Managing IT Security Systems with Adversarial Probes and Attacks

Project: Research

View graph of relations

Description

Successful computer attacks often involve a series of compromises. Hackers often first probe the security capability of a firm, and then determine the attack effort to compromise the systems. Previous studies have considered hackers to have full knowledge about the security capability of the firm, and the security capability of the firm is fixed. In this study, we analyze multi-stage game-theoretic interactions between a hacker and a firm. We assume the hacking process involves the hacker first decides on whether to probe the protection capability of the firm and subsequently determines how much effort to exert in attacking the firm based on the signals received in the probing stage. The firm, on the other hand, decides on the investment level for systems security protection and the configuration level of the security system. We seek to understand the optimal security investment and operations strategies that minimize the overall security cost.

Detail(s)

Project number7002527
Grant typeSRG
StatusFinished
Effective start/end date1/04/107/11/12