Abstract
This chapter discusses a central challenge arising from the success of modeling human behavior in making decisions from experience: our ability to scale these models up to explain non-cooperative team behavior in a dynamic cyber space. Computational models of human behavior based on the Instance-Based Learning Theory (IBLT) have been highly successful in representing and predicting individual’s behavior of decisions from experience. Recently, these IBL models have been also applied to represent a security analyst’s experience and cognitive characteristics that would result in accurate predictions of threat identification and cyber-attack detection. The IBL models derive predictions on the accuracy and timing of threat detection in a computer network (i.e., cyber situation awareness or cyberSA). This chapter summarizes the current state of models at the individual level, and it describes the challenges and potentials for extending them to address predictions in 2-player (i.e., defender and attacker) non-cooperative dynamic cybersecurity situations. The advancements that would potentially contribute to a more secure cyberspace are discussed.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Anderson, J. R., Bothell, D., Byrne, M. D., Douglass, S., Lebiere, C., & Qin, Y. (2004). An integrated theory of the mind. Psychological Review, 111(4), 1036–1060.
Anderson, J. R., & Lebiere, C. (1998). The atomic components of thought. Hillsdale, NJ: Lawrence Erlbaum Associates.
Anderson, J. R., Reder, L. M., & Lebiere, C. (1996). Working memory: Activation limitations on retrieval. Cognitive Psychology, 30(3), 221–256.
Axelrod, R. (1980). Effective choice in the Prisoners Dilemma. Journal of Conflict Resolution, 24(1), 3–25.
Bush, R. R., & Mosteller, F. (1955). Stochastic models for learning. Oxford, UK: John Wiley & Sons, Inc.
Colman, A. M. (2003). Cooperation, psychological game theory, and limitations of rationality in social interaction. Behavioral and Brain Sciences, 26, 139–198.
Dutt, V., Ahn, Y.-S., & Gonzalez, C. (2011). Cyber situation awareness: Modeling the security analyst in a cyber-attack scenario through instance-based learning. In Y. Li (Ed.), Lecture Notes in Computer Science (Vol. 6818, pp. 281–293). Heidelberg: Springer Berlin.
Dutt, V., Ahn, Y. S., & Gonzalez, C. (2012). Cyber situation awareness: Modeling detection of cyber attacks with Instance-Based Learning Theory. Unpublished manuscript under review.
Dutt, V., Cassenti, D. N., & Gonzalez, C. (2011). Modeling a robotic operator manager in a tactical battlefield. In Proceedings of the CogSIMA 2011: 2011 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support (pp. 82–87). Miami Beach, FL: IEEE.
Dutt, V., & Gonzalez, C. (2011). Cyber situation awareness through Instance-Based Learning: Modeling the security analyst in a cyber-attack scenario. In C. Onwubiko & T. Owens (Eds.), Situation awareness in computer network defense: Principles, methods and applications. Hershey, PA: IGI Global.
Dutt, V., Yamaguchi, M., Gonzalez, C., & Proctor, R. W. (2009). An instance-based learning model of stimulus-response compatibility effects in mixed location-relevant and location-irrelevant tasks. In A. Howes, D. Peebles & R. Cooper (Eds.), Proceedings of the 9th International Conference on Cognitive Modeling - ICCM2009. Manchester, UK.
Edwards, W. (1962). Dynamic decision theory and probabilistic information processing. Human Factors, 4, 59–73.
Erev, I., Glozman, I., & Hertwig, R. (2008). What impacts the impact of rare events. Journal of Risk and Uncertainty, 36(2), 153–177.
Erev, I., & Haruvy, E. (in press). Learning and the economics of small decisions. In J. H. Kagel & A. E. Roth (Eds.), The Handbook of Experimental Economics. Princeton, NJ: Princeton University Press.
Erev, I., & Roth, A. E. (1998). Predicting how people play games: Reinforcement learning in experimental games with unique, mixed strategy equilibria. The American Economic Review, 88(4), 848–881.
