Equipment classification based differential game method for advanced persistent threats in Industrial Internet of Things

Abstract

This paper is dedicated to solving the problem of Advanced Persistent Threat (APT) attack and defense in the Industrial Internet of Things (IIoT). Due to the diversity of IIoT equipment and the inconsistency of protection capabilities, it is difficult for the existing uniform defense strategy and the random defense strategy to achieve ideal results. Considering that both attackers and defenders aim to achieve maximum benefits by paying the minimum cost, as well as the differences between devices, this paper proposes an equipment classification based differential game method for APT in IIoT. Firstly, all equipment is divided into two categories according to their protective capabilities. Secondly, the APT attack and defense process is mathematically described, and the corresponding differential game problem is formulated and analyzed theoretically. Finally, the theoretical results of this method are verified by various experiments, including the comparisons with the uniform defense strategy, the random defense strategy, and the latest model.