Optimal cyber-defense strategies for advanced persistent threats: A game theoretical analysis

Jeffrey Acquaviva, Mark Mahon, Bruce Einfalt, Tom Laporta

Research output: Chapter in Book/Report/Conference proceedingConference contribution

3 Scopus citations

Abstract

We introduce a novel mathematical model that treats network security as a game between cyber attackers and network administrators. The model takes the form of a zero-sum repeated game where each sub-game corresponds to a possible state of the attacker. Our formulation views state as the set of compromised edges in a graph opposed to the more traditional node-based view. This provides a more expressive model since it allows the defender to anticipate the direction of attack. Both players move independently and in continuous time allowing for the possibility of one player moving several times before the other does. This model shows that defense-in-depth is not always a rational strategy for budget constrained network administrators. Furthermore, a defender can dissuade a rational attacker from attempting to attack a network if the defense budget is sufficiently high. This means that a network administrator does not need to make their system completely free of vulnerabilities, they only to ensure the penalties for being caught outweigh the potential rewards gained.

Original languageEnglish (US)
Title of host publicationProceedings - 2017 IEEE 36th International Symposium on Reliable Distributed Systems, SRDS 2017
PublisherIEEE Computer Society
Pages204-213
Number of pages10
ISBN (Electronic)9781538616796
DOIs
StatePublished - Oct 13 2017
Event36th IEEE International Symposium on Reliable Distributed Systems, SRDS 2017 - Hong Kong, Hong Kong
Duration: Sep 26 2017Sep 29 2017

Publication series

NameProceedings of the IEEE Symposium on Reliable Distributed Systems
Volume2017-September
ISSN (Print)1060-9857

Other

Other36th IEEE International Symposium on Reliable Distributed Systems, SRDS 2017
Country/TerritoryHong Kong
CityHong Kong
Period9/26/179/29/17

All Science Journal Classification (ASJC) codes

  • Software
  • Theoretical Computer Science
  • Hardware and Architecture
  • Computer Networks and Communications

Fingerprint

Dive into the research topics of 'Optimal cyber-defense strategies for advanced persistent threats: A game theoretical analysis'. Together they form a unique fingerprint.

Cite this