Empirical Game-Theoretic Analysis of an Adaptive Cyber-Defense Scenario (Preliminary Report)

Wellman, Michael P.; Prakash, Achintya

doi:10.1007/978-3-319-12601-2_3

Michael P. Wellman¹⁷ &
Achintya Prakash¹⁷

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8840))

Included in the following conference series:

International Conference on Decision and Game Theory for Security

2004 Accesses
9 Citations

Abstract

We investigate an adaptive cyber-defense scenario, where an attacker’s ability to compromise a targeted server increases progressively with probing, and the defender can erase attacker progress through a moving-target technique. The environment includes multiple resources, interdependent preferences, and asymmetric stealth. By combining systematic simulation over a strategy space with game-theoretic analysis, we identify equilibria for six versions of this environment. The results show how strategic outcomes vary qualitatively with environment conditions, and demonstrate the value of reliable probe detection in setting up an effective deterrent to attack.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Cheng, S.F., Wellman, M.P.: Iterated weaker-than-weak dominance. In: 20th International Joint Conference on Artificial Intelligence, Hyderabad, pp. 1233–1238 (2007)
Google Scholar
van Dijk, M., Juels, A., Oprea, A., Rivest, R.L.: FlipIt: The game of “stealthy takeover”. Journal of Cryptology 26, 655–713 (2013)
Article MATH Google Scholar
Duong, Q., LeFevre, K., Wellman, M.P.: Strategic modeling of information sharing among data privacy attackers. Informatica 34, 151–158 (2010)
MATH Google Scholar
Evans, D., Nguyen-Tuong, A., Knight, J.: Effectiveness of moving target defenses. In: Jajodia, et al. (2011)
Google Scholar
Jajodia, S., Ghosh, A.K., Swarup, V., Wang, C., Wang, X.S. (eds.): Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats. Springer (2011)
Google Scholar
Knuth, D.E., Papadimitriou, C.H., Tsitsiklis, J.N.: A note on strategy elimination in bimatrix games. Operations Research Letters 7, 103–107 (1988)
Article MathSciNet MATH Google Scholar
Laszka, A., Horvath, G., Felegyhazi, M., Buttyán, L.: FlipThem: Modeling targeted attacks with FlipIt for multiple resources. In: Poovendran, R., Saad, W. (eds.) GameSec 2014. LNCS, vol. 8840, pp. 173–192. Springer, Heidelberg (2014)
Google Scholar
Laszka, A., Johnson, B., Grossklags, J.: Mitigating covert compromises: A game-theoretic model of targeted and non-targeted covert attacks. In: Chen, Y., Immorlica, N. (eds.) WINE 2013. LNCS, vol. 8289, pp. 319–332. Springer, Heidelberg (2013b)
Chapter Google Scholar
Laszka, A., Johnson, B., Grossklags, J.: Mitigation of targeted and non-targeted covert attacks as a timing game. In: Das, S.K., Nita-Rotaru, C., Kantarcioglu, M. (eds.) GameSec 2013. LNCS, vol. 8252, pp. 175–191. Springer, Heidelberg (2013c)
Chapter Google Scholar
McKelvey, R.D., McLennan, A.M., Turocy, T.L.: Gambit: Software tools for game theory, version 13.1.2 (2014), www.gambit-project.org
Okhravi, H., Hobson, T., Bigelow, D., Streilein, W.: Finding focus in the blur of moving-target techniques. IEEE Security and Privacy 12(2), 16–26 (2014)
Article Google Scholar
Pfleeger, C.P., Pfleeger, S.L.: Analyzing Computer Security: A Threat/Vulnerability/Countermeasure Approach. Prentice Hall (2012)
Google Scholar
Pham, V., Cid, C.: Are we compromised? Modelling security assessment games. In: Grossklags, J., Walrand, J. (eds.) GameSec 2012. LNCS, vol. 7638, pp. 234–247. Springer, Heidelberg (2012)
Chapter Google Scholar
Wellman, M.P.: Methods for empirical game-theoretic analysis (extended abstract). In: 21st National Conference on Artificial Intelligence, Boston, pp. 1552–1555 (2006)
Google Scholar
Wellman, M.P., Kim, T.H., Duong, Q.: Analyzing incentives for protocol compliance in complex domains: A case study of introduction-based routing. In: Twelfth Workshop on the Economics of Information Security (2013)
Google Scholar

Download references

Author information

Authors and Affiliations

University of Michigan, Ann Arbor, MI, USA
Michael P. Wellman & Achintya Prakash

Authors

Michael P. Wellman
View author publications
You can also search for this author in PubMed Google Scholar
Achintya Prakash
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Electrical Engineering Department, Network Securitiy Lab, University of Washington, Box 352500, 98195-2055, Seattle, WA, USA
Radha Poovendran
Department of Electrical and Computer Engineering, Virginia Tech, Whittmore Hall 302, 1185 Perry Street, 24061, Blacksburg, VA, USA
Walid Saad

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Wellman, M.P., Prakash, A. (2014). Empirical Game-Theoretic Analysis of an Adaptive Cyber-Defense Scenario (Preliminary Report). In: Poovendran, R., Saad, W. (eds) Decision and Game Theory for Security. GameSec 2014. Lecture Notes in Computer Science, vol 8840. Springer, Cham. https://doi.org/10.1007/978-3-319-12601-2_3

Download citation

DOI: https://doi.org/10.1007/978-3-319-12601-2_3
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-12600-5
Online ISBN: 978-3-319-12601-2
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Empirical Game-Theoretic Analysis of an Adaptive Cyber-Defense Scenario (Preliminary Report)