Biblio

Mitigating cyber threats requires adequate understanding of the attacker characteristics in particular their patterns. Such knowledge is essential in addressing the defensive measures that mitigate the attack. If the attacker enters in the network system, the game tree model generates resources by to counter such threat. This is done by altering the parity in the next game tree iteration which yield an adequate response to counter it. If an attacker enters a network system, and a game tree models the resources he must interface with, then that game tree can be altered, by changing the parity on the next to last iteration. This paper analyzes the sequence of patterns based on incoming attacks. The detection of attacker’s pattern and subsequent changes in iterations to counter threat can be viewed as adequate resource or know how in cyber threat mitigations It was realized that changing the game tree of the hacker deprives the attacker of network resources and hence would represent a defensive measure against the attack; that is changing varying or understanding attacker paths, creates an effective defensive measure to protect the system against the incoming threats.. In this paper we analyze a unique combination of CFR and MCTS that attempts to detect the behavior of a hacker. Counterfactual Regret (CFR) is a game theory concept that helps identify patterns of attacks. The pattern recognition concept of Monte Carlo Tree Search (MCTS) is used in harmony with CFR in order to enhance the detection of attacks.

The reliability of nuclear command, control and communications has long been identified as a critical component of the strategic stability among nuclear states. Advances in offensive cyber weaponry have the potential to negatively impact this reliability, threatening strategic stability. In this paper we present a game theoretic model of preemptive cyber attacks against nuclear command, control and communications. The model is a modification of the classic two-player game of Chicken, a standard game theoretic model for nuclear brinksmanship. We fully characterize equilibria in both the complete information game and two distinct two-sided incomplete information games. We show that when both players have advanced cyber capabilities conflict is more likely in equilibrium, regardless of information structure. On the other hand, when at most one player has advanced cyber capabilities, strategic stability depends on the information structure. Under complete information, asymmetric cyber capabilities have a stabilizing effect in which the player with strong cyber has the resolve to stand firm in equilibrium. Under incomplete information, asymmetric cyber capabilities can have both stabilizing and destabilizing effects depending on prior beliefs over opponent cyber capabilities.