Abstract
Cyber-war is a growing form of threat to our society that involves multiple players executing simultaneously offensive and defensive operations. Given that cyber space is hyper dimensional and dynamic, human decision making must also incorporate numerous attributes and must be agile and adaptive. In this chapter, we review how computational models of human cognition can be scaled up from an individual model of a defender operating in a hostile environment, through a pair of models representing a defender and an attacker to multi-agents in a cyber-war. Following, we propose to study the decision making processes that drive the dynamics of cyber-war using a multi-agent model comprising of cognitive agents that learn to make decisions according to Instance-Based Learning Theory (IBLT). In this paradigm, the CyberWar game, assets and power are two key attributes that influence the decisions of agents. Assets represent the key resource that an agent is protecting from attacks while power represents technical prowess of an agent’s cyber security. All the agents share the same goal of maximizing their assets and they learn from experience to attack other agents and defend themselves in order to meet this goal. Importantly, they don’t learn by using predefined strategies, as many multi-agent models do, but instead they learn from experience according to the situation and actions of others, as suggested by the IBLT’s process. This chapter contributes to current research by: proposing a novel paradigm to study behavior in cyber-war, using a well-known cognitive model of decisions from experience to predict what possible human behavior would be in a simulated cyber-war, and demonstrating novel predictions regarding the effects of power and assets, two main contributors to cyber-war.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Alpcan T, Baar T (2010) Network security: A decision and game-theoretic approach. Cambridge University Press, Cambridge
Ben-Asher N, Dutt V, Gonzalez C (2013a) Accounting for integration of descriptive and experiential information in a repeated prisoner’s dilemma using an instance-based learning model. In: Kennedy B, Reitter D, Amant RS (eds) Proceedings of the 22nd Annual Conference on Behavior Representation in Modeling and Simulation, Ottawa, Canada, BRIMS Society
Ben-Asher N, Lebiere C, Oltramari A, Gonzalez C (2013b) Balancing fairness and efficiency in repeated societal interaction. In: Proceedings of the 35th Annual Meeting of the Cognitive Science Society, Humboldt Universität, Berlin, 31 July-3 August 2013
Bush RR, Mosteller F (1955) Stochastic models for learning. John Wiley & Sons: Oxford
Dutt V, Yamaguchi M, Gonzalez C, Proctor RW (2009) An instance-based learning model of stimulus-response compatibility effects in mixed location-relevant and location-irrelevant tasks. In: Howes A, Peebles D, Cooper R (eds) Proceedings of the 9th International Conference on Cognitive Modeling, Manchester, 24–26 July 2009
Dutt V, Ahn Y-S, Gonzalez C (2011). Cyber situation awareness: Modeling the security analyst in a cyber-attack scenario through instance-based learning. In: Li Y (ed) Lecture notes in computer science, vol 6818. Springer, Heidelberg, p 281–293
Dutt V, Ahn Y-S, Ben-Asher N, Gonzalez C (2012) Modeling the effects of base-rate on cyber threat detection performance. In: Rußwinkel N, Drewitz U, van Rijn H (eds) Proceedings of the 11th International Conference on Cognitive Modeling (ICCM 2012). Universitaetsverlag der TU, Berlin, p 88–93
Erev I, Roth AE (1998) Predicting how people play games: Reinforcement learning in experimental games with unique, mixed strategy equilibria. Am Econ Rev 88(4):848–881
Erev I, Glozman I, Hertwig R (2008) What impacts the impact of rare events. J Risk Uncertainty 36(2):153–177. doi:10.1007/s11166–008-9035-z
Erev I, Haruvy E (in press) Learning and the economics of small decisions. In: Kagel JH, Roth AE (eds) The handbook of experimental economics, vol 2. Princeton University Press, Princeton
Farwell JP, Rohozinski R (2011) Stuxnet and the future of cyber war. Survival 53(1):23–40. doi:10.1080/00396338.2011.555586
Gonzalez C, Dutt V (2010) Instance-based learning models of training. Proc Hum Fact Erg Soc An 54(27):2319–2323. doi:10.1177/154193121005402721
Gonzalez C, Lebiere C (2005) Instance-based cognitive models of decision making. In: Zizzo D, Courakis A (eds) Transfer of knowledge in economic decision-making. Macmillan, New York, p 148–165
Gonzalez C, Lerch JF, Lebiere C (2003). Instance-based learning in dynamic decision making. Cognitive Sci 27(4):591–635. doi:10.1016/S0364-0213(03)00031-4
Gonzalez C, Best BJ, Healy AF, Bourne LE Jr, Kole JA (2010) A cognitive modeling account of simultaneous learning and fatigue effects. J Cogn Sys Res 12(1):19–32. doi:10.1016/j.cogsys.2010.06.004
Gonzalez C, Ben-Asher N, Martin JM, Dutt V (2014a) Emergence of cooperation with increased information: Explaining the process with an instance-based learning model. Cognitive Sci (in press)
Gonzalez C, Ben-Asher N, Oltramari A, Lebiere C (2014b) Cognitive Models of Cyber Situation Awareness and Decision Making. In: Wang C, Kott A, Erbacher R (eds) Cyber defense and situational awareness. Springer, (in press
Hazon N, Chakraborty N, Sycara K (2011) Game theoretic modeling and computational analysis of n-player conflicts over resources. In:Proceedings of the 2011 IEEE International Conference on Privacy, Security, Risk and Trust and IEEE International Conference on Social Computing. IEEE, Los Alamitos, p 380–387. doi:10.1109/PASSAT/SocialCom.2011.178
