Applying Game Theory to Cyberattacks and Defenses
Behzad Zare Moayedi, Mohammad Abdollahi Azgomi, “A Game Theoretic Framework for Evaluation of the Impacts of Hackers Diversity on Security Measures,” Reliability Engineering & System Safety, 99 (2012): 45-54 (full article behind paywall).
Abstract: Game theoretical methods offer new insights into quantitative evaluation of dependability and security. Currently, there is a wide range of useful game theoretic approaches to model the behaviour of intelligent agents. However, it is necessary to revise these approaches if there is a community of hackers with significant diversity in their behaviours. In this paper, we introduce a novel approach to extend the basic ideas of applying game theory in stochastic modelling. The proposed method classifies the community of hackers based on two main criteria used widely in hacker classifications, which are motivation and skill. We use Markov chains to model the system and compute the transition rates between the states based on the preferences and the skill distributions of hacker classes. The resulting Markov chains can be solved to obtain the desired security measures. We also present the results of an illustrative example using the proposed approach, which examines the relation between the attributes of the community of hackers and the security measures.
Malachi J • January 2, 2012 7:25 AM
Since I’m a PhD student whose research is in cyber security and game theory, I’ve seen papers like this quite a lot. This one, like many, seem to suffer from the same basic flaw. (I used my university access to see the full version of this paper)
The flaw is that they propose some framework to model these cyber security problems, but because of the computational complexity of solving these problems, they only consider very simple examples.
This would be ok if you could take the analysis of this simple problem and make some general statements that provide insight into the bigger problems. But with this setup and many others, you can’t make these generalizations.
Therefore, I feel the value add for these types of theoretical papers on cyber security are very limited