Abstract
This work examines propagation of cyber-threats over networks under an adversarial formulation. Exploiting Kendall's birth-death-immigration model, we propose an analytical framework to describe the stochastic dynamics of cyber-threat propagation in a collection of heterogeneous sub-networks characterized by different attributes. We propose two formalisations of the problem as zero-sum games involving two adversaries: an attacker, who launches cyber-threats across the distinct sub-networks; and a defender, who tries to mitigate the threats by delivering suitable countermeasures. According to the first formalisation, the interplay between the defender and the attacker is modelled as a Stackelberg leader-follower game, while the second formalisation considers a strategic game wherein the two contenders play simultaneously without knowing the choice of the other player. We derive the equilibrium strategies for both versions of the game, and discuss a number of insightful interplays and ramifications of the different equilibrium points for the problem at hand. The equilibrium strategies depend on three fundamental attributes: i) the available resource budget of the attacker and the defender; ii) the capacity of the legitimate nodes to (unintentionally) forward the threat across the network, after they have been compromised during the propagation of the threat; iii) the intrinsic characteristics of the sub-networks, namely, their immunity to the attacks, their inertia in responding to the countermeasures, and the importance of the individual sub-networks. The relevance of the proposed solution is illustrated through a series of examples and numerical simulations.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
More From: IEEE Transactions on Information Forensics and Security
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.