Security Games with Layered Defenses: Adaptive Adversaries and Gittins Indices

Authors

  • Chun Kai Ling National University of Singapore
  • Jakub Černý Columbia University
  • Chin Hui Han DSO National Laboratories
  • Garud Iyengar Columbia University
  • Christian Kroer Columbia University

DOI:

https://doi.org/10.1609/aaai.v40i20.38761

Abstract

Real-world security applications (e.g., cybersecurity) often involve multiple attack paths, each with layers of defenses that an attacker needs to sequentially overcome before a successful attack on the entire system. Each defensive resource changes dynamically in efficacy as the attack unfolds. In this paper, we study the case where attackers are adaptive, potentially switching paths over time in response to these changes with the goal to minimize the expected time until a successful attack. We formalize this as a min-max game and give examples where adaptive attackers are more powerful than non-adaptive ones. We show that defenses that do not account for adaptivity can perform arbitrarily worse. A connection between the attacker's optimal strategy with the classical theory of multi-armed bandits and the Gittins index is made, yielding a simple gradient based algorithm to solve our proposed min-max game. Experiments on synthetic settings validate our approach.
AAAI-26 / IAAI-26 / EAAI-26 Proceedings Cover

Downloads

Published

2026-03-14

How to Cite

Ling, C. K., Černý, J., Han, C. H., Iyengar, G., & Kroer, C. (2026). Security Games with Layered Defenses: Adaptive Adversaries and Gittins Indices. Proceedings of the AAAI Conference on Artificial Intelligence, 40(20), 17120–17128. https://doi.org/10.1609/aaai.v40i20.38761

Issue

Vol. 40 No. 20: AAAI-26 Technical Tracks 20

Section

AAAI Technical Track on Game Theory and Economic Paradigms