Abstract
Cybersecurity is a context in which at least two agents, namely a defender and an attacker, interact to achieve conflicting objectives. As such, its analysis with game theory is natural. Most game theoretic approaches for cybersecurity rely on analytical games described by a reward function depending on agent actions, and the goal is often to find equilibriums (e.g, Nash equilibrium). However, these techniques imply a new analysis for each particular system or network. Contrarily, defining Multi-Agent System (MAS) formalisms adapted to describe multi-step attacks can help generically design defense systems. Moreover, model checking defender strategic abilities in the MAS offers guarantees on active cyber defenses leveraged by the security team, including honeypots (i.e, deception mechanisms) and Moving Target Defenses (i.e, system reconfiguration). The existing formalisms do not capture all the aspects of active defenses, so we developed Capacity Alternating-time Temporal Logic to reason about strategic abilities under imperfect information of the agents’ capacities. During my thesis, we plan to explore further the use of MAS verification for active cybersecurity.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Alur, R., Henzinger, T.A., Kupferman, O.: Alternating- time temporal logic. English. J. ACM 49(5), 672–713 (2002). ISSN: 0004–5411. https://doi.org/10.1145/585265.585270
Aminof, B., et al.: Graded modalities in strategy logic. Inf. Comput. 261, 634–649 (2018). https://doi.org/10.1016/j.ic.2018.02.022
Ballot, G., et al.: Reasoning about moving target defense in attack modeling formalisms. In: Proceedings of the 9th ACM Workshop on Moving Target Defense. MTD 2022. Los Angeles, CA, USA: Association for Computing Machinery, pp. 55–65 (2022). ISBN: 9781450398787, https://doi.org/10.1145/3560828.3564009
Belardinelli, F., Ferrando, A., Malvone, V.: An abstraction-refinement framework for verifying strategic properties in multi-agent systems with imperfect information. Artif. Intell. 316, 103847 (2023). https://doi.org/10.1016/j.artint.2022.103847
Belardinelli, F., Lomuscio, A., Malvone, V.: An abstraction- based method for verifying strategic properties in multi-agent systems with imperfect information. In: The Thirty-Third AAAI Conference on Artificial Intelligence, AAAI 2019, Honolulu, Hawaii, USA, 2019. AAAI Press, pp. 6030–6037 (2019). https://doi.org/10.1609/aaai.v33i01.33016030
Belardinelli, F., Malvone, V.: A three-valued approach to strategic abilities under imperfect information. In: Calvanese, D., Erdem, E., Thielscher, M., (eds.) Proceedings of the 17th International Conference on Principles of Knowledge Representation and Reasoning, KR 2020, Rhodes, Greece, 2020, pp. 89–98 (2020). https://doi.org/10.24963/kr.2020/10
Belardinelli, F., et al.: Approximating perfect recall when model checking strategic abilities: theory and applications. J. Artif. Intell. Res. 73, 897–932 (2022). https://doi.org/10.1613/jair.1.12539
Belardinelli, F., et al.: Strategy logic with simple goals: tractable reasoning about strategies. In: Kraus, S., (ed.) Proceedings of the Twenty-Eighth International Joint Conference on Artificial Intelligence, IJCAI 2019, Macao, China, August 10–16, pp. 88–94 (2019). https://www.ijcai.org/, https://doi.org/10.24963/ijcai.2019/13
Dima, C., Tiplea, F.L.: Model-checking ATL under imperfect information and perfect recall semantics is undecidable. CoRR abs/1102.4225 (2011). https://hal.science/hal-01699948
Do, C.T et al.: Game theory for cyber security and privacy. ACM Comput. Surv. 50(2) (2017). ISSN: 0360–0300, https://doi.org/10.1145/3057268
Emerson, E.A., Clarke, E.M.: Using branching time temporal logic to synthesize synchronization skeletons. Sci. Comput. Program. 2(3), 241–266 (1982). ISSN: 0167–6423. https://doi.org/10.1016/0167-6423(83)90017-5, https://www.sciencedirect.com/science/article/pii/0167642383900175
Mogavero, F.., et al.: Reasoning about strategies: on the model-checking problem. ACM Trans. Comput. Logic 15(4), 34:1–34:47 (2014). https://doi.org/10.1145/2631917
Ferrando, A., Malvone, V.: Towards the verification of strategic properties in multi-agent systems with imperfect information. In: Agmon, N. (ed.) Proceedings of the 2023 International Conference on Autonomous Agents and Multiagent Systems, AAMAS 2023, London, United Kingdom, 29 May 2023–2, June 2023 ACM, 2023, pp. 793–801. https://doi.org/10.5555/3545946.3598713. URL: https://dl.acm.org/doi/10.5555/3545946.3598713
Fraunholz, D., Zimmermann, M., Schotten, H.D.: An adaptive honeypot configuration, deployment and maintenance strategy. In: 2017 19th International Conference on Advanced Communication Technology (ICACT), pp. 53–57 (2017). https://doi.org/10.23919/ICACT.2017.7890056
Van Der Hoek, W., Wooldridge, M.: Tractable multiagent planning for epistemic goals. In: The First International Joint Conference on Autonomous Agents & Multiagent Systems, AAMAS 2002, July 15–19, 2002, Bologna, Italy, Proceedings. ACM, pp. 1167–1174 (2002). https://doi.org/10.1145/545056.545095
Jamroga, W., van der Hoek, W.: Agents that know how to play. Fundamenta Informaticae 63(2–3), 185–219 (2004)
Jamroga, W., Malvone, V., Murano, A.: Natural strategic ability under imperfect information. In: Elkind, E., et al., (eds.) Proceedings of the 18th International Conference on Autonomous Agents and MultiAgent Systems, AAMAS 2019, Montreal, QC, Canada, May 13–17, 2019. International Foundation for Autonomous Agents and Multiagent Systems, pp. 962–970 (2019). http://dl.acm.org/citation.cfm?id=3331791
Mitre Att &ck. https://attack.mitre.org/. Accessed 30 Jan 01 2023
Mogavero, F., et al.: Reasoning about strategies: on the model-checking problem. English. ACM Trans. Comput. Logic 15(4), 1–47 (2014). ISSN: 1529–3785. https://doi.org/10.1145/2631917
Okhravi, H., et al.: Finding focus in the blur of moving-target techniques. IEEE Secur. Priv. 12(2), 16–26 (2014). https://doi.org/10.1109/MSP.2013.137
Pauna, A., Bica, I.: RASSH - reinforced adaptive SSH honeypot. In: 2014 10th International Conference on Communications (COMM). IEEE, pp. 1–6 (2014). https://doi.org/10.1109/ICComm.2014.6866707
Acknowledgement
This work was carried out within SEIDO Lab, a joint research laboratory covering research topics in the field of smart grids, e.g, distributed intelligence, service collaboration, cybersecurity, and privacy. It involves researchers from academia (Télécom Paris, Télécom SudParis, CNRS LAAS) and industry (EDF R &D).
The author thank Vadim Malvone, Jean Leneutre, and Youssef Laarouchi for their contribution to the work.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Ballot, G. (2023). Capacity ATL: Reasoning About Agent Profiles and Applications to Cybersecurity. In: Malvone, V., Murano, A. (eds) Multi-Agent Systems. EUMAS 2023. Lecture Notes in Computer Science(), vol 14282. Springer, Cham. https://doi.org/10.1007/978-3-031-43264-4_34
Download citation
DOI: https://doi.org/10.1007/978-3-031-43264-4_34
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-43263-7
Online ISBN: 978-3-031-43264-4
eBook Packages: Computer ScienceComputer Science (R0)