TY - GEN
T1 - How Shall We Play a Game?
T2 - 30th IEEE Computer Security Foundations Symposium, CSF 2017
AU - Bao, Tiffany
AU - Shoshitaishvili, Yan
AU - Wang, Ruoyu
AU - Kruegel, Christopher
AU - Vigna, Giovanni
AU - Brumley, David
N1 - Publisher Copyright:
© 2017 IEEE.
PY - 2017/9/25
Y1 - 2017/9/25
N2 - Automated techniques and tools for finding, exploiting and patching vulnerabilities are maturing. In order to achieve an end goal such as winning a cyber-battle, these techniques and tools must be wielded strategically. Currently, strategy development in cyber - even with automated tools - is done manually, and is a bottleneck in practice. In this paper, we apply game theory toward the augmentation of the human decision-making process.Our work makes two novel contributions. First, previous work is limited by strong assumptions regarding the number of actors, actions, and choices in cyber-warfare. We develop a novel model of cyber-warfare that is more comprehensive than previous work, removing these limitations in the process. Second, we present an algorithm for calculating the optimal strategy of the players in our model. We show that our model is capable of finding better solutions than previous work within seconds, making computer-time strategic reasoning a reality. We also provide new insights, compared to previous models, on the impact of optimal strategies.
AB - Automated techniques and tools for finding, exploiting and patching vulnerabilities are maturing. In order to achieve an end goal such as winning a cyber-battle, these techniques and tools must be wielded strategically. Currently, strategy development in cyber - even with automated tools - is done manually, and is a bottleneck in practice. In this paper, we apply game theory toward the augmentation of the human decision-making process.Our work makes two novel contributions. First, previous work is limited by strong assumptions regarding the number of actors, actions, and choices in cyber-warfare. We develop a novel model of cyber-warfare that is more comprehensive than previous work, removing these limitations in the process. Second, we present an algorithm for calculating the optimal strategy of the players in our model. We show that our model is capable of finding better solutions than previous work within seconds, making computer-time strategic reasoning a reality. We also provide new insights, compared to previous models, on the impact of optimal strategies.
UR - http://www.scopus.com/inward/record.url?scp=85033785159&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85033785159&partnerID=8YFLogxK
U2 - 10.1109/CSF.2017.34
DO - 10.1109/CSF.2017.34
M3 - Conference contribution
AN - SCOPUS:85033785159
T3 - Proceedings - IEEE Computer Security Foundations Symposium
SP - 7
EP - 21
BT - Proceedings - IEEE 30th Computer Security Foundations Symposium, CSF 2017
PB - IEEE Computer Society
Y2 - 21 August 2017 through 25 August 2017
ER -