Defending Against Advanced Persistent Threats using Game-Theory
Stefan Rass, Sandra K\"onig, Stefan Schauer
TL;DR
This paper proposes a game-theoretic framework tailored for defending against advanced persistent threats (APTs), capturing uncertainties like attacker incentives and system state, and offers a new solution approach for these complex models.
Contribution
It introduces a generalized class of matrix games specifically designed to handle the uncertainties inherent in APT defense, extending classical game theory applications.
Findings
Model effectively captures APT uncertainties
Provides a novel solution method for complex game models
Framework integrates with existing risk assessment standards
Abstract
Advanced persistent threats (APT) combine a variety of different attack forms ranging from social engineering to technical exploits. The diversity and usual stealthiness of APT turns them into a central problem of contemporary practical system security, since information on attacks, the current system status or the attacker's incentives is often vague, uncertain and in many cases even unavailable. Game theory is a natural approach to model the conflict between the attacker and the defender, and this work investigates a generalized class of matrix games as a risk mitigation tool for an APT defense. Unlike standard game and decision theory, our model is tailored to capture and handle the full uncertainty that is immanent to APT, such as disagreement among qualitative expert risk assessments, unknown adversarial incentives and uncertainty about the current system state (in terms of how…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.