@inproceedings{ab1847bec7e64d85950d00b8c910355a,
title = "A stochastic game model with imperfect information in cyber security",
abstract = "While there are significant advances in information technology and infrastructure which offer new opportunities, cyberspace is still far from completely secured. Recently, researchers have started exploring the applicability of game theory to address the cyber security problem. The interaction between the attacks and the defense mechanisms can be considered as a game played between the attacker and the defender (system administrator). One of the techniques that has been proposed in the literature used stochastic game models to emulate network security games and showed how to determine the best strategy for the defender considering the possible attack strategy used by the attacker. However, the prior research assumes that the players have perfect information about the current state of the game, which generally does not hold in reality. Our model relaxes this assumption and enriches the prior game models by enabling them to capture more realistic scenarios. In particular, this paper presents a theoretical analysis by which the defender can compute his/her best strategy to reach the Nash equilibrium of a stochastic game assuming imperfect sensory information. In addition, this paper shows that if the defender follows the strategy prescribed by the perfect information model, the Nash equilibrium is not achieved and the attacker's payoff can be higher. Our theoretical analysis is tested in simulation experiments and the results validate our approach.",
keywords = "Game theory, Imperfect information, Nash equilibrium, Network security, Simulation, Stochastic games",
author = "Sajjan Shiva and Sankardas Roy and Harkeerat Bedi and Dipankar Dasgupta and Qishi Wu",
year = "2011",
language = "English (US)",
isbn = "9781629934310",
series = "5th European Conference on Information Management and Evaluation, ECIME 2011",
publisher = "Academic Conferences Ltd",
pages = "308--318",
booktitle = "5th European Conference on Information Management and Evaluation, ECIME 2011",
note = "5th European Conference on Information Management and Evaluation, ECIME 2011 ; Conference date: 08-09-2011 Through 09-09-2011",
}