Strategic Games on Defense Trees
In this paper we use defense trees, an extension of attack trees with countermeasures, to represent attack scenarios and game theory to detect the most promising actions attacker and defender. On one side the attacker wants to break the system (with as little efforts as possible), on the opposite side the defender want to protect it (sustaining the minimum cost).
As utility function for the attacker and for the defender we consider economic indexes (like the Return on Investment (ROI) and the Return on Attack (ROA)). We show how our approach can be used to evaluate effectiveness and economic profitability of countermeasures as well as their deterrent effect on attackers, thus providing decision makers with a useful tool for performing better evaluation of IT security investments during the risk management process.
KeywordsSecurity Risk Analysis Game Theory
Unable to display preview. Download preview PDF.
- 1.Bistarelli, S., Fioravanti, F., Peretti, P.: Defense tree for economic evaluations of security investment. In: 1st International Conference on Availability, Reliability and Security (ARES 2006), pp. 416–423 (2006)Google Scholar
- 2.Clark, D.D., Wilson, D.R.: A comparison of commercial and military computer security policies. In: IEEE Symposium on Computer Security and Privacy (1987)Google Scholar
- 3.Cremonini, M., Martini, P.: Evaluating information security investments from attackers perspective: the Return-On-Attack (ROA). In: Fourth Workshop on the Economics of Information Security (June 2005)Google Scholar
- 4.Foster, N.L.: The application of software and safety engineering techniques to security protocol development. PhD thesis, University of York, Department of Computer Science (2002)Google Scholar
- 5.Fudenberg, D., Tirole, J.: Game Theory. MIT Press, Cambridge (1991)Google Scholar
- 6.Gibbons, R.: A Primer in Game Theory. Pearson Higher Education (1992)Google Scholar
- 8.Howard, LeBlanc.: Writing Secure Code. Microsoft Press, Redmond (2002)Google Scholar
- 9.Krutz, R.L., Vines, R.D., Stroz, E.M.: The CISSP Prep Guide: Mastering the Ten Domains of Computer Security. Wiley, Chichester (2001)Google Scholar
- 10.Liu, Y.: Intrusion Detection for Wireless Networks. PhD thesis, Stevens Institute of Technology (2006)Google Scholar
- 11.McKelvey, R.D., McLennan, A.M., Turocy, T.L.: Gambit: Software tools for game theory (version 0.2006.01.20) (2006), http://econweb.tamu.edu/gambit
- 12.Meritt, J.W.: A method for quantitative risk analysis. In: Proceedings of the 22nd National Information Systems Security Conference (October 1999)Google Scholar
- 13.Osborne, M.J.: An introduction to game theory. Oxford University Press, Oxford (2003)Google Scholar
- 14.Schechter, S.E.: Computer Security Strength & Risk: A Quantitative Approach. PhD thesis, Harvard University (May 2004)Google Scholar
- 15.Schneier, B.: Attack trees: Modeling security threats. Dr. Dobb’s Journal (1999)Google Scholar
- 16.Schneier, B.: Secrets & Lies: Digital Security in a Networked World. John Wiley & Sons, Chichester (2000)Google Scholar
- 17.Sonnenreich, W., Albanese, J., Stout, B.: Return On Security Investment (ROSI): A practical quantitative model. In: Security in Information Systems, Proceedings of the 3rd International Workshop on Security in Information Systems, WOSIS 2005, pp. 239–252. INSTICC Press (2005)Google Scholar
- 18.Stoneburner, G., Goguen, A., Feringa, A.: Risk management guide for information technology systems. Nist special publication 800–830, NIST, National Institute of Standard Technology (July 2002)Google Scholar