IDEAS home Printed from https://ideas.repec.org/a/sae/joudef/v17y2020i1p21-38.html
   My bibliography  Save this article

The game-theoretic model and experimental investigation of cyber wargaming

Author

Listed:
  • Edward JM Colbert
  • Alexander Kott
  • Lawrence P Knachel

Abstract

We demonstrate that game-theoretic calculations serve as a useful tool for assisting cyber wargaming teams in identifying effective strategies. We note a significant similarity between formulating cyber wargaming strategies and the methodology known in the military practice as Course of Action (COA) generation. For scenarios in which the attacker must penetrate multiple layers in a defense-in-depth security configuration, an accounting of attacker and defender costs and penetration probabilities provides cost–utility payoff matrices and penetration probability matrices. These can be used as decision tools by both the defender and attacker. Inspection of the matrices allows players to deduce preferred strategies (COAs) based on game-theoretical equilibrium solutions. The matrices also help in analyzing the anticipated effects of potential human-based choices of wargame strategies and counter-strategies. We describe a mathematical game-theoretic formalism and offer detailed analysis of a cyber-physical table-top wargame executed at the US Army Research Laboratory. Our analysis shows how game-theoretical calculations can indeed provide a useful tool for effective decision-making during cyber wargames.

Suggested Citation

  • Edward JM Colbert & Alexander Kott & Lawrence P Knachel, 2020. "The game-theoretic model and experimental investigation of cyber wargaming," The Journal of Defense Modeling and Simulation, , vol. 17(1), pages 21-38, January.
    • Handle: RePEc:sae:joudef:v:17:y:2020:i:1:p:21-38
    DOI: 10.1177/1548512918795061
    as

    Download full text from publisher

    File URL: https://journals.sagepub.com/doi/10.1177/1548512918795061
    Download Restriction: no
    File URL: https://libkey.io/10.1177/1548512918795061?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    References listed on IDEAS

    as
    1. von Stengel, Bernhard & Zamir, Shmuel, 2010. "Leadership games with convex strategy sets," Games and Economic Behavior, Elsevier, vol. 69(2), pages 446-457, July.
    2. Kjell Hausken, 2002. "Probabilistic Risk Analysis and Game Theory," Risk Analysis, John Wiley & Sons, vol. 22(1), pages 17-27, February.
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Chen, Shun & Zhao, Xudong & Chen, Zhilong & Hou, Benwei & Wu, Yipeng, 2022. "A game-theoretic method to optimize allocation of defensive resource to protect urban water treatment plants against physical attacks," International Journal of Critical Infrastructure Protection, Elsevier, vol. 36(C).
    2. Rabah Amir & Giuseppe Feo, 2014. "Endogenous timing in a mixed duopoly," International Journal of Game Theory, Springer;Game Theory Society, vol. 43(3), pages 629-658, August.
    3. Bose, Gautam & Konrad, Kai A., 2020. "Devil take the hindmost: Deflecting attacks to other defenders," Reliability Engineering and System Safety, Elsevier, vol. 204(C).
    4. Hausken, Kjell, 2024. "Fifty Years of Operations Research in Defense," European Journal of Operational Research, Elsevier, vol. 318(2), pages 355-368.
    5. Claus Dierksmeier, 2020. "From Jensen to Jensen: Mechanistic Management Education or Humanistic Management Learning?," Journal of Business Ethics, Springer, vol. 166(1), pages 73-87, September.
    6. Seyed Alireza Hasheminasab & Behrouz Tork Ladani, 2018. "Security Investment in Contagious Networks," Risk Analysis, John Wiley & Sons, vol. 38(8), pages 1559-1575, August.
    7. Levitin, Gregory & Hausken, Kjell, 2008. "Protection vs. redundancy in homogeneous parallel systems," Reliability Engineering and System Safety, Elsevier, vol. 93(10), pages 1444-1451.
    8. Sang-Hyun Kim & Brian Tomlin, 2013. "Guilt by Association: Strategic Failure Prevention and Recovery Capacity Investments," Management Science, INFORMS, vol. 59(7), pages 1631-1649, July.
    9. Daniel G. Arce & Dan Kovenock J. & Brian Roberson, 2009. "Suicide Terrorism and the Weakest Link," CESifo Working Paper Series 2753, CESifo.
    10. Zhao, Yunfei & Huang, Linan & Smidts, Carol & Zhu, Quanyan, 2020. "Finite-horizon semi-Markov game for time-sensitive attack response and probabilistic risk assessment in nuclear power plants," Reliability Engineering and System Safety, Elsevier, vol. 201(C).
    11. Andrew Samuel & Seth D. Guikema, 2012. "Resource Allocation for Homeland Defense: Dealing with the Team Effect," Decision Analysis, INFORMS, vol. 9(3), pages 238-252, September.
    12. Insua, Insua Rios & Rios, Jesus & Banks, David, 2009. "Adversarial Risk Analysis," Journal of the American Statistical Association, American Statistical Association, vol. 104(486), pages 841-854.
    13. Daniel G. Arce & Dan Kovenock & Brian Roberson, 2012. "Weakest‐link attacker‐defender games with multiple attack technologies," Naval Research Logistics (NRL), John Wiley & Sons, vol. 59(6), pages 457-469, September.
    14. Stefanos Leonardos & Costis Melolidakis, 2018. "On the Commitment Value and Commitment Optimal Strategies in Bimatrix Games," International Game Theory Review (IGTR), World Scientific Publishing Co. Pte. Ltd., vol. 20(03), pages 1-28, September.
    15. Zare Moayedi, Behzad & Azgomi, Mohammad Abdollahi, 2012. "A game theoretic framework for evaluation of the impacts of hackers diversity on security measures," Reliability Engineering and System Safety, Elsevier, vol. 99(C), pages 45-54.
    16. Shahin Shakibaei & Pelin Alpkokin, 2019. "Conflict Resolution in Competitive Liberalized Railway Market: Application of Game Theoretic Concepts," International Game Theory Review (IGTR), World Scientific Publishing Co. Pte. Ltd., vol. 22(01), pages 1-21, November.
    17. Kirchgässner, Gebhard, 2010. "On minimal morals," European Journal of Political Economy, Elsevier, vol. 26(3), pages 330-339, September.
    18. Hausken, Kjell, 2008. "Strategic defense and attack for reliability systems," Reliability Engineering and System Safety, Elsevier, vol. 93(11), pages 1740-1750.
    19. Kjell Hausken & Vicki M. Bier & Jun Zhuang, 2009. "Defending Against Terrorism, Natural Disaster, and All Hazards," International Series in Operations Research & Management Science, in: Vicki M. M. Bier & M. Naceur Azaiez (ed.), Game Theoretic Risk Analysis of Security Threats, chapter 4, pages 65-97, Springer.
    20. Namun Cho & Tae-Seok Jang, 2019. "Asset Market Volatility and New Keynesian Macroeconomics: A Game-Theoretic Approach," Computational Economics, Springer;Society for Computational Economics, vol. 54(1), pages 245-266, June.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:sae:joudef:v:17:y:2020:i:1:p:21-38. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: SAGE Publications (email available below). General contact details of provider: .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.