Erev, I., & Roth, A. E. (2001). Simple reinforcement learning models and reciprocation in the Prisoner’s Dilemma game. In G. Gigerenzer & R. Selten (Eds.), Bounded rationality: The adaptive toolbox (pp. 215–231). Cambridge, MA: MIT Press.
Gonzalez, C., & Dutt, V. (2011). Instance-based learning: Integrating decisions from experience in sampling and repeated choice paradigms. Psychological Review, 118(4), 523–551.
Gonzalez, C., Dutt, V., & Lejarraga, T. (2011). A loser can be a winner: Comparison of two instance-based learning models in a market entry competition. Games, 2(1), 136–162.
Gonzalez, C., Dutt, V. & Martin, J. (2011). Scaling up Instance-Based Learning Models of Individual Decision Making to Models of Behavior in Conflict Situations. In Proceedings of the 2011 International Conference on Behavioral Decision Making. The Interdisciplinary Center IDC Herzliya, Israel, May 30- June 1, 2011. pp. 4.
Gonzalez, C., & Lebiere, C. (2005). Instance-based cognitive models of decision making. In D. Zizzo & A. Courakis (Eds.), Transfer of knowledge in economic decision-making (pp. 148–165). New York: Macmillan (Palgrave Macmillan).
Gonzalez, C., Lerch, J. F., & Lebiere, C. (2003). Instance-based learning in dynamic decision making. Cognitive Science, 27(4), 591–635.
Gonzalez, C., & Martin, J. M. (2011). Scaling up Instance-Based Learning Theory to account for social interactions. Negotiation and Conflict Management Research, 4(2), 110–128.
Hertwig, R., Barron, G., Weber, E. U., & Erev, I. (2006). The role of information sampling in risky choice. In K. Fiedler & P. Juslin (Eds.), Information sampling and adaptive cognition (pp. 72–91). New York: Cambridge University Press.
Jajodia, S., Liu, P., Swarup, V., & Wang, C. (2011). Cyber situational awareness: Issues and research. New York: Springer.
Johnson, N. B. (2011). Cyber attacks up 40%, report says. Online article. Federal Times. http://www.federaltimes.com/article/20110403/IT01/104030301/1035/IT01. Accessed March 10, 2012.
Juvina, I., Lebiere, C., Martin, J. M., & Gonzalez, C. (2011). Intergroup prisoner’s dilemma with intragroup power dynamics. Games, 2, 21–51.
Lebiere, C. (1999). Blending: An ACT-R mechanism for aggregate retrievals. Paper presented at the Sixth Annual ACT-R Workshop at George Mason University.
Lebiere, C., Gonzalez, C., & Martin, M. (2007). Instance-based decision making model of repeated binary choice. In R. L. Lewis, T. A. Polk & J. E. Laird (Eds.), Proceedings of the 8th International Conference on Cognitive Modeling (pp. 67–72). Ann Arbor, MI.
Lebiere, C., Wallach, D., & West, R. L. (2000). A memory-based account of the prisoner’s dilemma and other 2x2 games. In Proceedings of the International Conference on Cognitive Modeling (pp. 185–193). NL: Universal Press.
Lejarraga, T., Dutt, V., & Gonzalez, C. (2012). Instance-based learning: A general model of repeated binary choice. Journal of Behavioral Decision Making, 25(2), 143–153.
Lejarraga, T., Dutt, V., & Gonzalez, C. (2010). Instance-based learning in repeated binary choice. Paper presented at the Society for Judgement and Decision Making, St. Louis, MO,
Lovett, M. C., Reder, L. M., & Lebiere, C. (1999). Modeling working memory in a unified architecture: An ACT-R perspective. In A. Miyake & P. Shah (Eds.), Models of working memory: Mechanisms of active maintenance and executive control (pp. 135–182). New York: Cambridge University Press.
Lye, K.-W., & Wing, J. M. (2005). Game strategies in network security. International Journal of Information Security, 4, 71–86.
March, J. G. (1996). Learning to be risk averse. Psychological Review, 103(2), 309–319.
