Skip to main content
SpringerLink
Log in

From Individual Decisions from Experience to Behavioral Game Theory: Lessons for Cybersecurity

  • Conference paper
  • First Online:
Book cover Moving Target Defense II

Part of the book series: Advances in Information Security ((ADIS,volume 100))

Abstract

This chapter discusses a central challenge arising from the success of modeling human behavior in making decisions from experience: our ability to scale these models up to explain non-cooperative team behavior in a dynamic cyber space. Computational models of human behavior based on the Instance-Based Learning Theory (IBLT) have been highly successful in representing and predicting individual’s behavior of decisions from experience. Recently, these IBL models have been also applied to represent a security analyst’s experience and cognitive characteristics that would result in accurate predictions of threat identification and cyber-attack detection. The IBL models derive predictions on the accuracy and timing of threat detection in a computer network (i.e., cyber situation awareness or cyberSA). This chapter summarizes the current state of models at the individual level, and it describes the challenges and potentials for extending them to address predictions in 2-player (i.e., defender and attacker) non-cooperative dynamic cybersecurity situations. The advancements that would potentially contribute to a more secure cyberspace are discussed.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 109.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Anderson, J. R., Bothell, D., Byrne, M. D., Douglass, S., Lebiere, C., & Qin, Y. (2004). An integrated theory of the mind. Psychological Review, 111(4), 1036–1060.

    Google Scholar 

  2. Anderson, J. R., & Lebiere, C. (1998). The atomic components of thought. Hillsdale, NJ: Lawrence Erlbaum Associates.

    Google Scholar 

  3. Anderson, J. R., Reder, L. M., & Lebiere, C. (1996). Working memory: Activation limitations on retrieval. Cognitive Psychology, 30(3), 221–256.

    Google Scholar 

  4. Axelrod, R. (1980). Effective choice in the Prisoners Dilemma. Journal of Conflict Resolution, 24(1), 3–25.

    Google Scholar 

  5. Bush, R. R., & Mosteller, F. (1955). Stochastic models for learning. Oxford, UK: John Wiley & Sons, Inc.

    Google Scholar 

  6. Colman, A. M. (2003). Cooperation, psychological game theory, and limitations of rationality in social interaction. Behavioral and Brain Sciences, 26, 139–198.

    Google Scholar 

  7. Dutt, V., Ahn, Y.-S., & Gonzalez, C. (2011). Cyber situation awareness: Modeling the security analyst in a cyber-attack scenario through instance-based learning. In Y. Li (Ed.), Lecture Notes in Computer Science (Vol. 6818, pp. 281–293). Heidelberg: Springer Berlin.

    Google Scholar 

  8. Dutt, V., Ahn, Y. S., & Gonzalez, C. (2012). Cyber situation awareness: Modeling detection of cyber attacks with Instance-Based Learning Theory. Unpublished manuscript under review.

    Google Scholar 

  9. Dutt, V., Cassenti, D. N., & Gonzalez, C. (2011). Modeling a robotic operator manager in a tactical battlefield. In Proceedings of the CogSIMA 2011: 2011 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support (pp. 82–87). Miami Beach, FL: IEEE.

    Google Scholar 

  10. Dutt, V., & Gonzalez, C. (2011). Cyber situation awareness through Instance-Based Learning: Modeling the security analyst in a cyber-attack scenario. In C. Onwubiko & T. Owens (Eds.), Situation awareness in computer network defense: Principles, methods and applications. Hershey, PA: IGI Global.

    Google Scholar 

  11. Dutt, V., Yamaguchi, M., Gonzalez, C., & Proctor, R. W. (2009). An instance-based learning model of stimulus-response compatibility effects in mixed location-relevant and location-irrelevant tasks. In A. Howes, D. Peebles & R. Cooper (Eds.), Proceedings of the 9th International Conference on Cognitive Modeling - ICCM2009. Manchester, UK.

    Google Scholar 

  12. Edwards, W. (1962). Dynamic decision theory and probabilistic information processing. Human Factors, 4, 59–73.

    Google Scholar 

  13. Erev, I., Glozman, I., & Hertwig, R. (2008). What impacts the impact of rare events. Journal of Risk and Uncertainty, 36(2), 153–177.

    Google Scholar 

  14. Erev, I., & Haruvy, E. (in press). Learning and the economics of small decisions. In J. H. Kagel & A. E. Roth (Eds.), The Handbook of Experimental Economics. Princeton, NJ: Princeton University Press.

    Google Scholar 

  15. Erev, I., & Roth, A. E. (1998). Predicting how people play games: Reinforcement learning in experimental games with unique, mixed strategy equilibria. The American Economic Review, 88(4), 848–881.

    Google Scholar 

  16. Erev, I., & Roth, A. E. (2001). Simple reinforcement learning models and reciprocation in the Prisoner’s Dilemma game. In G. Gigerenzer & R. Selten (Eds.), Bounded rationality: The adaptive toolbox (pp. 215–231). Cambridge, MA: MIT Press.

