A stochastic game model with imperfect information in cyber security
While there are significant advances in information technology and infrastructure which offer new opportunities, cyberspace is still far from completely secured. Recently, researchers have started exploring the applicability of game theory to address the cyber security problem. The interaction between the attacks and the defense mechanisms can be considered as a game played between the attacker and the defender (system administrator). One of the techniques that has been proposed in the literature used stochastic game models to emulate network security games and showed how to determine the best strategy for the defender considering the possible attack strategy used by the attacker. However, the prior research assumes that the players have perfect information about the current state of the game, which generally does not hold in reality. Our model relaxes this assumption and enriches the prior game models by enabling them to capture more realistic scenarios. In particular, this paper presents a theoretical analysis by which the defender can compute his/her best strategy to reach the Nash equilibrium of a stochastic game assuming imperfect sensory information. In addition, this paper shows that if the defender follows the strategy prescribed by the perfect information model, the Nash equilibrium is not achieved and the attacker's payoff can be higher. Our theoretical analysis is tested in simulation experiments and the results validate our approach.
5th European Conference on Information Management and Evaluation, ECIME 2011
Shiva, S., Roy, S., Bedi, H., Dasgupta, D., & Wu, Q. (2011). A stochastic game model with imperfect information in cyber security. 5th European Conference on Information Management and Evaluation, ECIME 2011, 308-318. Retrieved from https://digitalcommons.memphis.edu/facpubs/2418