IDEAS home Printed from https://ideas.repec.org/a/eee/ejores/v306y2023i3p1399-1416.html
   My bibliography  Save this article

Cyber deterrence with imperfect attribution and unverifiable signaling

Author

Listed:
  • Welburn, Jonathan
  • Grana, Justin
  • Schwindt, Karen

Abstract

Motivated by the asymmetric information inherent to cyberwarfare, we examine a game of deterrence between an attacker and a defender in which the defender can signal its retaliatory capability but can only imperfectly attribute an attack. We show that there are equilibria in which the defender sends noisy signals to increase its expected payoff. In some equilibria, the defender can use signaling to deter an attacker and increase its payoff. In a different and somewhat counter-intuitive equilibrium, the defender can increase its expected payoff through signaling by luring the attacker to attack more.

Suggested Citation

  • Welburn, Jonathan & Grana, Justin & Schwindt, Karen, 2023. "Cyber deterrence with imperfect attribution and unverifiable signaling," European Journal of Operational Research, Elsevier, vol. 306(3), pages 1399-1416.
  • Handle: RePEc:eee:ejores:v:306:y:2023:i:3:p:1399-1416
    DOI: 10.1016/j.ejor.2022.07.021
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S0377221722005732
    Download Restriction: Full text for ScienceDirect subscribers only

    File URL: https://libkey.io/10.1016/j.ejor.2022.07.021?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Konrad, Kai A., 2020. "Attacking and defending multiple valuable secrets in a big data world," European Journal of Operational Research, Elsevier, vol. 280(3), pages 1122-1129.
    2. Emir Kamenica & Matthew Gentzkow, 2011. "Bayesian Persuasion," American Economic Review, American Economic Association, vol. 101(6), pages 2590-2615, October.
    3. Liang, Liang & Chen, Jingxian & Siqueira, Kevin, 2020. "Revenge or continued attack and defense in defender–attacker conflicts," European Journal of Operational Research, Elsevier, vol. 287(3), pages 1180-1190.
    4. Zhuang, Jun & Bier, Vicki M. & Alagoz, Oguzhan, 2010. "Modeling secrecy and deception in a multiple-period attacker-defender signaling game," European Journal of Operational Research, Elsevier, vol. 203(2), pages 409-418, June.
    5. Solak, Senay & Zhuo, Yueran, 2020. "Optimal policies for information sharing in information system security," European Journal of Operational Research, Elsevier, vol. 284(3), pages 934-950.
    6. Jesse C. Johnson & Brett Ashley Leeds & Ahra Wu, 2015. "Capability, Credibility, and Extended General Deterrence," International Interactions, Taylor & Francis Journals, vol. 41(2), pages 309-336, March.
    7. Levitin, Gregory & Hausken, Kjell, 2009. "False targets efficiency in defense strategy," European Journal of Operational Research, Elsevier, vol. 194(1), pages 155-162, April.
    8. Baliga, Sandeep & Bueno De Mesquita, Ethan & Wolitzky, Alexander, 2020. "Deterrence with Imperfect Attribution," American Political Science Review, Cambridge University Press, vol. 114(4), pages 1155-1178, November.
    9. Cheung, Kam-Fung & Bell, Michael G.H., 2021. "Attacker–defender model against quantal response adversaries for cyber security in logistics management: An introductory study," European Journal of Operational Research, Elsevier, vol. 291(2), pages 471-481.
    10. Simon, Jay & Omar, Ayman, 2020. "Cybersecurity investments in the supply chain: Coordination and a strategic attacker," European Journal of Operational Research, Elsevier, vol. 282(1), pages 161-171.
    11. Vladislav SARAN, 2016. "Media Manipulation And Psychological War In Ukraine And The Republic Of Moldova," CES Working Papers, Centre for European Studies, Alexandru Ioan Cuza University, vol. 8(4), pages 738-752, December.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Hausken, Kjell, 2024. "Fifty Years of Operations Research in Defense," European Journal of Operational Research, Elsevier, vol. 318(2), pages 355-368.
    2. Dacorogna, Michel & Debbabi, Nehla & Kratz, Marie, 2023. "Building up cyber resilience by better grasping cyber risk via a new algorithm for modelling heavy-tailed data," European Journal of Operational Research, Elsevier, vol. 311(2), pages 708-729.

