An analytic approach to cyber adversarial dynamics

To date, cyber security investment by both the government and commercial sectors has been largely driven by the myopic best response of players to the actions of their adversaries and their perception of the adversarial environment. However, current work in applying traditional game theory to cyber operations typically assumes that games exist with prescribed moves, strategies, and payos. This paper presents an analytic approach to characterizing the more realistic cyber adversarial metagame that we believe is being played. Examples show that understanding the dynamic metagame provides opportunities to exploit an adversary's anticipated attack strategy. A dynamic version of a graph-based attack-defend game is introduced, and a simulation shows how an optimal strategy can be selected for success in the dynamic environment.

[1]  B. Roberson The Colonel Blotto game , 2006 .

[2]  Anas N. Al-Rabadi,et al.  A comparison of modified reconstructability analysis and Ashenhurst‐Curtis decomposition of Boolean functions , 2004 .

[3]  Cynthia A. Phillips,et al.  A graph-based system for network-vulnerability analysis , 1998, NSPW '98.

[4]  Chase Qishi Wu,et al.  A Survey of Game Theory as Applied to Network Security , 2010, 2010 43rd Hawaii International Conference on System Sciences.

[5]  John C. Mitchell,et al.  Using Strategy Objectives for Network Security Analysis , 2009, Inscrypt.

[6]  Jean Goubault-Larrecq,et al.  A Logical Framework for Evaluating Network Resilience Against Faults and Attacks , 2007, ASIAN.

[7]  T. Başar,et al.  Dynamic Noncooperative Game Theory , 1982 .

[8]  Thomas A. Henzinger,et al.  Timed Alternating-Time Temporal Logic , 2006, FORMATS.

[9]  Quanyan Zhu,et al.  Game theory meets network security and privacy , 2013, CSUR.

[10]  Somesh Jha,et al.  Automated generation and analysis of attack graphs , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[11]  Wei Jiang,et al.  A Game Theoretic Method for Decision and Analysis of the Optimal Active Defense Strategy , 2007, 2007 International Conference on Computational Intelligence and Security (CIS 2007).

[12]  Somesh Jha,et al.  Two formal analyses of attack graphs , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.

[13]  Jun Li,et al.  A network security assessment model based on attack-defense game theory , 2010, 2010 International Conference on Computer Application and System Modeling (ICCASM 2010).

[14]  Duminda Wijesekera,et al.  Scalable, graph-based network vulnerability analysis , 2002, CCS '02.

[15]  F. Zagare Game Theory: Concepts and Applications , 1984 .