Martin, J. M., Gonzalez, C., Juvina, I., & Lebiere, C. (2012). Awareness of interdependence, and its effects on cooperation. Unpublished manuscript under review.
Martin, M. K., Gonzalez, C., & Lebiere, C. (2004). Learning to make decisions in dynamic environments: ACT-R plays the beer game. In M. C. Lovett, C. D. Schunn, C. Lebiere & P. Munro (Eds.), Proceedings of the Sixth International Conference on Cognitive Modeling (Vol. 420, pp. 178–183). Pittsburgh, PA: Lawrence Erlbaum Associates Publishers.
McCumber, J. (2004). Assessing and managing security risk in IT systems: A structured methodology. Boca Raton: Auerbach Publication.
Rabin, M. (1993). Incorporating fairness into game theory and economics. The American Economic Review, 83(5), 1281–1302.
Rapoport, A. (1975). Research paradigms for studying dynamic decision behavior. In D. Wendt & C. Vlek (Eds.), Utility, probability, and human decision making (Vol. 11, pp. 349–375). Dordrecht, The Netherlands: Reidel.
Rapoport, A., & Chammah, A. M. (1965). Prisoner’s dilemma: A study in conflict and cooperation. Ann Arbor: University of Michigan Press.
Rapoport, A., & Mowshowitz, A. (1966). Experimental studies of stochastic models for the Prisoner’s dilemma. System Research and Behavioral Science, 11(6), 444–458.
Roberts, G. (1997). Testing mutualism: A commentary on Clements and Stephens. Animal Behaviour, 53(6), 1361–1362.
Roth, A. E., & Erev, I. (1995). Learning in extensive-form games: Experimental data and simple dynamic models in the intermediate term. Games and Economic Behavior, 8, 164–212.
Roy, S., Ellis, C., Shiva, S., Dasgupta, D., Shandilya, V., & Wu, Q. (2010). A survey of game theory as applied to network security. In J. Ralph H. Sprague (Ed.), Proceedings of the 43rd Hawaii International Conference on System Sciences. Los Alamitos, CA: IEEE. doi: 10.1109/HICSS.2010.35
Salter, C., Saydjari, O. S., Schneier, B., & Wallner, J. (1998). Toward a secure system engineering metholody. In B. Blakeley, D. Kienzle, M. E. Zurko, & S. J. Greenwald (Eds.), Proceedings of the 1998 Workshop on New Security Paradigms (pp. 2–10). New York: ACM
Shiva, S., Roy, S., & Dasgupta, D. (2010). Game theory for cyber security. In F. T. Sheldon, S. Prowell, R. K. Abercrombie & A. Krings (Eds.), Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research. New York: ACM. doi: 10.1145/1852666.1852704
Schuster, R. (2000). How useful is an individual perspective for explaining the control of social behavior? Behavioral and Brain Sciences, 23(2), 263–264.
Schuster, R., & Perelberg, A. (2004). Why cooperate? An economic perspective is not enough. Behavioural Processes, 66, 261–277.
Acknowledgements
This research was a part of a Multidisciplinary University Research Initiative Award on Cyber Situation Awareness (MURI; #W911NF-09-1-0525) from Army Research Office to Cleotilde Gonzalez. We thank Hau-yu Wong for editing this manuscript.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer Science+Business Media New York
About this paper
Cite this paper
Gonzalez, C. (2013). From Individual Decisions from Experience to Behavioral Game Theory: Lessons for Cybersecurity. In: Jajodia, S., Ghosh, A., Subrahmanian, V., Swarup, V., Wang, C., Wang, X. (eds) Moving Target Defense II. Advances in Information Security, vol 100. Springer, New York, NY. https://doi.org/10.1007/978-1-4614-5416-8_4
Download citation
DOI: https://doi.org/10.1007/978-1-4614-5416-8_4
Published:
Publisher Name: Springer, New York, NY
Print ISBN: 978-1-4614-5415-1
Online ISBN: 978-1-4614-5416-8
eBook Packages: Computer ScienceComputer Science (R0)