Markov modeling of moving target defense games

We introduce a Markov-model-based framework for Moving Target Defense (MTD) analysis. The framework allows modeling of broad range of MTD strategies, provides general theorems about how the probability of a successful adversary defeating an MTD strategy is related to the amount of time/cost spent by the adversary, and shows how a multi-level composition of MTD strategies can be analyzed by a straightforward combination of the analysis for each one of these strategies. Within the proposed framework we define the concept of security capacity which measures the strength or effectiveness of an MTD strategy: the security capacity depends on MTD specific parameters and more general system parameters. We apply our framework to two concrete MTD strategies

Characterizing the Power of Moving Target Defense via Cyber Epidemic Dynamics

Moving Target Defense (MTD) can enhance the resilience of cyber systems against attacks. Although there have been many MTD techniques, there is no systematic understanding and {\em quantitative} characterization of the power of MTD. In this paper, we propose to use a cyber epidemic dynamics approach to characterize the power of MTD. We define and investigate two complementary measures that are applicable when the defender aims to deploy MTD to achieve a certain security goal. One measure emphasizes the maximum portion of time during which the system can afford to stay in an undesired configuration (or posture), without considering the cost of deploying MTD. The other measure emphasizes the minimum cost of deploying MTD, while accommodating that the system has to stay in an undesired configuration (or posture) for a given portion of time. Our analytic studies lead to algorithms for optimally deploying MTD.Comment: 12 pages; 4 figures; Hotsos 14, 201

A Comprehensive Insight into Game Theory in relevance to Cyber Security

The progressively ubiquitous connectivity in the present information systems pose newer challenges tosecurity. The conventional security mechanisms have come a long way in securing the well-definedobjectives of confidentiality, integrity, authenticity and availability. Nevertheless, with the growth in thesystem complexities and attack sophistication, providing security via traditional means can beunaffordable. A novel theoretical perspective and an innovative approach are thus required forunderstanding security from decision-making and strategic viewpoint. One of the analytical tools whichmay assist the researchers in designing security protocols for computer networks is game theory. Thegame-theoretic concept finds extensive applications in security at different levels, including thecyberspace and is generally categorized under security games. It can be utilized as a robust mathematicaltool for modelling and analyzing contemporary security issues. Game theory offers a natural frameworkfor capturing the defensive as well as adversarial interactions between the defenders and the attackers.Furthermore, defenders can attain a deep understanding of the potential attack threats and the strategiesof attackers by equilibrium evaluation of the security games. In this paper, the concept of game theoryhas been presented, followed by game-theoretic applications in cybersecurity including cryptography.Different types of games, particularly those focused on securing the cyberspace, have been analysed andvaried game-theoretic methodologies including mechanism design theories have been outlined foroffering a modern foundation of the science of cybersecurity

Optimal Liability for Terrorism

This paper analyzes the normative role for civil liability in aligning terrorism precaution incentives, when the perpetrators of terrorism are unreachable by courts or regulators. We consider the strategic interaction among targets, subsidiary victims, and terrorists within a sequential, game-theoretic model. The model reveals that, while an "optimal" liability regime indeed exists, its features appear at odds with conventional legal templates. For example, it frequently prescribes damages payments from seemingly unlikely defendants, directing them to seemingly unlikely plaintiffs. The challenge of introducing such a regime using existing tort law doctrines, therefore, is likely to be prohibitive. Instead, we argue, efficient precaution incentives may be best provided by alternative policy mechanisms, such as a mutual public insurance pool for potential targets of terrorism, coupled with direct compensation to victims of terrorist attacks.

Playing strategically against nature? – Decisions viewed from a game-theoretic frame

Common research on decision-making investigates non-interdependent situations, i.e., “games against nature”. However, humans are social beings and many decisions are made in social settings, where they mutually influence each other, i.e., “strategic games”. Mathematical game theory gives a benchmark for rational decisions in such situations. The strategic character makes psychological decision-making more complex by introducing the outcomes for others as an additional attribute of that situation; it also broadens the field for potential coordination and cooperation problems. From an evolutionary point of view, behavior in strategic situations was at a competitive edge. This paper demonstrates that even in games against nature, people sometimes decide as if they were in a strategic game; it outlines theoretical and empirical consequences of such a shift of the frame. It examines whether some irrationalities of human decision-making might be explained by such a shift in grasping the situation. It concludes that the mixed strategies in games against nature demand a high expertise and can only be found in situations where these strategies improve the effects of minimax-strategies that are used in cases of risk-aversion.

Towards an Uncertainty-Aware Adaptive Decision Engine for Self-Protecting Software: an POMDP-based Approach

The threats posed by evolving cyberattacks have led to increased research related to software systems that can self-protect. One topic in this domain is Moving Target Defense (MTD), which changes software characteristics in the protected system to make it harder for attackers to exploit vulnerabilities. However, MTD implementation and deployment are often impacted by run-time uncertainties, and existing MTD decision-making solutions have neglected uncertainty in model parameters and lack self-adaptation. This paper aims to address this gap by proposing an approach for an uncertainty-aware and self-adaptive MTD decision engine based on Partially Observable Markov Decision Process and Bayesian Learning techniques. The proposed approach considers uncertainty in both state and model parameters; thus, it has the potential to better capture environmental variability and improve defense strategies. A preliminary study is presented to highlight the potential effectiveness and challenges of the proposed approach