24 research outputs found
Game Theory Meets Network Security: A Tutorial at ACM CCS
The increasingly pervasive connectivity of today's information systems brings
up new challenges to security. Traditional security has accomplished a long way
toward protecting well-defined goals such as confidentiality, integrity,
availability, and authenticity. However, with the growing sophistication of the
attacks and the complexity of the system, the protection using traditional
methods could be cost-prohibitive. A new perspective and a new theoretical
foundation are needed to understand security from a strategic and
decision-making perspective. Game theory provides a natural framework to
capture the adversarial and defensive interactions between an attacker and a
defender. It provides a quantitative assessment of security, prediction of
security outcomes, and a mechanism design tool that can enable
security-by-design and reverse the attacker's advantage. This tutorial provides
an overview of diverse methodologies from game theory that includes games of
incomplete information, dynamic games, mechanism design theory to offer a
modern theoretic underpinning of a science of cybersecurity. The tutorial will
also discuss open problems and research challenges that the CCS community can
address and contribute with an objective to build a multidisciplinary bridge
between cybersecurity, economics, game and decision theory
Defensive Cyber Maneuvers to Disrupt Cyber Attackers
erimeter based defenses are limited in deterring and defeating cyberattacks. Multi-layered approaches are needed to provide robust cybersecurity and defend against Advanced Persistent Threats. Proactive defensive cyber actions can provide positional or temporal advantages over an adversary in the cognitive, technical, and physical domains. These actions comprise cyber maneuvers, which are implemented reconfigurations to a network that aim to make attackers more visible and detectable, impede attacker progress, and reduce attackers’ chances of mission success. Technical actions and response are the primary focus of most current cyber defense frameworks with little attention on adversary behavioral and cognitive effects. We describe the enhanced cyber maneuver framework which addresses cognitive and behavioral responses to cyber effects. We present experimental results that demonstrate the framework and a testing approach to collect supporting findings on the effects of cyber maneuvers