Game-Theoretic Model and Experimental Investigation of Cyber Wargaming

TL;DR

This paper demonstrates how game-theoretic models can assist cyber wargaming by providing strategic decision tools through payoff and penetration matrices, validated with a US Army tabletop experiment.

Contribution

It introduces a formal game-theoretic framework for cyber wargaming strategies, linking military COA methodology with cybersecurity decision analysis.

Findings

Game-theoretic matrices help identify optimal strategies.

Analysis of a US Army tabletop wargame validates the approach.

Matrices reveal potential effects of human decision-making in strategy selection.

Abstract

We demonstrate that game-theoretic calculations serve as a useful tool for assisting cyber wargaming teams in identifying useful strategies. We note a significant similarity between formulating cyber wargaming strategies and the methodology known in military practice as Course of Action (COA) generation. For scenarios in which the attacker must penetrate multiple layers in a defense-in-depth security configuration, an accounting of attacker and defender costs and penetration probabilities provides cost-utility payoff matrices and penetration probability matrices. These can be used as decision tools by both the defender and attacker. Inspection of the matrices allows players to deduce preferred strategies (or COAs) based on game-theoretical equilibrium solutions. The matrices also help in analyzing anticipated effects of potential human-based choices of wargame strategies and counter-strategies. We describe a mathematical game-theoretic formalism and offer detailed analysis of a table-top cyber wargame executed at the US Army Research Laboratory. Our analysis shows how game-theoretical calculations can provide an effective tool for decision-making during cyber wargames.