A stochastic game model with imperfect information in cyber security

Sajjan Shiva, Sankardas Roy, Harkeerat Bedi, Dipankar Dasgupta, Qishi Wu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

5 Scopus citations

Abstract

While there are significant advances in information technology and infrastructure which offer new opportunities, cyberspace is still far from completely secured. Recently, researchers have started exploring the applicability of game theory to address the cyber security problem. The interaction between the attacks and the defense mechanisms can be considered as a game played between the attacker and the defender (system administrator). One of the techniques that has been proposed in the literature used stochastic game models to emulate network security games and showed how to determine the best strategy for the defender considering the possible attack strategy used by the attacker. However, the prior research assumes that the players have perfect information about the current state of the game, which generally does not hold in reality. Our model relaxes this assumption and enriches the prior game models by enabling them to capture more realistic scenarios. In particular, this paper presents a theoretical analysis by which the defender can compute his/her best strategy to reach the Nash equilibrium of a stochastic game assuming imperfect sensory information. In addition, this paper shows that if the defender follows the strategy prescribed by the perfect information model, the Nash equilibrium is not achieved and the attacker's payoff can be higher. Our theoretical analysis is tested in simulation experiments and the results validate our approach.

Original languageEnglish (US)
Title of host publication5th European Conference on Information Management and Evaluation, ECIME 2011
Pages308-318
Number of pages11
StatePublished - 2011
Externally publishedYes
Event5th European Conference on Information Management and Evaluation, ECIME 2011 - Como, Italy
Duration: Sep 8 2011Sep 9 2011

Publication series

Name5th European Conference on Information Management and Evaluation, ECIME 2011

Other

Other5th European Conference on Information Management and Evaluation, ECIME 2011
Country/TerritoryItaly
CityComo
Period9/8/119/9/11

All Science Journal Classification (ASJC) codes

  • Information Systems and Management
  • Management Science and Operations Research

Keywords

  • Game theory
  • Imperfect information
  • Nash equilibrium
  • Network security
  • Simulation
  • Stochastic games

Fingerprint

Dive into the research topics of 'A stochastic game model with imperfect information in cyber security'. Together they form a unique fingerprint.

Cite this