Abstract
We investigate an adaptive cyber-defense scenario, where an attacker’s ability to compromise a targeted server increases progressively with probing, and the defender can erase attacker progress through a moving-target technique. The environment includes multiple resources, interdependent preferences, and asymmetric stealth. By combining systematic simulation over a strategy space with game-theoretic analysis, we identify equilibria for six versions of this environment. The results show how strategic outcomes vary qualitatively with environment conditions, and demonstrate the value of reliable probe detection in setting up an effective deterrent to attack.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Cheng, S.F., Wellman, M.P.: Iterated weaker-than-weak dominance. In: 20th International Joint Conference on Artificial Intelligence, Hyderabad, pp. 1233–1238 (2007)
van Dijk, M., Juels, A., Oprea, A., Rivest, R.L.: FlipIt: The game of “stealthy takeover”. Journal of Cryptology 26, 655–713 (2013)
Duong, Q., LeFevre, K., Wellman, M.P.: Strategic modeling of information sharing among data privacy attackers. Informatica 34, 151–158 (2010)
Evans, D., Nguyen-Tuong, A., Knight, J.: Effectiveness of moving target defenses. In: Jajodia, et al. (2011)
Jajodia, S., Ghosh, A.K., Swarup, V., Wang, C., Wang, X.S. (eds.): Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats. Springer (2011)
Knuth, D.E., Papadimitriou, C.H., Tsitsiklis, J.N.: A note on strategy elimination in bimatrix games. Operations Research Letters 7, 103–107 (1988)
Laszka, A., Horvath, G., Felegyhazi, M., Buttyán, L.: FlipThem: Modeling targeted attacks with FlipIt for multiple resources. In: Poovendran, R., Saad, W. (eds.) GameSec 2014. LNCS, vol. 8840, pp. 173–192. Springer, Heidelberg (2014)
Laszka, A., Johnson, B., Grossklags, J.: Mitigating covert compromises: A game-theoretic model of targeted and non-targeted covert attacks. In: Chen, Y., Immorlica, N. (eds.) WINE 2013. LNCS, vol. 8289, pp. 319–332. Springer, Heidelberg (2013b)
Laszka, A., Johnson, B., Grossklags, J.: Mitigation of targeted and non-targeted covert attacks as a timing game. In: Das, S.K., Nita-Rotaru, C., Kantarcioglu, M. (eds.) GameSec 2013. LNCS, vol. 8252, pp. 175–191. Springer, Heidelberg (2013c)
McKelvey, R.D., McLennan, A.M., Turocy, T.L.: Gambit: Software tools for game theory, version 13.1.2 (2014), www.gambit-project.org
Okhravi, H., Hobson, T., Bigelow, D., Streilein, W.: Finding focus in the blur of moving-target techniques. IEEE Security and Privacy 12(2), 16–26 (2014)
Pfleeger, C.P., Pfleeger, S.L.: Analyzing Computer Security: A Threat/Vulnerability/Countermeasure Approach. Prentice Hall (2012)
Pham, V., Cid, C.: Are we compromised? Modelling security assessment games. In: Grossklags, J., Walrand, J. (eds.) GameSec 2012. LNCS, vol. 7638, pp. 234–247. Springer, Heidelberg (2012)
Wellman, M.P.: Methods for empirical game-theoretic analysis (extended abstract). In: 21st National Conference on Artificial Intelligence, Boston, pp. 1552–1555 (2006)
Wellman, M.P., Kim, T.H., Duong, Q.: Analyzing incentives for protocol compliance in complex domains: A case study of introduction-based routing. In: Twelfth Workshop on the Economics of Information Security (2013)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Wellman, M.P., Prakash, A. (2014). Empirical Game-Theoretic Analysis of an Adaptive Cyber-Defense Scenario (Preliminary Report). In: Poovendran, R., Saad, W. (eds) Decision and Game Theory for Security. GameSec 2014. Lecture Notes in Computer Science, vol 8840. Springer, Cham. https://doi.org/10.1007/978-3-319-12601-2_3
Download citation
DOI: https://doi.org/10.1007/978-3-319-12601-2_3
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-12600-5
Online ISBN: 978-3-319-12601-2
eBook Packages: Computer ScienceComputer Science (R0)