How to deal with an intelligent adversary

Andrey Garnaev, Melike Baykal-Gursoy, H. Vincent Poor

Research output: Contribution to journalArticle

4 Scopus citations

Abstract

Traditionally, the design of network protection strategies is based on the answers of a protector and an adversary to the question "How?": how should the protector allocate its protection resources, and how should the adversary allocate its attacking resources? This paper considers a more sophisticated adversary, who, planning its malicious activities, considers two questions: "What for?" and "How?". Namely, what is the motivation for the attack? and how to attack based on the chosen motivation? To study this problem, a simple game-theoretic network protection model is considered, in which the adversary decides whether to intrude on the network to inflict maximal damage or to perform a reconnaissance mission, and based on this decision an intrusion strategy is designed. The solution to this game shows that such an adversary may try a feint to draw the protector's efforts away from the nodes that the adversary intends to attack. Taking into account this feature of the adversary's behavior allows improvements in the reliability of a protection strategy.

Original languageEnglish (US)
Pages (from-to)352-360
Number of pages9
JournalComputers and Industrial Engineering
Volume90
DOIs
StatePublished - Dec 1 2015

All Science Journal Classification (ASJC) codes

  • Computer Science(all)
  • Engineering(all)

Keywords

  • Bayesian game
  • Equilibrium
  • Network protection

Fingerprint Dive into the research topics of 'How to deal with an intelligent adversary'. Together they form a unique fingerprint.

  • Cite this