Traditionally, the design of network protection strategies is based on the answers of a protector and an adversary to the question "How?": how should the protector allocate its protection resources, and how should the adversary allocate its attacking resources? This paper considers a more sophisticated adversary, who, planning its malicious activities, considers two questions: "What for?" and "How?". Namely, what is the motivation for the attack? and how to attack based on the chosen motivation? To study this problem, a simple game-theoretic network protection model is considered, in which the adversary decides whether to intrude on the network to inflict maximal damage or to perform a reconnaissance mission, and based on this decision an intrusion strategy is designed. The solution to this game shows that such an adversary may try a feint to draw the protector's efforts away from the nodes that the adversary intends to attack. Taking into account this feature of the adversary's behavior allows improvements in the reliability of a protection strategy.
All Science Journal Classification (ASJC) codes
- Computer Science(all)
- Bayesian game
- Network protection