Building a New Science of Cybersecurity
Cyber systems are ubiquitous in today’s world and have immensely increased work efficiency of large organizations. Our objective is to lay the foundations for an integrated theory and associated models and tools that improve our understanding of cyber attack-defense phenomena, allow better predictions of cyber attacks, and ultimately improve cybersecurity.
Modeling the bounded rationality of the players in the game is a relatively unexplored area in cybersecurity. Cybersecurity relies on both technology and humans and has thus increasingly become a socio-technical issue, therefore one major aspect of our work will be its exploration of human behavior models and tests using human subject experiments. To keep the human in the loop we propose three player game model, with a defender (system administrator), attacker (hacker) and users, who can choose whether to comply with the defender’s policies or not.
We want intelligent strategies and tactics to hinder aggressors in cyberspace, both preemptively and in response to dynamic attacks. Two related tactics, moving-target defense and attack surface randomization, will be key weapons in our arsenal against cyber aggression. In this case, our emphasis is on human attackers and in essence an attempt to increase their cost and uncertainty in coming up with a plan of attack. Strategic Information revelation, deception and misinformation, decoys and honeypots, are also especially pertinent to our cyber security games. Exploring the use of strategic information revelation in security games we work on persuading an attacker to not attack — in essence selectively revealing information to influence an attacker’s behavior.
A major aspect of improving cybersecurity is to understand the interactions of humans in the loop — defenders trying to protect cyber systems, users trying to use the cyber systems, and attackers trying to attack — with each other and with the cyber-systems in place. To that end, our overarching objective is to lay the foundations, using game theory, for a new science of cybersecurity game