Game-Theoretic Cybersecurity: the Good, the Bad and the Ugly
- URL: http://arxiv.org/abs/2401.13815v2
- Date: Thu, 13 Feb 2025 19:07:28 GMT
- Title: Game-Theoretic Cybersecurity: the Good, the Bad and the Ugly
- Authors: Brandon Collins, Shouhuai Xu, Philip N. Brown,
- Abstract summary: We develop a framework to characterize the function and assumptions of existing works as applied to cybersecurity.<n>We leverage this information to analyze the capabilities of the proposed models in comparison to the application-specific needs they are meant to serve.<n>Our main finding is that Game Theory largely fails to incorporate notions of uncertainty critical to the application being considered.
- Score: 5.715413347864052
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: Given the scale of consequences attributable to cyber attacks, the field of cybersecurity has long outgrown ad-hoc decision-making. A popular choice to provide disciplined decision-making in cybersecurity is Game Theory, which seeks to mathematically understand strategic interaction. In practice though, game-theoretic approaches are scarcely utilized (to our knowledge), highlighting the need to understand the deficit between the existing state-of-the-art and the needs of cybersecurity practitioners. Therefore, we develop a framework to characterize the function and assumptions of existing works as applied to cybersecurity and leverage it to characterize 80 unique technical papers. Then, we leverage this information to analyze the capabilities of the proposed models in comparison to the application-specific needs they are meant to serve, as well as the practicality of implementing the proposed solution. Our main finding is that Game Theory largely fails to incorporate notions of uncertainty critical to the application being considered. To remedy this, we provide guidance in terms of how to incorporate uncertainty in a model, what forms of uncertainty are critical to consider in each application area, and how to model the information that is available in each application area.
Related papers
- Integrating Graph Theoretical Approaches in Cybersecurity Education CSCI-RTED [0.0]
Graph theory offers a powerful framework for modeling relationships within cyber ecosystems.
This paper develops an enriched version of the widely recognized NSL-KDD dataset, incorporating graph-theoretical concepts to enhance its practical value.
arXiv Detail & Related papers (2025-04-23T19:08:30Z) - The Digital Cybersecurity Expert: How Far Have We Come? [49.89857422097055]
We develop CSEBenchmark, a fine-grained cybersecurity evaluation framework based on 345 knowledge points expected of cybersecurity experts.
We evaluate 12 popular large language models (LLMs) on CSEBenchmark and find that even the best-performing model achieves only 85.42% overall accuracy.
By identifying and addressing specific knowledge gaps in each LLM, we achieve up to an 84% improvement in correcting previously incorrect predictions.
arXiv Detail & Related papers (2025-04-16T05:36:28Z) - Machine Unlearning Doesn't Do What You Think: Lessons for Generative AI Policy, Research, and Practice [186.055899073629]
Unlearning is often invoked as a solution for removing the effects of targeted information from a generative-AI model.
Unlearning is also proposed as a way to prevent a model from generating targeted types of information in its outputs.
Both of these goals--the targeted removal of information from a model and the targeted suppression of information from a model's outputs--present various technical and substantive challenges.
arXiv Detail & Related papers (2024-12-09T20:18:43Z) - SoK: Unifying Cybersecurity and Cybersafety of Multimodal Foundation Models with an Information Theory Approach [58.93030774141753]
Multimodal foundation models (MFMs) represent a significant advancement in artificial intelligence.
This paper conceptualizes cybersafety and cybersecurity in the context of multimodal learning.
We present a comprehensive Systematization of Knowledge (SoK) to unify these concepts in MFMs, identifying key threats.
arXiv Detail & Related papers (2024-11-17T23:06:20Z) - Expectation vs. Reality: Towards Verification of Psychological Games [18.30789345402813]
Psychological games (PGs) were developed as a way to model and analyse agents with belief-dependent motivations.
