Behavioral and Game-Theoretic Security Investments in Interdependent Systems Modeled by Attack Graphs

  title={Behavioral and Game-Theoretic Security Investments in Interdependent Systems Modeled by Attack Graphs},
  author={Mustafa Abdallah and Parinaz Naghizadeh and Ashish Ranjan Hota and Timothy N. Cason and Saurabh Bagchi and Shreyas Sundaram},
  journal={IEEE Transactions on Control of Network Systems},
In this article, we consider a system consisting of multiple interdependent assets, and a set of defenders, each responsible for securing a subset of the assets against an attacker. The interdependencies between the assets are captured by an attack graph, where an edge from one asset to another indicates that if the former asset is compromised, an attack can be launched on the latter asset. Each edge has an associated probability of successful attack, which can be reduced via security… 

Figures from this paper

The Effect of Behavioral Probability Weighting in a Sequential Defender-Attacker Game
This work considers a setting consisting of two sites, and a sequential game between a defender and an attacker who are responsible for securing and attacking the sites, respectively, and describes how nonlinear probability weighting affects the security investments made by the defender.
The Effect of Behavioral Probability Weighting in a Simultaneous Multi-Target Attacker-Defender Game
It is shown via numerical experiments that behavioral decision-making by the defender causes the Nash Equilibrium investments in each node to change (where the defender overinvests in the high-value nodes and underinvests the low-value node), and behavioral probability weighting on the investment strategies is investigated.
Combining Hybrid Input-Output Automaton and Game Theory for Security Modeling of Cyber-Physical Systems
This work considers a security setting in which the CyberPhysical System (CPS) is composed of subnetworks where each subnetwork is under ownership of one defender and model such CPS using Hybrid Input-Output Automaton (HIOA) where eachSubnetwork is represented by a HIOA module.
The Impact of Network Design Interventions on CPS Security
We study a game-theoretic model of the interactions between a Cyber-Physical System’s (CPS) operator (the defender) against an attacker who launches stepping-stone attacks to reach critical assets
Morshed: Guiding Behavioral Decision-Makers towards Better Security Investment in Interdependent Systems
We model the behavioral biases of human decision-making in securing interdependent systems and show that such behavioral decision-making leads to a suboptimal pattern of resource allocation compared
Combining Hybrid Input-Output Automaton and Game Theory for modelling Cyber-Physical Systems
This work considers a security setting in which the Cyber-Physical System is composed of subnetworks where each subnetwork under ownership of one defender is represented by an attack graph where the defenders are required to invest on the graph's edges in order to protect their critical assets.
Harnessing the Power of Deception in Attack Graph-Based Security Games
This work empirically demonstrates that using deception on attack graphs gives the defender a significant advantage, and provides two techniques for efficiently solving this problem: a mixed-integer linear program for layered directed acyclic graphs (DAG) and neural architecture search for general DAGs.
The optimal privacy strategy of cloud service based on evolutionary game
  • P. Sun
  • Computer Science
    Cluster Computing
  • 2020
A quantitative benefit of game strategy is constructed, evolutionary game theory is used to build a game model of attack protection, the optimal protection strategy selection algorithm is proposed, and the stable equilibrium solution is made based on limited rational constraints.
Evaluating the Security and Economic Effects of Moving Target Defense Techniques on the Cloud
This paper introduces mathematical definitions for the combination of three MTD techniques, and introduces a strategy to effectively deploy Shuffle MTD technique using a virtual machine placement technique and two strategies to deploy DiversityMTD technique through operating system diversification.
A Risk Estimation Framework for Security Threats in Computer Networks
A framework for security risk estimation is proposed that represents the security knowledge required forSecurity risk estimation and utilizes current security metrics and vulnerability databases and is applied to a sample network to show its applicability and usability in operational environments.


The Impacts of Behavioral Probability Weighting on Security Investments in Interdependent Systems
This work considers a system consisting of multiple interdependent assets, and a set of defenders, each responsible for securing a subset of the assets against an attacker, and shows that the presence of a defender who exhibits behavioral probability weighting can be beneficial for the other defenders in the network, in terms of making their assets more secure.
Interdependent Security Games on Networks Under Behavioral Probability Weighting
This paper characterize graph topologies that achieve the largest and smallest worst case average attack probabilities at Nash equilibria in Total Effort games, and equilibrium investments in Weakest Link and Best Shot games.
A Game-Theoretic Framework for Securing Interdependent Assets in Networks
A general game-theoretic framework to model the security investments of resource-constrained stakeholders against targeted attacks and how this framework can be applied to determine deployment of moving target defense (MTD) in networks is developed.
Protecting Assets with Heterogeneous Valuations under Behavioral Probability Weighting
It is shown that behavioral probability weighting causes the defender to shift more of her investments to the higher-valued nodes and underinvest in the low-value nodes, compared to the case where the defender perceives the probability of attack correctly.
Interdependent Security With Strategic Agents and Cascades of Infection
  • R. La
  • Economics
    IEEE/ACM Transactions on Networking
  • 2016
It is demonstrated that, at least for some parameter regimes, the cascade probability increases with the average degree of nodes, in networks consisting of strategic agents with interdependent security.
A Survey of Interdependent Information Security Games
This survey summarizes game-theoretic interdependence models, characterize the emerging security inefficiencies, and present mechanisms to improve the security decisions of the participants.
A Network Monitoring Game with Heterogeneous Component Criticality Levels
This work considers an attacker-operator game for monitoring a large–scale network that is comprised of components that differ in their criticality levels and uses a previously developed approach to obtain an approximate Nash equilibrium in the general case.
Data Injection Attacks on Smart Grids With Multiple Adversaries: A Game-Theoretic Perspective
Results show that by defending a very small set of measurements, the grid operator can achieve an equilibrium through which the optimal attacks have no effect on the system, and how, at equilibrium, multiple attackers can play a destructive role toward each other by choosing to carry out attacks that cancel each other out, leaving the system unaffected.
A Centrality-Based Security Game for Multihop Networks
  • J. Riehl, M. Cao
  • Computer Science
    IEEE Transactions on Control of Network Systems
  • 2018
A fast centralized algorithm is presented that uses a monotone property of the utility function to compute saddle-point equilibrium strategies for the case of single-node attacks and single- or multiple-node defense and a method based on sequential simplification is proposed, which performs well in simulations.
Fragility of the commons under prospect-theoretic risk attitudes