In asymmetric war scenarios (e.g., counter-terrorism), the adversary usually invests a significant time to learn the system structure and identify vulnerable components, before launching attacks. Traditional game-theoretic defender-attacker models either ignore such learning periods or the entailed costs. This paper fills the gap by analyzing the strategic interactions of the terrorist’s costly learning and defender’s counter-learning and defense strategies in a game with private defender information. Our model allows six possible attacker strategies: (a) attack immediately; (b) learn and attack; (c) learn and not attack; (d) learn and attack when appearing vulnerable and not attack when appearing invulnerable; (e) learn and not attack when appearing vulnerable and attack when appearing invulnerable; and (f) not attack. Our results show that four of the six strategies (a, d, e, f) are possible at equilibrium and the other two (b, c) are strictly dominated. Interestingly, we find that the counterintuitive strategy (e) could be at equilibrium, especially when the probability that the target appears vulnerable given it is invulnerable is sufficiently high. Our results also show that the attacker’s learning cost has a significant impact on both the attacker’s best responses and the defender’s equilibrium deception and defense strategies. Finally, we study the attacker’s values of perfect information and imperfect information, which provide additional insights for defense and counter-learning strategies.
This is a preview of subscription content, access via your institution.
Buy single article
Instant access to the full article PDF.
Price excludes VAT (USA)
Tax calculation will be finalised during checkout.
This assumption is reasonable in many security scenarios (especially those involving new and less-than-fully tested technology), where even the defender could be uncertain about the system vulnerability (US Department of Homeland Security 2011).
For simplicity, we focus on binary attacker effort (i.e., attack or not attack). This might be relevant in some high-level strategic decision-making situations, concerning which targets are likely to be attacked (rather than the level of attack effort on each targets). However, we acknowledge that the attack effort may be different among attacked targets and future work could consider continuous-level attack.
Alpern, S., Morton, A., & Papadaki, K. (2011). Patrolling games. Operations Research, 59(5), 1246–1257.
Bier, V. M., & Haphuriwat, N. (2011). Analytical method to identify the number of containers to inspect at US ports to deter terrorist attacks. Annals of Operations Research, 187(1), 137–158.
Bier, V. M., Nagaraj, A., & Abhichandani, V. (2005). Protection of simple series and parallel systems with components of different values. Reliability Engineering and System Safety, 87(3), 315–323.
Bohme, R., & Moore, T. (2009). The iterated weakest link—a model of adaptive security investment. In Workshop on the economics of information security (WEIS), University College, London, UK. Available at http://weis09.infosecon.net/files/152/paper152.pdf. Accessed in August, 2014.
Brown, G., Carlyle, M., Diehl, D., Kline, J., & Wood, K. (2005). A two-sided optimization for theater ballistic missile defense. Operations Research, 53(5), 745–763.
CNN. (2010). Dutch arrest two men after flight from US Available at http://news.blogs.cnn.com/2010/08/30/two-men-arrested-at-amsterdam-airport/. Accessed in August, 2014.
Cobb, B. R., & Basuchoudhary, A. (2009). A decision analysis approach to solving the signaling game. Decision Analysis, 6(4), 239–255.
DePaulo, B. M., Wetzel, C., Sternglanz, R. W., & Wilson, M. J. W. (2003). Verbal and nonverbal dynamics of privacy, secrecy, and deceit. Journal of Social Issues, 59(2), 391–410.
Dutta, P. K. (1999). Strategies and games: Theory and practice. Cambridge, Massachusetts: MIT Press.
Global Terrorism Database. (2013). Available at http://www.start.umd.edu/gtd/search/IncidentSummary.aspx?gtdid=200911140007. Accessed in August, 2014.
Hausken, K., & Levitin, G. (2009). Protection vs. false targets in series systems. Reliability Engineering and System Safety, 94(5), 973–981.
Hausken, K., & Zhuang, J. (2011). Governments’ and terrorists’ defense and attack in a T-period game. Decision Analysis, 8(1), 46–70.
Hespanha, J. P., Ateskan, Y. S., & Kizilocak, H. H. (2000). Deception in non-cooperative games with partial information. In Proceedings of the 2nd DARPA-JFACC symposium on advances in enterprise control. Citeseer. Available at http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.158.4664&rep=rep1&type=pdf. Accessed in August, 2014.
Insua, D. R., Rios, J., & Banks, D. (2009). Adversarial risk analysis. Journal of the American Statistical Association, 104(486), 841–854.
