IDEAS home Printed from https://ideas.repec.org/a/gam/jmathe/v11y2023i6p1353-d1093641.html
   My bibliography  Save this article

Recent Developments in Game-Theory Approaches for the Detection and Defense against Advanced Persistent Threats (APTs): A Systematic Review

Author

Listed:
  • Mohd Nor Akmal Khalid

    (School of Information Science, Japan Advanced Institute of Science and Technology, 1-1 Asahidai, Nomi 923-1211, Japan
    School of Computer Sciences, Universiti Sains Malaysia, Georgetown 11800, Malaysia
    These authors contributed equally to this work.)

  • Amjed Ahmed Al-Kadhimi

    (School of Computer Sciences, Universiti Sains Malaysia, Georgetown 11800, Malaysia
    These authors contributed equally to this work.)

  • Manmeet Mahinderjit Singh

    (School of Computer Sciences, Universiti Sains Malaysia, Georgetown 11800, Malaysia
    These authors contributed equally to this work.)

Abstract

Cybersecurity has become a prominent issue in regard to ensuring information privacy and integrity in the internet age particularly with the rise of interconnected devices. However, advanced persistent threats (APTs) pose a significant danger to the current contemporary way of life, and effective APT detection and defense are vital. Game theory is one of the most sought-after approaches adopted against APTs, providing a framework for understanding and analyzing the strategic interactions between attackers and defenders. However, what are the most recent developments in game theory frameworks against APTs, and what approaches and contexts are applied in game theory frameworks to address APTs? In this systematic literature review, 48 articles published between 2017 and 2022 in various journals were extracted and analyzed according to PRISMA procedures and our formulated research questions. This review found that game-theory approaches have been optimized for the defensive performance of security measures and implemented to anticipate and prepare for countermeasures. Many have been designed as part of incentive-compatible and welfare-maximizing contracts and then applied to cyber–physical systems, social networks, and transportation systems, among others. The trends indicate that game theory provides the means to analyze and understand complex security scenarios based on technological advances, changes in the threat landscape, and the emergence of new trends in cyber-crime. In this study, new opportunities and challenges against APTs are outlined, such as the ways in which tactics and techniques to bypass defenses are likely to evolve in order to evade detection, and we focused on specific industries and sectors of high interest or value (e.g., healthcare, finance, critical infrastructure, and the government).

Suggested Citation

  • Mohd Nor Akmal Khalid & Amjed Ahmed Al-Kadhimi & Manmeet Mahinderjit Singh, 2023. "Recent Developments in Game-Theory Approaches for the Detection and Defense against Advanced Persistent Threats (APTs): A Systematic Review," Mathematics, MDPI, vol. 11(6), pages 1-34, March.
  • Handle: RePEc:gam:jmathe:v:11:y:2023:i:6:p:1353-:d:1093641
    as

    Download full text from publisher

    File URL: https://www.mdpi.com/2227-7390/11/6/1353/pdf
    Download Restriction: no

    File URL: https://www.mdpi.com/2227-7390/11/6/1353/
    Download Restriction: no
    ---><---

    References listed on IDEAS

    as
    1. Boldizsár Bencsáth & Gábor Pék & Levente Buttyán & Márk Félegyházi, 2012. "The Cousins of Stuxnet: Duqu, Flame, and Gauss," Future Internet, MDPI, vol. 4(4), pages 1-33, November.
    2. Kumar, Rajesh & Kela, Rohan & Singh, Siddhant & Trujillo-Rasua, Rolando, 2022. "APT attacks on industrial control systems: A tale of three incidents," International Journal of Critical Infrastructure Protection, Elsevier, vol. 37(C).
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Mathew Nicho & Christopher D. McDermott & Hussein Fakhry & Shini Girija, 2023. "A System Dynamics Approach to Evaluate Advanced Persistent Threat Vectors," International Journal of Information Security and Privacy (IJISP), IGI Global, vol. 17(1), pages 1-23, January.

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Rudra P. Baksi & Shambhu J. Upadhyaya, 2021. "Decepticon: a Theoretical Framework to Counter Advanced Persistent Threats," Information Systems Frontiers, Springer, vol. 23(4), pages 897-913, August.
    2. Kumar, Rajesh & Kela, Rohan & Singh, Siddhant & Trujillo-Rasua, Rolando, 2022. "APT attacks on industrial control systems: A tale of three incidents," International Journal of Critical Infrastructure Protection, Elsevier, vol. 37(C).

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jmathe:v:11:y:2023:i:6:p:1353-:d:1093641. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.