Optimal Cyber-Defense Strategies for Advanced Persistent Threats: A Game Theoretical Analysis
Title | Optimal Cyber-Defense Strategies for Advanced Persistent Threats: A Game Theoretical Analysis |
Publication Type | Conference Paper |
Year of Publication | 2017 |
Authors | Acquaviva, J., Mahon, M., Einfalt, B., LaPorta, T. |
Conference Name | 2017 IEEE 36th Symposium on Reliable Distributed Systems (SRDS) |
Keywords | advanced persistent threats, budget constrained network administrators, Cognition, Cyber attack modeling, cyber attackers, Data models, defense budget, Exponential distribution, expressive model, game theoretical analysis, game theory, Games, graph edges, Human Behavior, Mathematical model, Metrics, network administrator, Network security, optimal cyber-defense strategies, pubcrawl, rational attacker, rational strategy, resilience, Resiliency, Scalability, security, security of data, Zero-Sum Games, zero-sum repeated game |
Abstract | We introduce a novel mathematical model that treats network security as a game between cyber attackers and network administrators. The model takes the form of a zero-sum repeated game where each sub-game corresponds to a possible state of the attacker. Our formulation views state as the set of compromised edges in a graph opposed to the more traditional node-based view. This provides a more expressive model since it allows the defender to anticipate the direction of attack. Both players move independently and in continuous time allowing for the possibility of one player moving several times before the other does. This model shows that defense-in-depth is not always a rational strategy for budget constrained network administrators. Furthermore, a defender can dissuade a rational attacker from attempting to attack a network if the defense budget is sufficiently high. This means that a network administrator does not need to make their system completely free of vulnerabilities, they only to ensure the penalties for being caught outweigh the potential rewards gained. |
URL | http://ieeexplore.ieee.org/document/8069083/ |
DOI | 10.1109/SRDS.2017.29 |
Citation Key | acquaviva_optimal_2017 |
- Mathematical model
- zero-sum repeated game
- Zero-Sum Games
- security of data
- security
- Scalability
- Resiliency
- resilience
- rational strategy
- rational attacker
- pubcrawl
- optimal cyber-defense strategies
- network security
- network administrator
- Metrics
- advanced persistent threats
- Human behavior
- graph edges
- Games
- game theory
- game theoretical analysis
- expressive model
- Exponential distribution
- defense budget
- Data models
- cyber attackers
- Cyber attack modeling
- cognition
- budget constrained network administrators