Army Research Laboratory has used game theory to understand how cybersecurity operators can deceive cyber actors and in turn, prevent attacks.
“Game theory allows us to analyze the behavior of intelligent adversaries, predict adversaries course of action and find the best response to protect our network,” said Dr. Charles Kamhoua, senior electronics engineer in the lab’s Network Security Branch.
The U.S. Army said Tuesday it used security games to graphically depict or model the different approaches taken by cyber actors, then analyze multiple strategies to deceive the attacker.
“An attack graph also helps find all possible combination of vulnerabilities an attacker can use from any entry point to any target," said Kamhoua added.
ARL researchers virtually presented their work on this topic at the 2020 Conference on Decision and Game Theory for Security that took place late October.
Worcester Polytechnic Institute helped ARL assess the use of decoys in scenarios when attackers have limited information on the targeted network.
The Defense Advanced Research Projects Agency provided partial funding for the effort.