This paper proposes methods to solve PGs and implementing them within PRISM-games, a formal verification tool for games.
arXiv Detail & Related papers (2024-11-08T14:41:52Z) - Rethinking the Uncertainty: A Critical Review and Analysis in the Era of Large Language Models [42.563558441750224]
Large Language Models (LLMs) have become fundamental to a broad spectrum of artificial intelligence applications.
Current methods often struggle to accurately identify, measure, and address the true uncertainty.
This paper introduces a comprehensive framework specifically designed to identify and understand the types and sources of uncertainty.
arXiv Detail & Related papers (2024-10-26T15:07:15Z) - Threat analysis and adversarial model for Smart Grids [1.7482569079741024]
The cyber domain of this smart power grid opens a new plethora of threats.
Different stakeholders including regulation bodies, industry and academy are making efforts to provide security mechanisms to mitigate and reduce cyber-risks.
Recent work shows a lack of agreement among grid practitioners and academic experts on the feasibility and consequences of academic-proposed threats.
This is in part due to inadequate simulation models which do not evaluate threats based on attackers full capabilities and goals.
arXiv Detail & Related papers (2024-06-17T16:33:46Z) - Foundations of Cyber Resilience: The Confluence of Game, Control, and Learning Theories [15.764094200832071]
Cyber resilience focuses on preparation, response, and recovery from cyber threats that are challenging to prevent.
Game theory, control theory, and learning theories are three major pillars for the design of cyber resilience mechanisms.
This chapter presents various theoretical paradigms, including dynamic asymmetric games, moving horizon control, conjectural learning, and meta-learning.
arXiv Detail & Related papers (2024-04-01T16:02:21Z) - Symbiotic Game and Foundation Models for Cyber Deception Operations in Strategic Cyber Warfare [16.378537388284027]
We are currently facing unprecedented cyber warfare with the rapid evolution of tactics, increasing asymmetry of intelligence, and the growing accessibility of hacking tools.
This chapter aims to highlight the pivotal role of game-theoretic models and foundation models (FMs) in analyzing, designing, and implementing cyber deception tactics.
arXiv Detail & Related papers (2024-03-14T20:17:57Z) - A Survey of Network Requirements for Enabling Effective Cyber Deception [0.0]
This paper investigates the crucial network requirements essential for the successful implementation of effective cyber deception techniques.
With a focus on diverse network architectures and topologies, we delve into the intricate relationship between network characteristics and the deployment of deception mechanisms.
arXiv Detail & Related papers (2023-09-01T00:38:57Z) - Designing an attack-defense game: how to increase robustness of
financial transaction models via a competition [69.08339915577206]
Given the escalating risks of malicious attacks in the finance sector, understanding adversarial strategies and robust defense mechanisms for machine learning models is critical.
We aim to investigate the current state and dynamics of adversarial attacks and defenses for neural network models that use sequential financial data as the input.
We have designed a competition that allows realistic and detailed investigation of problems in modern financial transaction data.
The participants compete directly against each other, so possible attacks and defenses are examined in close-to-real-life conditions.
arXiv Detail & Related papers (2023-08-22T12:53:09Z) - Learning to Defend by Attacking (and Vice-Versa): Transfer of Learning
in Cybersecurity Games [1.14219428942199]
We present a novel model of human decision-making inspired by the cognitive faculties of Instance-Based Learning Theory, Theory of Mind, and Transfer of Learning.
This model functions by learning from both roles in a security scenario: defender and attacker, and by making predictions of the opponent's beliefs, intentions, and actions.
Results from simulation experiments demonstrate the potential usefulness of cognitively inspired models of agents trained in attack and defense roles.
arXiv Detail & Related papers (2023-06-03T17:51:04Z) - Graph Mining for Cybersecurity: A Survey [61.505995908021525]
The explosive growth of cyber attacks nowadays, such as malware, spam, and intrusions, caused severe consequences on society.
Traditional Machine Learning (ML) based methods are extensively used in detecting cyber threats, but they hardly model the correlations between real-world cyber entities.
