Data Driven Game Theoretic Cyber Threat Mitigation

Authors

  • John Robertson Arizona State University
  • Vivin Paliath Arizona State University
  • Jana Shakarian Arizona State University
  • Amanda Thart Arizona State University
  • Paulo Shakarian Arizona State University

DOI:

https://doi.org/10.1609/aaai.v30i2.19082

Abstract

Penetration testing is regarded as the gold-standard for understanding how well an organization can withstand sophisticated cyber-attacks. However, the recent prevalence of markets specializing in zero-day exploits on the darknet make exploits widely available to potential attackers. The cost associated with these sophisticated kits generally precludes penetration testers from simply obtaining such exploits – so an alternative approach is needed to understand what exploits an attacker will most likely purchase and how to defend against them. In this paper, we introduce a data-driven security game framework to model an attacker and provide policy recommendations to the defender. In addition to providing a formal framework and algorithms to develop strategies, we present experimental results from applying our framework, for various system configurations, on realworld exploit market data actively mined from the darknet.

2016 IAAI Proceedings Cover

Downloads

Published

2016-02-18

How to Cite

Robertson, J., Paliath, V., Shakarian, J., Thart, A., & Shakarian, P. (2016). Data Driven Game Theoretic Cyber Threat Mitigation. Proceedings of the AAAI Conference on Artificial Intelligence, 30(2), 4041-4046. https://doi.org/10.1609/aaai.v30i2.19082

Issue

Vol. 30 No. 2 (2016): The Twenty-Eighth Conference on Innovative Applications of Artificial Intelligence

Section

IAAI Emerging Application Papers