TY - JOUR
T1 - How to deal with an intelligent adversary
AU - Garnaev, Andrey
AU - Baykal-Gursoy, Melike
AU - Vincent Poor, H.
N1 - Funding Information:
This material is based upon work supported by the National Science Foundation under Grant Numbers CMMI-1436288 and CMMI-1435778 .
Publisher Copyright:
© 2015 Elsevier Ltd.
PY - 2015/12/1
Y1 - 2015/12/1
N2 - Traditionally, the design of network protection strategies is based on the answers of a protector and an adversary to the question "How?": how should the protector allocate its protection resources, and how should the adversary allocate its attacking resources? This paper considers a more sophisticated adversary, who, planning its malicious activities, considers two questions: "What for?" and "How?". Namely, what is the motivation for the attack? and how to attack based on the chosen motivation? To study this problem, a simple game-theoretic network protection model is considered, in which the adversary decides whether to intrude on the network to inflict maximal damage or to perform a reconnaissance mission, and based on this decision an intrusion strategy is designed. The solution to this game shows that such an adversary may try a feint to draw the protector's efforts away from the nodes that the adversary intends to attack. Taking into account this feature of the adversary's behavior allows improvements in the reliability of a protection strategy.
AB - Traditionally, the design of network protection strategies is based on the answers of a protector and an adversary to the question "How?": how should the protector allocate its protection resources, and how should the adversary allocate its attacking resources? This paper considers a more sophisticated adversary, who, planning its malicious activities, considers two questions: "What for?" and "How?". Namely, what is the motivation for the attack? and how to attack based on the chosen motivation? To study this problem, a simple game-theoretic network protection model is considered, in which the adversary decides whether to intrude on the network to inflict maximal damage or to perform a reconnaissance mission, and based on this decision an intrusion strategy is designed. The solution to this game shows that such an adversary may try a feint to draw the protector's efforts away from the nodes that the adversary intends to attack. Taking into account this feature of the adversary's behavior allows improvements in the reliability of a protection strategy.
KW - Bayesian game
KW - Equilibrium
KW - Network protection
UR - http://www.scopus.com/inward/record.url?scp=84945911138&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84945911138&partnerID=8YFLogxK
U2 - 10.1016/j.cie.2015.10.001
DO - 10.1016/j.cie.2015.10.001
M3 - Article
AN - SCOPUS:84945911138
SN - 0360-8352
VL - 90
SP - 352
EP - 360
JO - Computers and Industrial Engineering
JF - Computers and Industrial Engineering
ER -