The following is a project Dr. Sayin involved in during his doctoral studies.
ADAPT: Analytical Framework for Actionable Defense against Advanced Persistent Threats
This project is a multidisciplinary university research initiative (including research groups from the University of Washington, University of Illinois at Urbana-Champaign, University of California Santa Barbara, Georgia Institute of Technology) to develop a novel game-theoretical framework to address the continuous computer hacking attacks, known as advanced persistent threats.
In this project, Dr. Sayin collaborated with the research group at the University of Washington to develop new security measures in computer systems that are actionable and grounded on game-theoretical guarantees. Previous studies addressed this issue via heuristic methods or analyzed it in very stylized models without providing an actionable defense measure. Instead, we presented a controlled hierarchical scheme to balance the trade-off between the model’s scalability and descriptiveness. The hierarchical method ensures that we can decompose the entire game into nested local sub-games whose outcomes determine the higher levels’ configurations. Therefore, we could compute minimax-optimal detection strategies via a dynamic program efficiently. Further details can be found in the following chapter.
- M. O. Sayin, D. Sahabandu, M. A. Zaman, R. Poovendran, and T. Başar. Minimax Detection (MAD) for Computer Security: A Dynamic Program Characterization. In C. A. Kamhoua, C. D. Kiekintveld, F. Fang, Q. Zhu (Eds.). Game Theory and Machine Learning for Cyber Security, Wiley-IEEE Press, 2021. [Chapter]
He studied the theoretical foundation of how intelligent and autonomous decision-makers (including humans or human-like artificial intelligence) would share their strategic information with others in complex and dynamic environments, e.g., for deception or privacy. He developed solution concepts solving the associated infinite-dimensional optimization problem by reducing it to a finite-dimensional one without loss of generality. This enables the use of existing numerical solvers to attain globally optimum solution in this challenging optimization problem. See the following representative papers:
- M. O. Sayin and T. Başar, “Bayesian Persuasion with State-Dependent Quadratic Cost Measures,” IEEE Trans. Automatic Control, 2021.
- M. O. Sayin, E. Akyol, and T. Başar, “Hierarchical Multi-stage Gaussian Signaling Games in Noncooperative Communication and Control Systems,” Automatica, 2019.
He also studied strategic communication applications for security of cyber-physical systems. Cyber connections have brought in new security challenges in control systems where attackers can manipulate control systems at unprecedented levels with various malicious tasks. However, attackers take actions driven by and compatible with their objective and information available to them. Manipulation of this information can be a security measure to persuade attackers to attack the system inadvertently in a way in-line with the system’s objective. For example, we can encode the sensor output strategically as illustrated in the figure. See the following representative papers.
- M. O. Sayin and T. Başar. Deception-As-Defense Framework for Cyber-Physical Systems. In A. Teixeira and R. Ferrari (Eds.). Safety, Security, and Privacy for Cyber-Physical Systems, Springer Nature, 2021. [Chapter]
- M. O. Sayin and T. Başar, “Persuasion-based Robust Sensor Design Against Attackers with Unknown Control Objectives,” IEEE Trans. Automatic Control, 2021