Incentive-based modeling and inference of attacker intent, objectives, and strategies

Peng Liu; Wanyu Zang; Meng Yu

doi:10.1145/1053283.1053288

Incentive-based modeling and inference of attacker intent, objectives, and strategies

Peng Liu, Wanyu Zang, Meng Yu

Research output: Contribution to journal › Article › peer-review

152 Scopus citations

Abstract

Although the ability to model and infer attacker intent, objectives, and strategies (AIOS) may dramatically advance the literature of risk assessment, harm prediction, and predictive or proactive cyber defense, existing AIOS inference techniques are ad hoc and system or application specific. In this paper, we present a general incentive-based method to model AIOS and a game-theoretic approach to inferring AIOS. On one hand, we found that the concept of incentives can unify a large variety of attacker intents; the concept of utilities can integrate incentives and costs in such a way that attacker objectives can be practically modeled. On the other hand, we developed a game-theoretic AIOS formalization which can capture the inherent interdependency between AIOS and defender objectives and strategies in such a way that AIOS can be automatically inferred. Finally, we use a specific case study to show how attack strategies can be inferred in real-world attack-defense scenarios.

Original language	English (US)
Pages (from-to)	78-118
Number of pages	41
Journal	ACM Transactions on Information and System Security
Volume	8
Issue number	1
DOIs	https://doi.org/10.1145/1053283.1053288
State	Published - Feb 2005

All Science Journal Classification (ASJC) codes

Computer Science(all)
Safety, Risk, Reliability and Quality

Access to Document

10.1145/1053283.1053288

Cite this

@article{fb9d39caad004f48997c0c4dc793f549,

title = "Incentive-based modeling and inference of attacker intent, objectives, and strategies",

abstract = "Although the ability to model and infer attacker intent, objectives, and strategies (AIOS) may dramatically advance the literature of risk assessment, harm prediction, and predictive or proactive cyber defense, existing AIOS inference techniques are ad hoc and system or application specific. In this paper, we present a general incentive-based method to model AIOS and a game-theoretic approach to inferring AIOS. On one hand, we found that the concept of incentives can unify a large variety of attacker intents; the concept of utilities can integrate incentives and costs in such a way that attacker objectives can be practically modeled. On the other hand, we developed a game-theoretic AIOS formalization which can capture the inherent interdependency between AIOS and defender objectives and strategies in such a way that AIOS can be automatically inferred. Finally, we use a specific case study to show how attack strategies can be inferred in real-world attack-defense scenarios.",

author = "Peng Liu and Wanyu Zang and Meng Yu",

year = "2005",

month = feb,

doi = "10.1145/1053283.1053288",

language = "English (US)",

volume = "8",

pages = "78--118",

journal = "ACM Transactions on Information and System Security",

issn = "1094-9224",

publisher = "Association for Computing Machinery (ACM)",

number = "1",

}

TY - JOUR

T1 - Incentive-based modeling and inference of attacker intent, objectives, and strategies

AU - Liu, Peng

AU - Zang, Wanyu

AU - Yu, Meng

PY - 2005/2

Y1 - 2005/2

N2 - Although the ability to model and infer attacker intent, objectives, and strategies (AIOS) may dramatically advance the literature of risk assessment, harm prediction, and predictive or proactive cyber defense, existing AIOS inference techniques are ad hoc and system or application specific. In this paper, we present a general incentive-based method to model AIOS and a game-theoretic approach to inferring AIOS. On one hand, we found that the concept of incentives can unify a large variety of attacker intents; the concept of utilities can integrate incentives and costs in such a way that attacker objectives can be practically modeled. On the other hand, we developed a game-theoretic AIOS formalization which can capture the inherent interdependency between AIOS and defender objectives and strategies in such a way that AIOS can be automatically inferred. Finally, we use a specific case study to show how attack strategies can be inferred in real-world attack-defense scenarios.

AB - Although the ability to model and infer attacker intent, objectives, and strategies (AIOS) may dramatically advance the literature of risk assessment, harm prediction, and predictive or proactive cyber defense, existing AIOS inference techniques are ad hoc and system or application specific. In this paper, we present a general incentive-based method to model AIOS and a game-theoretic approach to inferring AIOS. On one hand, we found that the concept of incentives can unify a large variety of attacker intents; the concept of utilities can integrate incentives and costs in such a way that attacker objectives can be practically modeled. On the other hand, we developed a game-theoretic AIOS formalization which can capture the inherent interdependency between AIOS and defender objectives and strategies in such a way that AIOS can be automatically inferred. Finally, we use a specific case study to show how attack strategies can be inferred in real-world attack-defense scenarios.

UR - http://www.scopus.com/inward/record.url?scp=16644384919&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=16644384919&partnerID=8YFLogxK

U2 - 10.1145/1053283.1053288

DO - 10.1145/1053283.1053288

M3 - Article

AN - SCOPUS:16644384919

SN - 1094-9224

VL - 8

SP - 78

EP - 118

JO - ACM Transactions on Information and System Security

JF - ACM Transactions on Information and System Security

IS - 1

ER -

Incentive-based modeling and inference of attacker intent, objectives, and strategies

Abstract

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this