TY - CHAP
T1 - Towards High-Resolution Multi-Stage Security Games
AU - Laszka, Aron
AU - Koutsoukos, Xenofon
AU - Vorobeychik, Yevgeniy
N1 - Publisher Copyright:
© 2019, This is a U.S. government work and not under copyright protection in the U.S.; foreign copyright protection may apply.
PY - 2019
Y1 - 2019
N2 - In recent years, we have seen a large number of cyber-incidents, which demonstrated how difficult it is to prevent cyber-breaches when facing determined and sophisticated attackers. In light of this, it is clear that defenders need to look beyond the first lines of defense and invest not only into prevention, but also into limiting the impact of cyber-breaches. Thus, an effective cyber-defense must combine proactive defense, which aims to block anticipated attacks, with reactive defense, which responds to and mitigates perceived attacks (e.g., isolating and shutting down compromised components). However, planning defensive actions in anticipation of and in response to strategic attacks is a challenging problem. Prior work has introduced a number of game-theoretic security models for planning defensive actions, such as Stackelberg security games, but these models do not address the overarching problem of proactive and reactive defenses in sufficient detail. To bridge this gap, we introduce a modeling approach for building high-resolution multi-stage security games. We describe several approaches for modeling proactive and reactive defenses, consider key modeling choices and challenges, and discuss finding optimal defense policies. With our study, we aim to lay conceptual foundations for developing realistic models of cyber-security that researchers and practitioners can use for effective cyber-defense.
AB - In recent years, we have seen a large number of cyber-incidents, which demonstrated how difficult it is to prevent cyber-breaches when facing determined and sophisticated attackers. In light of this, it is clear that defenders need to look beyond the first lines of defense and invest not only into prevention, but also into limiting the impact of cyber-breaches. Thus, an effective cyber-defense must combine proactive defense, which aims to block anticipated attacks, with reactive defense, which responds to and mitigates perceived attacks (e.g., isolating and shutting down compromised components). However, planning defensive actions in anticipation of and in response to strategic attacks is a challenging problem. Prior work has introduced a number of game-theoretic security models for planning defensive actions, such as Stackelberg security games, but these models do not address the overarching problem of proactive and reactive defenses in sufficient detail. To bridge this gap, we introduce a modeling approach for building high-resolution multi-stage security games. We describe several approaches for modeling proactive and reactive defenses, consider key modeling choices and challenges, and discuss finding optimal defense policies. With our study, we aim to lay conceptual foundations for developing realistic models of cyber-security that researchers and practitioners can use for effective cyber-defense.
UR - http://www.scopus.com/inward/record.url?scp=85066431001&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85066431001&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-10597-6_6
DO - 10.1007/978-3-030-10597-6_6
M3 - Chapter
AN - SCOPUS:85066431001
T3 - Advances in Information Security
SP - 139
EP - 161
BT - Advances in Information Security
PB - Springer New York LLC
ER -