HackAttack: Game-Theoretic Analysis of Realistic Cyber Conflicts

Ferragut, Erik M; Brady, Andrew C; Brady, Ethan J; Ferragut, Jacob M; Ferragut, Nathan M; Wildgruber, Max C

doi:10.1145/2897795.2897801

Title: HackAttack: Game-Theoretic Analysis of Realistic Cyber Conflicts

Conference · Fri Jan 01 00:00:00 EST 2016

DOI:https://doi.org/10.1145/2897795.2897801· OSTI ID:1330518

Ferragut, Erik M ^[1]; Brady, Andrew C ^[2]; Brady, Ethan J ^[3]; Ferragut, Jacob M ^[3]; Ferragut, Nathan M ^[3]; Wildgruber, Max C ^[1]

ORNL
Jefferson Middle School, Oak Ridge, TN
Oak Ridge High School, Oak Ridge, TN

Game theory is appropriate for studying cyber conflict because it allows for an intelligent and goal-driven adversary. Applications of game theory have led to a number of results regarding optimal attack and defense strategies. However, the overwhelming majority of applications explore overly simplistic games, often ones in which each participant s actions are visible to every other participant. These simplifications strip away the fundamental properties of real cyber conflicts: probabilistic alerting, hidden actions, unknown opponent capabilities. In this paper, we demonstrate that it is possible to analyze a more realistic game, one in which different resources have different weaknesses, players have different exploits, and moves occur in secrecy, but they can be detected. Certainly, more advanced and complex games are possible, but the game presented here is more realistic than any other game we know of in the scientific literature. While optimal strategies can be found for simpler games using calculus, case-by-case analysis, or, for stochastic games, Q-learning, our more complex game is more naturally analyzed using the same methods used to study other complex games, such as checkers and chess. We define a simple evaluation function and employ multi-step searches to create strategies. We show that such scenarios can be analyzed, and find that in cases of extreme uncertainty, it is often better to ignore one s opponent s possible moves. Furthermore, we show that a simple evaluation function in a complex game can lead to interesting and nuanced strategies.

OSTI does not have a digital full text copy available. For more information, please see document availability, search WorldCat, or search Google Scholar.

Cite

Export

Save

Research Organization:: Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States)

Sponsoring Organization:: USDOE Laboratory Directed Research and Development (LDRD) Program

DOE Contract Number:: AC05-00OR22725

OSTI ID:: 1330518

Resource Relation:: Conference: 11th Annual Cyber and Information Security Research (CISR) Conference, Oak Ridge, TN, USA, 20160405, 20160407

Country of Publication:: United States

Language:: English

Similar Records

N-person game playing and artificial intelligence

Miscellaneous · Sun Jan 01 00:00:00 EST 1989 · OSTI ID:1330518

Luckhardt, C A

Dominion. A game exploring information exploitation

Thesis/Dissertation · Sun Mar 01 00:00:00 EST 2015 · OSTI ID:1330518

Hobbs, Jacob Aaron

Cyber risk assessment and investment optimization using game theory and ML-based anomaly detection and mitigation for wide-area control in smart grids

Other · Mon Aug 01 00:00:00 EDT 2022 · OSTI ID:1330518

Hyder, Burhan

Related Subjects

game theory
cyber security
botnets
strategy

Title: HackAttack: Game-Theoretic Analysis of Realistic Cyber Conflicts

Citation Formats

Similar Records

Related Subjects