Towards a Multi-Agent Simulation of Cyber-attackers and Cyber-defenders Battles

TL;DR

This paper introduces a Markovian multi-agent simulation framework for modeling and analyzing coordinated cyber-attacks and defenses on networked systems, enabling realistic scenario testing and strategy assessment.

Contribution

It presents a novel simulation model that captures multi-agent interactions and dynamic responses of cyber-attackers and defenders in network environments.

Findings

The simulator can realistically replicate complex attack-defense scenarios.

Different defense strategies can be tested and compared.

The framework helps in understanding attacker and defender behaviors.

Abstract

As cyber-attacks show to be more and more complex and coordinated, cyber-defenders strategy through multi-agent approaches could be key to tackle against cyber-attacks as close as entry points in a networked system. This paper presents a Markovian modeling and implementation through a simulator of fighting cyber-attacker agents and cyber-defender agents deployed on host network nodes. It aims to provide an experimental framework to implement realistically based coordinated cyber-attack scenarios while assessing cyber-defenders dynamic organizations. We abstracted network nodes by sets of properties including agents' ones. Actions applied by agents model how the network reacts depending in a given state and what properties are to change. Collective choice of the actions brings the whole environment closer or farther from respective cyber-attackers and cyber-defenders goals. Using the simulator, we implemented a realistically inspired scenario with several behavior implementation approaches for cyber-defenders and cyber-attackers.