With the proliferation of graph mining techniques, many researchers investigated these techniques for capturing correlations between cyber entities and achieving high performance.
arXiv Detail & Related papers (2023-04-02T08:43:03Z) - Against Algorithmic Exploitation of Human Vulnerabilities [2.6918074738262194]
We are concerned with the problem of machine learning models inadvertently modelling vulnerabilities.
We describe common vulnerabilities, and illustrate cases where they are likely to play a role in algorithmic decision-making.
We propose a set of requirements for methods to detect the potential for vulnerability modelling.
arXiv Detail & Related papers (2023-01-12T13:15:24Z) - AdvCat: Domain-Agnostic Robustness Assessment for Cybersecurity-Critical
Applications with Categorical Inputs [29.907921481157974]
robustness against adversarial attacks is one of the key trust concerns for Machine Learning deployment.
We propose a provably optimal yet highly efficient adversarial robustness assessment protocol for a wide band of ML-driven cybersecurity-critical applications.
We demonstrate the use of the domain-agnostic robustness assessment method with substantial experimental study on fake news detection and intrusion detection problems.
arXiv Detail & Related papers (2022-12-13T18:12:02Z) - Proceedings of the Artificial Intelligence for Cyber Security (AICS)
Workshop at AAAI 2022 [55.573187938617636]
The workshop will focus on the application of AI to problems in cyber security.
Cyber systems generate large volumes of data, utilizing this effectively is beyond human capabilities.
arXiv Detail & Related papers (2022-02-28T18:27:41Z) - Fixed Points in Cyber Space: Rethinking Optimal Evasion Attacks in the
Age of AI-NIDS [70.60975663021952]
We study blackbox adversarial attacks on network classifiers.
We argue that attacker-defender fixed points are themselves general-sum games with complex phase transitions.
We show that a continual learning approach is required to study attacker-defender dynamics.
arXiv Detail & Related papers (2021-11-23T23:42:16Z) - Multi Agent System for Machine Learning Under Uncertainty in Cyber
Physical Manufacturing System [78.60415450507706]
Recent advancements in predictive machine learning has led to its application in various use cases in manufacturing.
Most research focused on maximising predictive accuracy without addressing the uncertainty associated with it.
In this paper, we determine the sources of uncertainty in machine learning and establish the success criteria of a machine learning system to function well under uncertainty.
arXiv Detail & Related papers (2021-07-28T10:28:05Z) - Adversarial Machine Learning Attacks and Defense Methods in the Cyber
Security Domain [58.30296637276011]
This paper summarizes the latest research on adversarial attacks against security solutions based on machine learning techniques.
It is the first to discuss the unique challenges of implementing end-to-end adversarial attacks in the cyber security domain.
arXiv Detail & Related papers (2020-07-05T18:22:40Z) - A general framework for defining and optimizing robustness [74.67016173858497]
We propose a rigorous and flexible framework for defining different types of robustness properties for classifiers.
Our concept is based on postulates that robustness of a classifier should be considered as a property that is independent of accuracy.
We develop a very general robustness framework that is applicable to any type of classification model.
arXiv Detail & Related papers (2020-06-19T13:24:20Z) - Plausible Counterfactuals: Auditing Deep Learning Classifiers with
Realistic Adversarial Examples [84.8370546614042]
Black-box nature of Deep Learning models has posed unanswered questions about what they learn from data.
Generative Adversarial Network (GAN) and multi-objectives are used to furnish a plausible attack to the audited model.
Its utility is showcased within a human face classification task, unveiling the enormous potential of the proposed framework.
arXiv Detail & Related papers (2020-03-25T11:08:56Z) - Learning from Learning Machines: Optimisation, Rules, and Social Norms [91.3755431537592]
It appears that the area of AI that is most analogous to the behaviour of economic entities is that of morally good decision-making.
Recent successes of deep learning for AI suggest that more implicit specifications work better than explicit ones for solving such problems.
arXiv Detail & Related papers (2019-12-29T17:42:06Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.