Towards a Multi-Agent Simulation of Cyber-attackers and Cyber-defenders Battles
It addresses the need for better simulation tools for cybersecurity professionals to test defense strategies against coordinated attacks, though it appears incremental in applying existing multi-agent methods to this domain.
This paper tackles the problem of simulating complex cyber-attacks and defenses by developing a multi-agent Markovian simulator to model battles between cyber-attacker and cyber-defender agents on network nodes, providing an experimental framework for assessing dynamic defense strategies in realistically inspired scenarios.
As cyber-attacks show to be more and more complex and coordinated, cyber-defenders strategy through multi-agent approaches could be key to tackle against cyber-attacks as close as entry points in a networked system. This paper presents a Markovian modeling and implementation through a simulator of fighting cyber-attacker agents and cyber-defender agents deployed on host network nodes. It aims to provide an experimental framework to implement realistically based coordinated cyber-attack scenarios while assessing cyber-defenders dynamic organizations. We abstracted network nodes by sets of properties including agents' ones. Actions applied by agents model how the network reacts depending in a given state and what properties are to change. Collective choice of the actions brings the whole environment closer or farther from respective cyber-attackers and cyber-defenders goals. Using the simulator, we implemented a realistically inspired scenario with several behavior implementation approaches for cyber-defenders and cyber-attackers.