    Google Scholar 

  17. Gonzalez, C., & Dutt, V. (2011). Instance-based learning: Integrating decisions from experience in sampling and repeated choice paradigms. Psychological Review, 118(4), 523–551.

    Google Scholar 

  18. Gonzalez, C., Dutt, V., & Lejarraga, T. (2011). A loser can be a winner: Comparison of two instance-based learning models in a market entry competition. Games, 2(1), 136–162.

    Google Scholar 

  19. Gonzalez, C., Dutt, V. & Martin, J. (2011). Scaling up Instance-Based Learning Models of Individual Decision Making to Models of Behavior in Conflict Situations. In Proceedings of the 2011 International Conference on Behavioral Decision Making. The Interdisciplinary Center IDC Herzliya, Israel, May 30- June 1, 2011. pp. 4.

    Google Scholar 

  20. Gonzalez, C., & Lebiere, C. (2005). Instance-based cognitive models of decision making. In D. Zizzo & A. Courakis (Eds.), Transfer of knowledge in economic decision-making (pp. 148–165). New York: Macmillan (Palgrave Macmillan).

    Google Scholar 

  21. Gonzalez, C., Lerch, J. F., & Lebiere, C. (2003). Instance-based learning in dynamic decision making. Cognitive Science, 27(4), 591–635.

    Google Scholar 

  22. Gonzalez, C., & Martin, J. M. (2011). Scaling up Instance-Based Learning Theory to account for social interactions. Negotiation and Conflict Management Research, 4(2), 110–128.

    Google Scholar 

  23. Hertwig, R., Barron, G., Weber, E. U., & Erev, I. (2006). The role of information sampling in risky choice. In K. Fiedler & P. Juslin (Eds.), Information sampling and adaptive cognition (pp. 72–91). New York: Cambridge University Press.

    Google Scholar 

  24. Jajodia, S., Liu, P., Swarup, V., & Wang, C. (2011). Cyber situational awareness: Issues and research. New York: Springer.

    Google Scholar 

  25. Johnson, N. B. (2011). Cyber attacks up 40%, report says. Online article. Federal Times. http://www.federaltimes.com/article/20110403/IT01/104030301/1035/IT01. Accessed March 10, 2012.

  26. Juvina, I., Lebiere, C., Martin, J. M., & Gonzalez, C. (2011). Intergroup prisoner’s dilemma with intragroup power dynamics. Games, 2, 21–51.

    Google Scholar 

  27. Lebiere, C. (1999). Blending: An ACT-R mechanism for aggregate retrievals. Paper presented at the Sixth Annual ACT-R Workshop at George Mason University.

    Google Scholar 

  28. Lebiere, C., Gonzalez, C., & Martin, M. (2007). Instance-based decision making model of repeated binary choice. In R. L. Lewis, T. A. Polk & J. E. Laird (Eds.), Proceedings of the 8th International Conference on Cognitive Modeling (pp. 67–72). Ann Arbor, MI.

    Google Scholar 

  29. Lebiere, C., Wallach, D., & West, R. L. (2000). A memory-based account of the prisoner’s dilemma and other 2x2 games. In Proceedings of the International Conference on Cognitive Modeling (pp. 185–193). NL: Universal Press.

    Google Scholar 

  30. Lejarraga, T., Dutt, V., & Gonzalez, C. (2012). Instance-based learning: A general model of repeated binary choice. Journal of Behavioral Decision Making, 25(2), 143–153.

    Google Scholar 

  31. Lejarraga, T., Dutt, V., & Gonzalez, C. (2010). Instance-based learning in repeated binary choice. Paper presented at the Society for Judgement and Decision Making, St. Louis, MO,

    Google Scholar 

  32. Lovett, M. C., Reder, L. M., & Lebiere, C. (1999). Modeling working memory in a unified architecture: An ACT-R perspective. In A. Miyake & P. Shah (Eds.), Models of working memory: Mechanisms of active maintenance and executive control (pp. 135–182). New York: Cambridge University Press.

    Google Scholar 

  33. Lye, K.-W., & Wing, J. M. (2005). Game strategies in network security. International Journal of Information Security, 4, 71–86.

    Google Scholar 

  34. March, J. G. (1996). Learning to be risk averse. Psychological Review, 103(2), 309–319.

    Google Scholar 

  35. Martin, J. M., Gonzalez, C., Juvina, I., & Lebiere, C. (2012). Awareness of interdependence, and its effects on cooperation. Unpublished manuscript under review.

    Google Scholar 

  36. Martin, M. K., Gonzalez, C., & Lebiere, C. (2004). Learning to make decisions in dynamic environments: ACT-R plays the beer game. In M. C. Lovett, C. D. Schunn, C. Lebiere & P. Munro (Eds.), Proceedings of the Sixth International Conference on Cognitive Modeling (Vol. 420, pp. 178–183). Pittsburgh, PA: Lawrence Erlbaum Associates Publishers.

