Bayesian Games for Optimal Cybersecurity Investment with Incomplete Information on the Attacker

Yunfei Zhao, Linan Huang, Quanyan Zhu, Carol Smidts

Research output: Contribution to conferencePaperpeer-review

Abstract

The trend of digitization in various industrial systems has exposed them to an increasing number of cyberattacks. Therefore, it is of vital importance to reduce the cybersecurity risk of industrial systems through cost-effective decisions on cybersecurity investment. In making such decisions, the defender is usually faced with challenges that arise from incomplete information about the attacker. In this paper, we propose a Bayesian game approach to model the optimal cybersecurity investment strategy under such situations. In this approach, the defender categorizes the attacker into a finite number of types, e.g., various levels of capability, and assigns a probability distribution over the different types of attackers. Then, the defender optimizes his/her cybersecurity investment based on risk assessment considering the possible attack efforts of these various types of attackers, with the objective of minimizing the expected cyberattack loss and the cybersecurity investment cost. The proposed method is demonstrated using a numerical example. We perform a sensitivity analysis for model parameters that can be difficult to obtain in practical applications, e.g., the defender's loss caused by a successful attack. Key observations of the example include the threshold principle (i.e., the defender should not make any investment if the loss of a successful attack is below a certain threshold) and the conservation of loss (i.e., losses for one type of attacker may correspond to gains for another type of attacker). The proposed method can be used to support cybersecurity investment decisions by industrial system owners.

Original languageEnglish (US)
StatePublished - 2022
Event16th International Conference on Probabilistic Safety Assessment and Management, PSAM 2022 - Honolulu, United States
Duration: Jun 26 2022Jul 1 2022

Conference

Conference16th International Conference on Probabilistic Safety Assessment and Management, PSAM 2022
Country/TerritoryUnited States
CityHonolulu
Period6/26/227/1/22

ASJC Scopus subject areas

  • Safety, Risk, Reliability and Quality

Fingerprint

Dive into the research topics of 'Bayesian Games for Optimal Cybersecurity Investment with Incomplete Information on the Attacker'. Together they form a unique fingerprint.

Cite this