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Hausken, Kjell, 2024. "Fifty Years of Operations Research in Defense," European Journal of Operational Research, Elsevier, vol. 318(2), pages 355-368.
    2. Hunt, Kyle & Zhuang, Jun, 2024. "A review of attacker-defender games: Current state and paths forward," European Journal of Operational Research, Elsevier, vol. 313(2), pages 401-417.
    3. Kjell Hausken & Jonathan W. Welburn & Jun Zhuang, 2024. "A Review of Attacker–Defender Games and Cyber Security," Games, MDPI, vol. 15(4), pages 1-27, August.
    4. Nicola Dimitri, 2020. "Skills, Efficiency, and Timing in a Simple Attack and Defense Model," Decision Analysis, INFORMS, vol. 17(3), pages 227-234, September.
    5. Qingqing Zhai & Rui Peng & Jun Zhuang, 2020. "Defender–Attacker Games with Asymmetric Player Utilities," Risk Analysis, John Wiley & Sons, vol. 40(2), pages 408-420, February.
    6. Kjell Hausken, 2014. "Choosing what to protect when attacker resources and asset valuations are uncertain," Operations Research and Decisions, Wroclaw University of Science and Technology, Faculty of Management, vol. 24(3), pages 23-44.
    7. Levitin, Gregory & Hausken, Kjell, 2013. "Is it wise to leave some false targets unprotected?," Reliability Engineering and System Safety, Elsevier, vol. 112(C), pages 176-186.
    8. Shan, Xiaojun & Zhuang, Jun, 2018. "Modeling cumulative defensive resource allocation against a strategic attacker in a multi-period multi-target sequential game," Reliability Engineering and System Safety, Elsevier, vol. 179(C), pages 12-26.
    9. Ye, Zhi-Sheng & Peng, Rui & Wang, Wenbin, 2017. "Defense and attack of performance-sharing common bus systemsAuthor-Name: Zhai, Qingqing," European Journal of Operational Research, Elsevier, vol. 256(3), pages 962-975.
    10. Zhang, Xiaoxiong & Ding, Song & Ge, Bingfeng & Xia, Boyuan & Pedrycz, Witold, 2021. "Resource allocation among multiple targets for a defender-attacker game with false targets consideration," Reliability Engineering and System Safety, Elsevier, vol. 211(C).
    11. Bagchi, Aniruddha & Paul, Jomon A., 2021. "National security vs. human rights: A game theoretic analysis of the tension between these objectives," European Journal of Operational Research, Elsevier, vol. 290(2), pages 790-805.
    12. Zhang, Xiaoyu & Xu, Maochao & Su, Jianxi & Zhao, Peng, 2023. "Structural models for fog computing based internet of things architectures with insurance and risk management applications," European Journal of Operational Research, Elsevier, vol. 305(3), pages 1273-1291.
    13. Mohammad E. Nikoofal & Jun Zhuang, 2012. "Robust Allocation of a Defensive Budget Considering an Attacker's Private Information," Risk Analysis, John Wiley & Sons, vol. 32(5), pages 930-943, May.
    14. Simeon Schudy & Verena Utikal, 2015. "Does imperfect data privacy stop people from collecting personal health data?," TWI Research Paper Series 98, Thurgauer Wirtschaftsinstitut, Universität Konstanz.
    15. Koessler, Frederic & Laclau, Marie & Renault, Jérôme & Tomala, Tristan, 2022. "Long information design," Theoretical Economics, Econometric Society, vol. 17(2), May.
    16. Zhang, Chi & Ramirez-Marquez, José Emmanuel & Wang, Jianhui, 2015. "Critical infrastructure protection using secrecy – A discrete simultaneous game," European Journal of Operational Research, Elsevier, vol. 242(1), pages 212-221.
    17. Eduardo Perez-Richet, 2014. "Interim Bayesian Persuasion: First Steps," American Economic Review, American Economic Association, vol. 104(5), pages 469-474, May.
    18. Li, Fei & Song, Yangbo & Zhao, Mofei, 2023. "Global manipulation by local obfuscation," Journal of Economic Theory, Elsevier, vol. 207(C).
    19. Redlicki, B., 2017. "Spreading Lies," Cambridge Working Papers in Economics 1747, Faculty of Economics, University of Cambridge.
    20. Alp Atakan & Mehmet Ekmekci & Ludovic Renou, 2021. "Cross-verification and Persuasive Cheap Talk," Papers 2102.13562, arXiv.org, revised Apr 2021.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:ejores:v:306:y:2023:i:3:p:1399-1416. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: http://www.elsevier.com/locate/eor .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.