Game-Theoretic Model and Experimental Investigation of Cyber Wargaming
This provides a decision-making tool for cyber wargaming teams, particularly in military contexts, but it is incremental as it adapts existing game-theoretic methods to a specific domain.
The paper tackles the problem of assisting cyber wargaming teams in strategy identification by applying game-theoretic calculations to model attacker-defender interactions in defense-in-depth scenarios, resulting in the development of payoff and penetration probability matrices that help deduce preferred strategies based on equilibrium solutions.
We demonstrate that game-theoretic calculations serve as a useful tool for assisting cyber wargaming teams in identifying useful strategies. We note a significant similarity between formulating cyber wargaming strategies and the methodology known in military practice as Course of Action (COA) generation. For scenarios in which the attacker must penetrate multiple layers in a defense-in-depth security configuration, an accounting of attacker and defender costs and penetration probabilities provides cost-utility payoff matrices and penetration probability matrices. These can be used as decision tools by both the defender and attacker. Inspection of the matrices allows players to deduce preferred strategies (or COAs) based on game-theoretical equilibrium solutions. The matrices also help in analyzing anticipated effects of potential human-based choices of wargame strategies and counter-strategies. We describe a mathematical game-theoretic formalism and offer detailed analysis of a table-top cyber wargame executed at the US Army Research Laboratory. Our analysis shows how game-theoretical calculations can provide an effective tool for decision-making during cyber wargames.