    Google Scholar 

  37. McCumber, J. (2004). Assessing and managing security risk in IT systems: A structured methodology. Boca Raton: Auerbach Publication.

    Google Scholar 

  38. Rabin, M. (1993). Incorporating fairness into game theory and economics. The American Economic Review, 83(5), 1281–1302.

    Google Scholar 

  39. Rapoport, A. (1975). Research paradigms for studying dynamic decision behavior. In D. Wendt & C. Vlek (Eds.), Utility, probability, and human decision making (Vol. 11, pp. 349–375). Dordrecht, The Netherlands: Reidel.

    Google Scholar 

  40. Rapoport, A., & Chammah, A. M. (1965). Prisoner’s dilemma: A study in conflict and cooperation. Ann Arbor: University of Michigan Press.

    Google Scholar 

  41. Rapoport, A., & Mowshowitz, A. (1966). Experimental studies of stochastic models for the Prisoner’s dilemma. System Research and Behavioral Science, 11(6), 444–458.

    Google Scholar 

  42. Roberts, G. (1997). Testing mutualism: A commentary on Clements and Stephens. Animal Behaviour, 53(6), 1361–1362.

    Google Scholar 

  43. Roth, A. E., & Erev, I. (1995). Learning in extensive-form games: Experimental data and simple dynamic models in the intermediate term. Games and Economic Behavior, 8, 164–212.

    Google Scholar 

  44. Roy, S., Ellis, C., Shiva, S., Dasgupta, D., Shandilya, V., & Wu, Q. (2010). A survey of game theory as applied to network security. In J. Ralph H. Sprague (Ed.), Proceedings of the 43rd Hawaii International Conference on System Sciences. Los Alamitos, CA: IEEE. doi: 10.1109/HICSS.2010.35

    Google Scholar 

  45. Salter, C., Saydjari, O. S., Schneier, B., & Wallner, J. (1998). Toward a secure system engineering metholody. In B. Blakeley, D. Kienzle, M. E. Zurko, & S. J. Greenwald (Eds.), Proceedings of the 1998 Workshop on New Security Paradigms (pp. 2–10). New York: ACM

    Google Scholar 

  46. Shiva, S., Roy, S., & Dasgupta, D. (2010). Game theory for cyber security. In F. T. Sheldon, S. Prowell, R. K. Abercrombie & A. Krings (Eds.), Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research. New York: ACM. doi: 10.1145/1852666.1852704

    Google Scholar 

  47. Schuster, R. (2000). How useful is an individual perspective for explaining the control of social behavior? Behavioral and Brain Sciences, 23(2), 263–264.

    Google Scholar 

  48. Schuster, R., & Perelberg, A. (2004). Why cooperate? An economic perspective is not enough. Behavioural Processes, 66, 261–277.

    Google Scholar 

Download references

Acknowledgements

This research was a part of a Multidisciplinary University Research Initiative Award on Cyber Situation Awareness (MURI; #W911NF-09-1-0525) from Army Research Office to Cleotilde Gonzalez. We thank Hau-yu Wong for editing this manuscript.

Author information

Authors and Affiliations

  1. Dynamic Decision Making Laboratory, Department of Social and Decision Sciences, Carnegie Mellon University, Pittsburgh, PA, 15213, USA

    Cleotilde Gonzalez

Authors
  1. Cleotilde Gonzalez
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Cleotilde Gonzalez .

Editor information

Editors and Affiliations

  1. Center for Secure Information Systems, George Mason University, Fairfax, 22030-4444, Virginia, USA

    Sushil Jajodia

  2. Center for Secure Information Systems, George Mason University, University Drive, Fairfax, 22030-4422, Virginia, USA

    Anup K. Ghosh

  3. Inst. Advanced Computer Studies, Dept. Computer Science, University of Maryland, Paint Branch Dr, College Park, 20742, Maryland, USA

    V.S. Subrahmanian

  4. The MITRE Corporation, Colshire Drive 7515, McLean, 22102-7508, Virginia, USA

    Vipin Swarup

  5. Computing & Information Sci Div, Triangle Park, 27709-2211, North Carolina, USA

    Cliff Wang

  6. Fudan University, Shanghai, 200433, China, People's Republic

    X. Sean Wang

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer Science+Business Media New York

About this paper

Cite this paper

Gonzalez, C. (2013). From Individual Decisions from Experience to Behavioral Game Theory: Lessons for Cybersecurity. In: Jajodia, S., Ghosh, A., Subrahmanian, V., Swarup, V., Wang, C., Wang, X. (eds) Moving Target Defense II. Advances in Information Security, vol 100. Springer, New York, NY. https://doi.org/10.1007/978-1-4614-5416-8_4

Download citation

  • DOI: https://doi.org/10.1007/978-1-4614-5416-8_4

  • Published:

  • Publisher Name: Springer, New York, NY

  • Print ISBN: 978-1-4614-5415-1

  • Online ISBN: 978-1-4614-5416-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation