TY - GEN
T1 - GADAPT
T2 - 7th International Conference on Decision and Game Theory for Security, GameSec 2016
AU - Rass, Stefan
AU - Zhu, Quanyan
N1 - Publisher Copyright:
© Springer International Publishing AG 2016.
PY - 2016
Y1 - 2016
N2 - We present a dynamic game framework to model and design defense strategies for advanced persistent threats (APTs). The model is based on a sequence of nested finite two-person zero-sum games, in which the APT is modeled as the attempt to get through multiple protective shells of a system towards conquering the target located in the center of the infrastructure. In each stage, a sub-game captures the attack and defense interactions between two players, and its outcome determines the security level and the resilience against penetrations as well as the structure of the game in the next stage. By construction, interdependencies between protections at multiple stages are automatically accounted for by the dynamic game. The game model provides an analysis and design framework to develop effective protective layers and strategic defense-indepth strategies against APTs. We discuss a few closed form solutions of our sequential APT-games, upon which design problems can be formulated to optimize the quality of security (QoS) across several layers. Numerical experiments are conducted in this work to corroborate our results.
AB - We present a dynamic game framework to model and design defense strategies for advanced persistent threats (APTs). The model is based on a sequence of nested finite two-person zero-sum games, in which the APT is modeled as the attempt to get through multiple protective shells of a system towards conquering the target located in the center of the infrastructure. In each stage, a sub-game captures the attack and defense interactions between two players, and its outcome determines the security level and the resilience against penetrations as well as the structure of the game in the next stage. By construction, interdependencies between protections at multiple stages are automatically accounted for by the dynamic game. The game model provides an analysis and design framework to develop effective protective layers and strategic defense-indepth strategies against APTs. We discuss a few closed form solutions of our sequential APT-games, upon which design problems can be formulated to optimize the quality of security (QoS) across several layers. Numerical experiments are conducted in this work to corroborate our results.
UR - http://www.scopus.com/inward/record.url?scp=84994895317&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84994895317&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-47413-7_18
DO - 10.1007/978-3-319-47413-7_18
M3 - Conference contribution
AN - SCOPUS:84994895317
SN - 9783319474120
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 314
EP - 326
BT - Decision and Game Theory for Security - 7th International Conference, GameSec 2016, Proceedings
A2 - Panaousis, Emmanouil
A2 - Tambe, Milind
A2 - Alpcan, Tansu
A2 - Casey, William
A2 - Zhu, Quanyan
PB - Springer Verlag
Y2 - 2 November 2016 through 4 November 2016
ER -