Interdicting attack plans with boundedly-rational players and multiple   attackers: An adversarial risk analysis approach

Eric B. DuBois; Ashley Peper; Laura A. Albert

arXiv:2302.01975·math.OC·February 7, 2023

Interdicting attack plans with boundedly-rational players and multiple attackers: An adversarial risk analysis approach

Eric B. DuBois, Ashley Peper, Laura A. Albert

PDF

Open Access

TL;DR

This paper develops a new risk analysis framework for cybersecurity that considers multiple boundedly rational attackers with different goals, using integer programming and approximation algorithms for strategic defense planning.

Contribution

It introduces a novel modeling framework combining adversarial risk analysis and cognitive hierarchy theory for multi-attacker cybersecurity scenarios.

Findings

01

The approach effectively models bounded rationality in attackers.

02

The solution technique reduces computational complexity in defense planning.

03

Case study demonstrates practical applicability and strategic insights.

Abstract

Cybersecurity planning supports the selection of and implementation of security controls in resource-constrained settings to manage risk. Doing so requires considering adaptive adversaries with different levels of strategic sophistication in modeling efforts to support risk management. However, most models in the literature only consider rational or non-strategic adversaries. Therefore, we study how to inform defensive decision-making to mitigate the risk from boundedly rational players, with a particular focus on making integrated, interdependent planning decisions. To achieve this goal, we introduce a modeling framework for selecting a portfolio of security mitigations that interdict adversarial attack plans that uses a structured approach for risk analysis. Our approach adapts adversarial risk analysis and cognitive hierarchy theory to consider a maximum reliability path interdiction…

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsInfrastructure Resilience and Vulnerability Analysis · Information and Cyber Security · Risk and Safety Analysis