GADAPT: A sequential game-theoretic framework for designing defense-in-depth strategies against advanced persistent threats

Stefan Rass, Quanyan Zhu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

We present a dynamic game framework to model and design defense strategies for advanced persistent threats (APTs). The model is based on a sequence of nested finite two-person zero-sum games, in which the APT is modeled as the attempt to get through multiple protective shells of a system towards conquering the target located in the center of the infrastructure. In each stage, a sub-game captures the attack and defense interactions between two players, and its outcome determines the security level and the resilience against penetrations as well as the structure of the game in the next stage. By construction, interdependencies between protections at multiple stages are automatically accounted for by the dynamic game. The game model provides an analysis and design framework to develop effective protective layers and strategic defense-indepth strategies against APTs. We discuss a few closed form solutions of our sequential APT-games, upon which design problems can be formulated to optimize the quality of security (QoS) across several layers. Numerical experiments are conducted in this work to corroborate our results.

Original languageEnglish (US)
Title of host publicationDecision and Game Theory for Security - 7th International Conference, GameSec 2016, Proceedings
PublisherSpringer Verlag
Pages314-326
Number of pages13
Volume9996 LNCS
ISBN (Print)9783319474120
DOIs
StatePublished - 2016
Event7th International Conference on Decision and Game Theory for Security, GameSec 2016 - New York, United States
Duration: Nov 2 2016Nov 4 2016

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume9996 LNCS
ISSN (Print)03029743
ISSN (Electronic)16113349

Other

Other7th International Conference on Decision and Game Theory for Security, GameSec 2016
CountryUnited States
CityNew York
Period11/2/1611/4/16

Fingerprint

Game
Dynamic Games
Two-person Games
Zero sum game
Interdependencies
Resilience
Closed-form Solution
Penetration
Shell
Infrastructure
Optimise
Attack
Numerical Experiment
Model
Target
Strategy
Framework
Experiments
Interaction
Design

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

Rass, S., & Zhu, Q. (2016). GADAPT: A sequential game-theoretic framework for designing defense-in-depth strategies against advanced persistent threats. In Decision and Game Theory for Security - 7th International Conference, GameSec 2016, Proceedings (Vol. 9996 LNCS, pp. 314-326). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9996 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-319-47413-7_18

GADAPT : A sequential game-theoretic framework for designing defense-in-depth strategies against advanced persistent threats. / Rass, Stefan; Zhu, Quanyan.

Decision and Game Theory for Security - 7th International Conference, GameSec 2016, Proceedings. Vol. 9996 LNCS Springer Verlag, 2016. p. 314-326 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9996 LNCS).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Rass, S & Zhu, Q 2016, GADAPT: A sequential game-theoretic framework for designing defense-in-depth strategies against advanced persistent threats. in Decision and Game Theory for Security - 7th International Conference, GameSec 2016, Proceedings. vol. 9996 LNCS, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 9996 LNCS, Springer Verlag, pp. 314-326, 7th International Conference on Decision and Game Theory for Security, GameSec 2016, New York, United States, 11/2/16. https://doi.org/10.1007/978-3-319-47413-7_18
Rass S, Zhu Q. GADAPT: A sequential game-theoretic framework for designing defense-in-depth strategies against advanced persistent threats. In Decision and Game Theory for Security - 7th International Conference, GameSec 2016, Proceedings. Vol. 9996 LNCS. Springer Verlag. 2016. p. 314-326. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/978-3-319-47413-7_18
Rass, Stefan ; Zhu, Quanyan. / GADAPT : A sequential game-theoretic framework for designing defense-in-depth strategies against advanced persistent threats. Decision and Game Theory for Security - 7th International Conference, GameSec 2016, Proceedings. Vol. 9996 LNCS Springer Verlag, 2016. pp. 314-326 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
@inproceedings{6cd127b3aebe4061b5e2b95cadd4a3a8,
title = "GADAPT: A sequential game-theoretic framework for designing defense-in-depth strategies against advanced persistent threats",
abstract = "We present a dynamic game framework to model and design defense strategies for advanced persistent threats (APTs). The model is based on a sequence of nested finite two-person zero-sum games, in which the APT is modeled as the attempt to get through multiple protective shells of a system towards conquering the target located in the center of the infrastructure. In each stage, a sub-game captures the attack and defense interactions between two players, and its outcome determines the security level and the resilience against penetrations as well as the structure of the game in the next stage. By construction, interdependencies between protections at multiple stages are automatically accounted for by the dynamic game. The game model provides an analysis and design framework to develop effective protective layers and strategic defense-indepth strategies against APTs. We discuss a few closed form solutions of our sequential APT-games, upon which design problems can be formulated to optimize the quality of security (QoS) across several layers. Numerical experiments are conducted in this work to corroborate our results.",
author = "Stefan Rass and Quanyan Zhu",
year = "2016",
doi = "10.1007/978-3-319-47413-7_18",
language = "English (US)",
isbn = "9783319474120",
volume = "9996 LNCS",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer Verlag",
pages = "314--326",
booktitle = "Decision and Game Theory for Security - 7th International Conference, GameSec 2016, Proceedings",
address = "Germany",

}

TY - GEN

T1 - GADAPT

T2 - A sequential game-theoretic framework for designing defense-in-depth strategies against advanced persistent threats

AU - Rass, Stefan

AU - Zhu, Quanyan

PY - 2016

Y1 - 2016

N2 - We present a dynamic game framework to model and design defense strategies for advanced persistent threats (APTs). The model is based on a sequence of nested finite two-person zero-sum games, in which the APT is modeled as the attempt to get through multiple protective shells of a system towards conquering the target located in the center of the infrastructure. In each stage, a sub-game captures the attack and defense interactions between two players, and its outcome determines the security level and the resilience against penetrations as well as the structure of the game in the next stage. By construction, interdependencies between protections at multiple stages are automatically accounted for by the dynamic game. The game model provides an analysis and design framework to develop effective protective layers and strategic defense-indepth strategies against APTs. We discuss a few closed form solutions of our sequential APT-games, upon which design problems can be formulated to optimize the quality of security (QoS) across several layers. Numerical experiments are conducted in this work to corroborate our results.

AB - We present a dynamic game framework to model and design defense strategies for advanced persistent threats (APTs). The model is based on a sequence of nested finite two-person zero-sum games, in which the APT is modeled as the attempt to get through multiple protective shells of a system towards conquering the target located in the center of the infrastructure. In each stage, a sub-game captures the attack and defense interactions between two players, and its outcome determines the security level and the resilience against penetrations as well as the structure of the game in the next stage. By construction, interdependencies between protections at multiple stages are automatically accounted for by the dynamic game. The game model provides an analysis and design framework to develop effective protective layers and strategic defense-indepth strategies against APTs. We discuss a few closed form solutions of our sequential APT-games, upon which design problems can be formulated to optimize the quality of security (QoS) across several layers. Numerical experiments are conducted in this work to corroborate our results.

UR - http://www.scopus.com/inward/record.url?scp=84994895317&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84994895317&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-47413-7_18

DO - 10.1007/978-3-319-47413-7_18

M3 - Conference contribution

AN - SCOPUS:84994895317

SN - 9783319474120

VL - 9996 LNCS

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 314

EP - 326

BT - Decision and Game Theory for Security - 7th International Conference, GameSec 2016, Proceedings

PB - Springer Verlag

ER -