Interdicting Attack Plans with Boundedly Rational Players and Multiple Attackers: An Adversarial Risk Analysis Approach

IF 2.5 4区 管理学 Q3 MANAGEMENT
Eric B. DuBois, Ashley Peper, Laura A. Albert
{"title":"Interdicting Attack Plans with Boundedly Rational Players and Multiple Attackers: An Adversarial Risk Analysis Approach","authors":"Eric B. DuBois, Ashley Peper, Laura A. Albert","doi":"10.1287/deca.2023.0471","DOIUrl":null,"url":null,"abstract":"Cybersecurity planning supports the selection of and implementation of security controls in resource-constrained settings to manage risk. Doing so requires considering adaptive adversaries with different levels of strategic sophistication in modeling efforts to support risk management. However, most models in the literature only consider rational or nonstrategic adversaries. Therefore, we study how to inform defensive decision making to mitigate the risk from boundedly rational players, with a particular focus on making integrated, interdependent planning decisions. To achieve this goal, we introduce a modeling framework for selecting a portfolio of security mitigations that interdict adversarial attack plans that uses a structured approach for risk analysis. Our approach adapts adversarial risk analysis and cognitive hierarchy theory to consider a maximum-reliability path interdiction problem with a single defender and multiple attackers who have different goals and levels of strategic sophistication. Instead of enumerating all possible attacks and defenses, we introduce a solution technique based on integer programming and approximation algorithms to iteratively solve the defender’s and attackers’ problems. A case study illustrates the proposed models and provides insights into defensive planning. Funding: A. Peper and L. A. Albert were supported in part by the National Science Foundation [Grant 2000986].","PeriodicalId":46460,"journal":{"name":"Decision Analysis","volume":null,"pages":null},"PeriodicalIF":2.5000,"publicationDate":"2023-02-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Decision Analysis","FirstCategoryId":"91","ListUrlMain":"https://doi.org/10.1287/deca.2023.0471","RegionNum":4,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"MANAGEMENT","Score":null,"Total":0}
引用次数: 1

Abstract

Cybersecurity planning supports the selection of and implementation of security controls in resource-constrained settings to manage risk. Doing so requires considering adaptive adversaries with different levels of strategic sophistication in modeling efforts to support risk management. However, most models in the literature only consider rational or nonstrategic adversaries. Therefore, we study how to inform defensive decision making to mitigate the risk from boundedly rational players, with a particular focus on making integrated, interdependent planning decisions. To achieve this goal, we introduce a modeling framework for selecting a portfolio of security mitigations that interdict adversarial attack plans that uses a structured approach for risk analysis. Our approach adapts adversarial risk analysis and cognitive hierarchy theory to consider a maximum-reliability path interdiction problem with a single defender and multiple attackers who have different goals and levels of strategic sophistication. Instead of enumerating all possible attacks and defenses, we introduce a solution technique based on integer programming and approximation algorithms to iteratively solve the defender’s and attackers’ problems. A case study illustrates the proposed models and provides insights into defensive planning. Funding: A. Peper and L. A. Albert were supported in part by the National Science Foundation [Grant 2000986].
具有有限理性参与者和多个攻击者的拦截攻击计划:一种对抗风险分析方法
网络安全规划支持在资源受限的环境中选择和实施安全控制措施,以管理风险。这样做需要在建模工作中考虑具有不同战略成熟度级别的自适应对手,以支持风险管理。然而,文献中的大多数模型只考虑理性的或非战略性的对手。因此,我们研究如何为防御性决策提供信息,以减轻有限理性参与者的风险,并特别关注制定综合的、相互依赖的规划决策。为了实现这一目标,我们引入了一个建模框架,用于选择一组安全缓解措施,以阻止使用结构化方法进行风险分析的对抗性攻击计划。我们的方法采用对抗风险分析和认知层次理论来考虑具有不同目标和战略复杂程度的单个防御者和多个攻击者的最大可靠性路径拦截问题。我们不是列举所有可能的攻击和防御,而是引入一种基于整数规划和近似算法的求解技术来迭代解决防御者和攻击者的问题。一个案例研究说明了所提出的模型,并提供了对防御计划的见解。资助:A. Peper和L. A. Albert得到了美国国家科学基金会的部分支持[Grant 2000986]。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
Decision Analysis
Decision Analysis MANAGEMENT-
CiteScore
3.10
自引率
21.10%
发文量
19
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信