Interdicting Attack Plans with Boundedly Rational Players and Multiple Attackers: An Adversarial Risk Analysis Approach

IF 2.5 4区 管理学 Q3 MANAGEMENT Decision Analysis Pub Date : 2023-02-03 DOI:10.1287/deca.2023.0471
Eric B. DuBois, Ashley Peper, Laura A. Albert
{"title":"Interdicting Attack Plans with Boundedly Rational Players and Multiple Attackers: An Adversarial Risk Analysis Approach","authors":"Eric B. DuBois, Ashley Peper, Laura A. Albert","doi":"10.1287/deca.2023.0471","DOIUrl":null,"url":null,"abstract":"Cybersecurity planning supports the selection of and implementation of security controls in resource-constrained settings to manage risk. Doing so requires considering adaptive adversaries with different levels of strategic sophistication in modeling efforts to support risk management. However, most models in the literature only consider rational or nonstrategic adversaries. Therefore, we study how to inform defensive decision making to mitigate the risk from boundedly rational players, with a particular focus on making integrated, interdependent planning decisions. To achieve this goal, we introduce a modeling framework for selecting a portfolio of security mitigations that interdict adversarial attack plans that uses a structured approach for risk analysis. Our approach adapts adversarial risk analysis and cognitive hierarchy theory to consider a maximum-reliability path interdiction problem with a single defender and multiple attackers who have different goals and levels of strategic sophistication. Instead of enumerating all possible attacks and defenses, we introduce a solution technique based on integer programming and approximation algorithms to iteratively solve the defender’s and attackers’ problems. A case study illustrates the proposed models and provides insights into defensive planning. Funding: A. Peper and L. A. Albert were supported in part by the National Science Foundation [Grant 2000986].","PeriodicalId":46460,"journal":{"name":"Decision Analysis","volume":null,"pages":null},"PeriodicalIF":2.5000,"publicationDate":"2023-02-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Decision Analysis","FirstCategoryId":"91","ListUrlMain":"https://doi.org/10.1287/deca.2023.0471","RegionNum":4,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"MANAGEMENT","Score":null,"Total":0}
引用次数: 1

Abstract

Cybersecurity planning supports the selection of and implementation of security controls in resource-constrained settings to manage risk. Doing so requires considering adaptive adversaries with different levels of strategic sophistication in modeling efforts to support risk management. However, most models in the literature only consider rational or nonstrategic adversaries. Therefore, we study how to inform defensive decision making to mitigate the risk from boundedly rational players, with a particular focus on making integrated, interdependent planning decisions. To achieve this goal, we introduce a modeling framework for selecting a portfolio of security mitigations that interdict adversarial attack plans that uses a structured approach for risk analysis. Our approach adapts adversarial risk analysis and cognitive hierarchy theory to consider a maximum-reliability path interdiction problem with a single defender and multiple attackers who have different goals and levels of strategic sophistication. Instead of enumerating all possible attacks and defenses, we introduce a solution technique based on integer programming and approximation algorithms to iteratively solve the defender’s and attackers’ problems. A case study illustrates the proposed models and provides insights into defensive planning. Funding: A. Peper and L. A. Albert were supported in part by the National Science Foundation [Grant 2000986].
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
具有有限理性参与者和多个攻击者的拦截攻击计划:一种对抗风险分析方法
网络安全规划支持在资源受限的环境中选择和实施安全控制措施,以管理风险。这样做需要在建模工作中考虑具有不同战略成熟度级别的自适应对手,以支持风险管理。然而,文献中的大多数模型只考虑理性的或非战略性的对手。因此,我们研究如何为防御性决策提供信息,以减轻有限理性参与者的风险,并特别关注制定综合的、相互依赖的规划决策。为了实现这一目标,我们引入了一个建模框架,用于选择一组安全缓解措施,以阻止使用结构化方法进行风险分析的对抗性攻击计划。我们的方法采用对抗风险分析和认知层次理论来考虑具有不同目标和战略复杂程度的单个防御者和多个攻击者的最大可靠性路径拦截问题。我们不是列举所有可能的攻击和防御,而是引入一种基于整数规划和近似算法的求解技术来迭代解决防御者和攻击者的问题。一个案例研究说明了所提出的模型,并提供了对防御计划的见解。资助:A. Peper和L. A. Albert得到了美国国家科学基金会的部分支持[Grant 2000986]。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
Decision Analysis
Decision Analysis MANAGEMENT-
CiteScore
3.10
自引率
21.10%
发文量
19
期刊最新文献
Measuring and Mitigating the Risk of Advanced Cyberattackers On the Value of Information Across Decision Problems Curbing the Opioid Crisis: Optimal Dynamic Policies for Preventive and Mitigating Interventions From the Editor: 2023 Clemen–Kleinmuntz Decision Analysis Best Paper Award A Behavioral Model of Responsible Sourcing in Supply Chains: The Role of Dual-Sourcing Bias
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1