Joint Chiefs of Staff. (1996). Joint doctrine for military deception. Joint Publication 3–13.4 Available at http://www.dtic.mil/doctrine/jel/new_pubs/jp3_13_4.pdf. Accessed in August, 2014.
Mail Online. (2010). Ink bomb defused ‘with 17 minutes to spare’: Device at UK airport was ready to explode. Available at http://www.dailymail.co.uk/news/article-1326552/Yemen-ink-bomb-defused-17-minutes-spare-Device-ready-explode.html. Accessed in August, 2014.
Mas-Colell, A., Whinston, M. D., & Green, J. R. (1995). Microeconomic theory. New York, NY: Oxford University Press.
National Commission on Terrorist Attacks Upon the United States. (2004). The 9/11 commission report: Final report of the national commission on terrorist attacks upon the United States. W. W. Norton and Company, New York, NY.
Powell, R. (2007). Allocating defensive resources with private information about vulnerability. The American Political Science Review, 101(4), 799–809.
Powell, R. (2009). Sequential, nonzero-sum “Blotto”: Allocating defensive resources prior to attack. Games and Economic Behavior, 67(2), 611–615.
Roberson, B. (2006). The colonel blotto game. Economic Theory, 29(1), 1–24.
Sandler, T., & Siqueira, K. (2006). Global terrorism: Deterrence versus pre-emption. Canadian Journal of Economics, 39(4), 1370–1387.
Schelling, T. C. (Ed.). (1966). Arms and influence. Yale University Press, New Haven, CT.
Shan, X., & Zhuang, J. (2013a). Cost of equity in homeland security resource allocation in the face of a strategic attacker. Risk Analysis, 33(6), 1083–1099.
Shan, X., & Zhuang, J. (2013b). Hybrid defensive resource allocations in the face of partially strategic attackers in a sequential defender-attacker game. European Journal of Operational Research, 228(1), 262–272.
Swire, P. P. (2001). What should be hidden and open in computer security: Lessons from deception, the art of war, law, and economic theory. ArXiv Computer Science e-prints cs/0109089.
US Department of Homeland Security. (2011). Risk management fundamentals—homeland security risk management doctrine. Available at http://www.dhs.gov/xlibrary/assets/rma-risk-management-fundamentals.pdf. Accessed in August, 2014.
Wang, C., & Bier, V. M. (2013). Expert elicitation of adversary preferences using ordinal judgments. Operations Research, 61(2), 372–385.
Zangwill, W. I., & Kantor, P. B. (1998). Toward a theory of continuous improvement and the learning curve. Management Science, 44(7), 910–920.
Zhuang, J. (2010). Impacts of subsidized security on stability and total social costs of equilibrium solutions in an n-player game with errors. The Engineering Economist, 55(2), 131–149.
Zhuang, J., & Bier, V. M. (2007). Balancing terrorism and natural disasters-defensive strategy with endogenous attacker effort. Operations Research, 55(5), 976–991.
Zhuang, J., & Bier, V. M. (2010). Reasons for secrecy and deception in homeland-security resource allocation. Risk Analysis, 30(12), 1737–1743.
Zhuang, J., & Bier, V. M. (2011). Secrecy and deception at equilibrium, with applications to anti-terrorism resource allocation. Defence and Peace Economics, 22(1), 43–61.
Zhuang, J., Bier, V. M., & Alagoz, O. (2010). Modeling secrecy and deception in a multiple-period attacker-defender signaling game. European Journal of Operational Research, 203(2), 409–418.
This research was partially supported by the United States Department of Homeland Security (DHS) through the National Center for Risk and Economic Analysis of Terrorism Events (CREATE) under award number 2010-ST-061-RE0001. This research was also patricianly supported by the United States National Science Foundation under award numbers 1200899 and 1334930. However, any opinions, findings, and conclusions or recommendations in this document are those of the authors and do not necessarily reflect views of the DHS, CREATE, or NSF.
Appendix: Definitions for the \(C_i(d,l),~i=1,\ldots ,12\)
Appendix: Definitions for the \(C_i(d,l),~i=1,\ldots ,12\)
About this article
Cite this article
Xu, J., Zhuang, J. Modeling costly learning and counter-learning in a defender-attacker game with private defender information. Ann Oper Res 236, 271–289 (2016). https://doi.org/10.1007/s10479-014-1722-3