Abstract
In this paper, the Advanced Persistent Threats (APTs) defense for Internet of Things (IoT) is analyzed for inaccurate APT detection, i.e., both the miss detection rate and false alarm rate of the APT detection are considered. We formulate an expert system (ES)-based APT detection game, in which an expert will double-check the suspicious behavior or potential APT attackers reported by the autonomous and inaccurate APT detection system. The Nash equilibrium of the APT detection game for IoT with ES is derived, revealing the influence of the APT detection accuracy on the utilities of the IoT system and the attacker. We propose a Q-learning based APT detection method for the IoT system with ES in the dynamic game to obtain the optimal strategy without the knowledge of the attack model. Simulation results show that the proposed APT detection scheme can efficiently use the knowledge of the expert system to improve the defender’s utility and increase the security level of the IoT device compared with the benchmark detection scheme.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
