|title:||Cyber-attackers VS defenders: the game is on!|
|keywords:||Attack trees, Game theory|
|topics:||Algorithms and Data Structures , Dependability, security and performance , Logics and semantics|
Attack-defense diagrams are a useful way to represent the opposing forces marching on the battlefield of cyber-security: attackers have the aim of compromising a particular asset, while defenders need to protect that same asset. Attack steps and countermeasures can be deployed to further one's objectives, but at a cost. Optimal defense strategies need to be developed in order to allow a company to keep their data safe while still making a profit out of it.
We propose to study and expand the current game theoretical approaches applied in the field of cyber-security, with the intent of improving the efficiency of cyber-defense standards. We are particularly keen on investigating attack-defense trees where the defensive role goes further from its traditional "passive" aspect, and becomes proactive instead. The general idea is to recognize some suspicious behavior as an attack and stop it before it materializes.