Data Driven Game Theoretic Cyber Threat Mitigation
Robertson, John (Arizona State University) | Paliath, Vivin (Arizona State University) | Shakarian, Jana (Arizona State University) | Thart, Amanda (Arizona State University) | Shakarian, Paulo (Arizona State University)
Penetration testing is regarded as the gold-standard for understanding how well an organization can withstand sophisticated cyber-attacks. However, the recent prevalence of markets specializing in zero-day exploits on the darknet make exploits widely available to potential attackers. The cost associated with these sophisticated kits generally precludes penetration testers from simply obtaining such exploits -- so an alternative approach is needed to understand what exploits an attacker will most likely purchase and how to defend against them. In this paper, we introduce a data-driven security game framework to model an attacker and provide policy recommendations to the defender. In addition to providing a formal framework and algorithms to develop strategies, we present experimental results from applying our framework, for various system configurations, on real-world exploit market data actively mined from the darknet.
Feb-10-2016
- Country:
- North America > United States
- Arizona (0.04)
- New York > New York County
- New York City (0.04)
- Europe > United Kingdom
- England > Cambridgeshire > Cambridge (0.04)
- North America > United States
- Industry:
- Information Technology > Security & Privacy (1.00)
- Government > Military
- Cyberwarfare (0.34)
- Technology:
- Information Technology
- Security & Privacy (1.00)
- Game Theory (1.00)
- Artificial Intelligence > Representation & Reasoning (0.69)
- Communications > Networks (0.46)
- Information Technology