On the other hand, Stackelberg games can be distinguished from Nash games by the fact that in Stackelberg games the players act in specific order in time, i.e., not simultaneously as in Nash equilibrium games. Therefore, in Stackelberg games there is a leader who chooses his strategy first and followers who choose their best response based upon the leader’s action. Section 5.5.1 of the present chapter evaluates the Stackelberg equilibrium in order to identify the optimal strategy of legitimate users in presence of reactive jammer.

5.3

Employed methods and system model

The previous section summarised the necessary background material, the rest of this chap- ter explores novel work on the jamming attacks on the SKG process and proposes a set of countermeasures. As discussed in Chapter 4, building semantically secure AE protocols using the SKG procedure is straightforward, as long as the channel probing phase of the scheme is robust against active attacks [108], [282]. Therefore, an important next step is to study MiM and DoS attacks during the channel excitation phase of the SKG protocol, commonly referred to as “advantage distillation”. The investigations are based on the methods described below.

Secret key generation

As discussed in the previous chapters, Alice and Bob can obtain a shared secret key fol- lowing the three-step SKG procedure, (described in Section 2.2.1), i.e., i) advantage distil- lation; ii) information reconciliation; and, iii) privacy amplification. This chapter provides countermeasures to existing attacks during the process. This is discussed in detail in the next items.

Jamming attacks and countermeasures

Firstly, MiM attacks, referred to as “injection” attacks, are investigated: an active adver- sary tries to control part of the generated secret key by spoofing the channel estimation phase of the SKG scheme. Existing works have considered jamming attacks and formu- late these in game-theoretic form [283], [284]. However, they have not considered the close relationship between injection and jammming. The work in this chapter proposes an approach of the MiM attack that assumes that the adversary has one additional antenna with respect to the legitimate users. This is a generous assumption with respect to the adversary’s capabilities and reveals a critical vulnerability of SKG, that needs to be ad- dressed. As a countermeasure, this study proposes a concrete pilot randomisation scheme

using QPSK modulated random pilots. This work proves that the source of shared ran- domness remains Gaussian and that the adversary can no longer mount the MiM attack. An interesting conclusion of the analysis is that the MiM injection attack is reduced to a jamming attack when pilot randomisation is employed.

Next, motivated by the above result, DoS in the form of reactive jamming is stud- ied for BF-AWGN channels – used as an abstraction for orthogonal frequency division multiplexing (OFDM) modulation systems. The attacker’s optimal strategies are derived. In the present contribution it is assumed that the legitimate users blindly adopt a uniform power allocation policy, the level of which is optimally identified. The study demonstrates that a reactive jammer can have a far more serious impact on the SKG process compared to a simple active jammer.

Game theory

The optimal strategies within this chapter are identified through game-theoretic analysis (for more details on game theory please see Section 5.2.3). All of the scenarios, described in the previous item, are formulated as zero-sum games where legitimate parties and ad- versary are presented as players with opposite goals. The study within this chapter does not introduce any novelty in regards to game theory, instead it uses it as a tool to determine the best actions of all players (i.e., legitimate users and jammer).

The system model, depicted in Fig. 5.2, assumes two legitimate parties, referred to as Alice and Bob, and a active adversary, referred to as Mallory. This work assumes a Rayleigh multipath environment, where the legitimate parties communicate over a BF- AWGN channel, that comprises N subcarriers.