Hertwig R, Barron G, Weber EU, Erev I (2004) Decisions from experience and the effect of rare events in risky choice. Psychol Sci 15(8):534–539. doi:10.1111/j.0956–7976.2004.00715.x
Hertwig, R, Barron G, Weber EU, Erev I (2006) The role of information sampling in risky choice. In: Fiedler K, Juslin P (eds) Information sampling and adaptive cognition. Cambridge University Press, New York, p 72–91
Kennedy WG, Hailegiorgis AB, Rouleau M, Bassett JK, Coletti M, Balan GC, Gulden T (2010) An agent-based model of conflict in East Africa and the effect of watering holes. In: Proceedings of the 19th Conference on Behavior Representation in Modeling and Simulation (BRiMS), p 112–119
Kotenko I (2005) Agent-based modeling and simulation of cyber-warfare between malefactors and security agents in internet. In: Merkuryev Y, Zobel R, Kerckhoffs E (eds) Proceedings of 19th European conference on modeling and simulation, Riga Technical University, Riga, 1–4 June 2005
Kotenko I (2007) Multi-agent modelling and simulation of cyber-attacks and cyber-defense for homeland security. In: Proceedings of the 4th IEEE workshop on intelligent data acquisition and advanced computing systems: technology and applications. IEEE, Los Alamitos, p 614–619
Lebiere C, Gonzalez C, Martin M (2007) Instance-based decision making model of repeated binary choice. In: Lewis RL, Polk TA, Laird JE (eds) Proceedings of the 8th International Conference on Cognitive Modeling. Ann Arbor, p 67–72
Lejarraga T, Dutt V, Gonzalez C (2010) Instance-based learning in repeated binary choice. Paper presented at the 31st Annual Conference of the Society for Judgement and Decision Making, St. Louis, 19–22 November 2010
Lejarraga T, Dutt V, Gonzalez C (2012) Instance-based learning: A general model of repeated binary choice. J Behav Decis Making 25(2):143–153
March JG (1996) Learning to be risk averse. Psychol Rev 103(2):309–319. doi:10.1037/0033-295X.103.2.309
Martin MK, Gonzalez C, Lebiere C (2004) Learning to make decisions in dynamic environments: ACT-R plays the beer game. In: Lovett MC, Schunn CD, Lebiere C, Munro P (eds) Proceedings of the Sixth International Conference on Cognitive Modeling, vol 420. Lawrence Erlbaum Associates Publishers, p 178–183
Martin JM, Juvina I, Lebiere C, Gonzalez C (2011) The effects of individual and context on aggression in repeated social interaction. In: Harris D (ed) Engineering psychology and cognitive ergonomics, HCII 2011, LNAI, vol 6781. Springer-Verlag, Berlin, p 442–451
Oltramari A, Lebiere C, Ben-Asher N, Juvina I, Gonzalez C (2013) Modeling strategic dynamics under alternative information conditions. In: West RL, Stewart TC (eds) Proceedings of the 12th international conference on cognitive modeling. ICCM, p 390–395
Roth AE, Erev I (1995) Learning in extensive-form games: Experimental data and simple dynamic models in the intermediate term. Game Econ Behav 8(1):164–212. doi:10.1016/S0899-8256(05)80020-X
Roy S, Ellis C, Shiva S, Dasgupta D, Shandilya V, Wu Q (2010) A survey of game theory as applied to network security. In: Sprague RH Jr. (ed) Proceedings of the 43rd Hawaii international conference on system sciences. IEEE: Los Alamitos
Shiva S, Roy S, Dasgupta D (2010). Game theory for cyber security. In: Sheldon FT, Prowell S, Abercrombie RK, Krings A (eds) Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research. ACM, New York, p 34
Sun R (2006) The CLARION cognitive architecture: Extending cognitive modeling to social simulation. In: Sun R (ed) Cognition and multi-agent interaction: From cognitive modeling to social simulation. Cambridge University Press, New York, p 79–99
Vigna G (2003) Teaching hands-on network security: Testbeds and live exercises. J Inf Warfare 3(2):8–25.
Wilensky U (1999) NetLogo.http://ccl.northwestern.edu/netlogo/. Center for Connected Learning and Computer-Based Modeling, Northwestern University, Evanston.
Acknowledgments
This research was partly supported by a Multidisciplinary University Research Initiative Award (MURI; # W911NF-09-1-0525) from Army Research Office and by the Army Research Laboratory under Cooperative Agreement Number W911NF-13-2-0045 (ARL Cyber Security CRA). The views and conclusions contained in this document are those of the authors and should not be interpreted as representing the official policies, either expressed or implied, of the Army Research Laboratory or the U.S. Government. The U.S. Government is authorized to reproduce and distribute reprints for Government purposes notwithstanding any copyright notation here on. The authors would like to thank Hau-yu Wong, Dynamic Decision Making Laboratory, for help with editorial work in the paper. We also would like to thank Prashanth Rajivan for supporting the implementation of the Netlogo model and helpful inputs.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Ben-Asher, N., Gonzalez, C. (2015). CyberWar Game: A Paradigm for Understanding New Challenges of Cyber War. In: Jajodia, S., Shakarian, P., Subrahmanian, V., Swarup, V., Wang, C. (eds) Cyber Warfare. Advances in Information Security, vol 56. Springer, Cham. https://doi.org/10.1007/978-3-319-14039-1_10
Download citation
DOI: https://doi.org/10.1007/978-3-319-14039-1_10
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-14038-4
Online ISBN: 978-3-319-14039-1
eBook Packages: Computer ScienceComputer Science (R0)