Presentation is loading. Please wait.

Presentation is loading. Please wait.

A Game Theoretic Model of Strategic Conflict in Cyberspace Operations Research Department Naval Postgraduate School, Monterey, CA 80 th MORS 12 June, 2012.

Published byAnnabel Stokes Modified over 9 years ago

Similar presentations

Presentation on theme: "A Game Theoretic Model of Strategic Conflict in Cyberspace Operations Research Department Naval Postgraduate School, Monterey, CA 80 th MORS 12 June, 2012."— Presentation transcript:

1 A Game Theoretic Model of Strategic Conflict in Cyberspace Operations Research Department Naval Postgraduate School, Monterey, CA 80 th MORS 12 June, 2012 Harrison C. Schramm David L. Alderson W. Matthew Carlyle Nedialko B. Dimitrov

2 Cyber Conflict - definitions Defining characteristic: how weapons in cyberspace (cyber weapons) are discovered, developed, and employed Our model is a high-level, strategic look at the problem of Cyber conflict Key question: How long should a belligerent in cyber conflict hold an exploit in development before attacking? 2

3 Cyber Conflict – Approach Cyber conflict may be viewed as a game Players discover and develop attacks, which they then exercise at a time of their choosing Analysis is abstracted away from specific technologies, systems, and exploits. – Similar to other models of combat. 3

4 Related Work JASON (2010) The Science of Cybersecurity – DOD report, recommends game theory as an analytic method Shiva et al (2010) Game theoretic approaches to protect cyberspace – Presents a taxonomy of game theoretic methods in cyberspace Lye & Wing (2002) Game strategies in network security Shen et al (2007) A Markov game theoretic approach for cyber situational awareness 4

5 Cyber munition life-cycle Discovery Development ObsolescenceEmployment Adversary Patch 5

6 Cyber Game Mechanics Discovery of Exploit – Game state indexed as, where T is the age of the game, represents the length of time player i has known the exploit Development of Munition – After a player has discovered the exploit, they may develop the exploit in accordance with some known function, 6

7 Game Mechanics II Employment – Once a player has the exploit, he may choose to use it. His action set is defined as: Obsolesce – If either player discovers and patches the exploit before an attack is executed, all munitions are worthless and the game ends. 7

8 State Transitions This state is recurrent until the first discovery is made

9 Our Analysis Zero Sum Two Players Identical Systems One zero-day Exploit Perfect Information 9

10 Solving the game relies on building on cases based on knowledge 10 No Players One player Both Players Solution Hierarchy; solving the case where neither player has the exploit depends on the one-player case, which in turn depends on the case where both players have the exploit.

11 The Base: Both Players know the Exploit If both players know the exploit, “Attack, Attack” is the optimum solution by iterated elimination of dominated strategies 11 We may compute the value of the game for cases where

12 State Transitions This state is recurrent until the first discovery is made Not Reachable for optimal players with perfect knowledge Absorbing

13 Situation II – One player knows the exploit Under what circumstances should Player 1 wait (and possibly gain attack value? For monotone functions, this is straightforward, but the general case is solved as well. 13 We may compute the value of the game for cases where

14 State Transitions Not Reachable Starting Here Will Player 2 Reach a better state on the axis? Before Player 1 Discovers the Exploit?

15 The general case – neither player knows the exploit… 15 we can compute the value of the game from any state, including

16 State Transitions Not Reachable for optimal players with perfect knowledge Absorbing Starting Here Who wins?

17 Numerical Analysis 17

18 Basic Case If the players have constant probability of detection, and constant attack value functions, then Player 1 will expect to win if:

19 Example II Suppose Players 1 and 2 have attack functions such that:. Here, we have to compute the optimum number of turns to wait before attacking, which turns out to be 5, matching our intuition

20 Example II – the effect of varying 20

21 Example II Suppose Players 1 and 2 have attack functions such that: Note that since Player 1 has the exploit, Is irrelevant

22 Example II Value function associated with example two. We see that the maximum value of occurs at Therefore, in this case, it is not ‘worth it’ to wait.

23 Extensions 23

24 Waiting Times What happens if we introduce non-productive waiting times? – Such as administrative approval chains – Or other reasons Conclusion: If you are slow to act, you can make it up (a little bit) by increasing capability in other areas, but only to a point.

25 State Transitions Discovers Here Cannot progress until w time periods pass

26 Waiting Times Payoff to Player 1 of an otherwise ‘even’ cyber game, where player 1 is forced to wait w time periods after discovery before any action may be taken.

27 Waiting Times II Player 1’s Required probability of detection, to ‘break even’ as a function of wait time. Note in this scenario that after 9 time periods, perfect detection is required; further advancements are not possible

28 Conclusion We present a lexicon and framework for analyzing cyber conflict Future work: – Multiple Attacks – Imperfect Information – Incorporating issues outside of cyber (i.e. kinetic) 28

29 NPS OR Cyber interest points of contact: CDR Harrison Schramm – hcschram@nps.edu hcschram@nps.edu – 831 656 2358 Professor Matt Carlyle – mcarlyle@nps.edu mcarlyle@nps.edu Professor Dave Alderson – dalders@nps.edu dalders@nps.edu – 831 656 1814 Professor Ned Dimitrov – ndimitrov@nps.edu ndimitrov@nps.edu – 831 656 3647

30 Backup 30

31 State Transitions

Download ppt "A Game Theoretic Model of Strategic Conflict in Cyberspace Operations Research Department Naval Postgraduate School, Monterey, CA 80 th MORS 12 June, 2012."

Similar presentations

N. Basilico, N. Gatti, F. Amigoni DEI, Politecnico di Milano Leader-Follower Strategies for Robotic Patrolling in Environments with Arbitrary Topology.

N. Basilico, N. Gatti, F. Amigoni DEI, Politecnico di Milano Leader-Follower Strategies for Robotic Patrolling in Environments with Arbitrary Topology.
F. Amigoni, N. Basilico, N. Gatti DEI, Politecnico di Milano Finding the Optimal Strategies in Robotic Patrolling with Adversaries in Topologically-Represented.

F. Amigoni, N. Basilico, N. Gatti DEI, Politecnico di Milano Finding the Optimal Strategies in Robotic Patrolling with Adversaries in Topologically-Represented.
Introduction to Game Theory

Introduction to Game Theory
Todd W. Neller Gettysburg College

Todd W. Neller Gettysburg College
GAME THEORY.

GAME THEORY.
Module 4 Game Theory To accompany Quantitative Analysis for Management, Tenth Edition, by Render, Stair, and Hanna Power Point slides created by Jeff Heyl.

Module 4 Game Theory To accompany Quantitative Analysis for Management, Tenth Edition, by Render, Stair, and Hanna Power Point slides created by Jeff Heyl.
Two-Player Zero-Sum Games

Two-Player Zero-Sum Games
Chapter 14 Infinite Horizon 1.Markov Games 2.Markov Solutions 3.Infinite Horizon Repeated Games 4.Trigger Strategy Solutions 5.Investing in Strategic Capital.

Chapter 14 Infinite Horizon 1.Markov Games 2.Markov Solutions 3.Infinite Horizon Repeated Games 4.Trigger Strategy Solutions 5.Investing in Strategic Capital.
Operations Research Assistant Professor Dr. Sana’a Wafa Al-Sayegh 2 nd Semester 2008-2009 ITGD4207 University of Palestine.

Operations Research Assistant Professor Dr. Sana’a Wafa Al-Sayegh 2 nd Semester ITGD4207 University of Palestine.
An Introduction to... Evolutionary Game Theory

An Introduction to... Evolutionary Game Theory
Eponine Lupo.  Questions from last time  3 player games  Games larger than 2x2—rock, paper, scissors  Review/explain Nash Equilibrium  Nash Equilibrium.

Eponine Lupo.  Questions from last time  3 player games  Games larger than 2x2—rock, paper, scissors  Review/explain Nash Equilibrium  Nash Equilibrium.
MIT and James Orlin © 2003 1 Game Theory 2-person 0-sum (or constant sum) game theory 2-person game theory (e.g., prisoner’s dilemma)

MIT and James Orlin © Game Theory 2-person 0-sum (or constant sum) game theory 2-person game theory (e.g., prisoner’s dilemma)
© 2015 McGraw-Hill Education. All rights reserved. Chapter 15 Game Theory.

© 2015 McGraw-Hill Education. All rights reserved. Chapter 15 Game Theory.
Markov Game Analysis for Attack and Defense of Power Networks Chris Y. T. Ma, David K. Y. Yau, Xin Lou, and Nageswara S. V. Rao.

Markov Game Analysis for Attack and Defense of Power Networks Chris Y. T. Ma, David K. Y. Yau, Xin Lou, and Nageswara S. V. Rao.
Markov Game Analysis for Attack and Defense of Power Networks Chris Y. T. Ma, David K. Y. Yau, Xin Lou, and Nageswara S. V. Rao.

Markov Game Analysis for Attack and Defense of Power Networks Chris Y. T. Ma, David K. Y. Yau, Xin Lou, and Nageswara S. V. Rao.
Slide 1 of 13 So... What’s Game Theory? Game theory refers to a branch of applied math that deals with the strategic interactions between various ‘agents’,

Slide 1 of 13 So... What’s Game Theory? Game theory refers to a branch of applied math that deals with the strategic interactions between various ‘agents’,
A camper awakens to the growl of a hungry bear and sees his friend putting on a pair of running shoes, “You can’t outrun a bear,” scoffs the camper. His.

A camper awakens to the growl of a hungry bear and sees his friend putting on a pair of running shoes, “You can’t outrun a bear,” scoffs the camper. His.
What is the Best Position? More Advanced Positioning February, 2013 - R. Baker1.

What is the Best Position? More Advanced Positioning February, R. Baker1.
Basics on Game Theory For Industrial Economics (According to Shy’s Plan)

Basics on Game Theory For Industrial Economics (According to Shy’s Plan)
Gabriel Tsang Supervisor: Jian Yang.  Initial Problem  Related Work  Approach  Outcome  Conclusion  Future Work 2.

Gabriel Tsang Supervisor: Jian Yang.  Initial Problem  Related Work  Approach  Outcome  Conclusion  Future Work 2.

Similar presentations

Ads by Google