On the value of exposure and secrecy of defense system: First-mover advantage vs. robustness

Nikoofal, Mohammad E.; Zhuang, Jun

doi:10.1016/j.ejor.2015.04.043

Cited by 42 publications

(24 citation statements)

References 50 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…with one defender and N attackers. The defender is assumed to act first, specifying the defense effort d to leverage the first‐mover advantage suggested by Nikoofal and Zhuang () and Zhuang and Bier (), though Nikoofal and Zhuang () point out that disclosure of the defense information may not always be beneficial to the defender. Then, all the attackers move simultaneously based on d .…”

Section: Multiple Attackers Modelmentioning

confidence: 99%

A Study on a Sequential One‐Defender‐N‐Attacker Game

Xu¹,

Zhuang²

2019

Risk Analysis

Self Cite

View full text Add to dashboard Cite

Government usually faces threat from multiple attackers. However, in the literature, researchers often model attackers as one monolithic player who chooses whether to attack, how much investment to spend, and on which target, instead of treating multiple attackers as independent agents. This modeling strategy may potentially cause suboptimal defense investment if the attackers have vastly different interests and preferences and may not be combined as one in theory. In this article, we develop a sequential game with complete information. This model considers one defender explicitly dealing with multiple unmergeable attackers. Thorough numerical experiments are conducted using ratio and exponential contest success functions under different scenarios. The result is also contrasted with the corresponding single attacker model to study the effect of mishandling multiple attackers. The propositions and observations drawn from the numerical experiments provide insights for government decision making with a better understanding of the attackers' behavior.

show abstract

Section: Multiple Attackers Modelmentioning

confidence: 99%

A Study on a Sequential One‐Defender‐N‐Attacker Game

Xu¹,

Zhuang²

2019

Risk Analysis

Self Cite

View full text Add to dashboard Cite

show abstract

“…Analogous, participation cost‐related factors were investigated by Tosh et al Ghose and Hausken modeled relationships between attackers carrying out an attack against an enterprise to investigate the incentives for and the optimal level of sharing the information about the company's vulnerabilities. Nikoofal and Zhuang, Zhuang et al, Zhuang and Bier, and Dighe et al applied game theory to determine the role of sharing cybersecurity information in cyberdefense strategies. Another approach was adopted by Sedenberg and Mulligan who analyzed public health care as a model that enabled identifying guiding principles for cybersecurity IS.…”

Section: Related Workmentioning

confidence: 99%

Threat intelligence platform for the energy sector

Wróbel

2019

Softw Pract Exp

View full text Add to dashboard Cite

In recent years, critical infrastructures and power systems in particular have been subjected to sophisticated cyberthreats, including targeted attacks and advanced persistent threats. A promising response to this challenging situation is building up enhanced threat intelligence (TI) that interlinks information sharing and fine-grained situation awareness. In this paper, a framework that integrates all levels of TI, ie, strategic, tactical, operational, and technical, is presented. The platform implements the centralized model of information exchange with peer-to-peer interactions between partners as an option. Several supportive solutions were introduced, including anonymity mechanisms or data processing and correlation algorithms. A data model that enables communication of cyberincident information, both in natural language and machine-readable formats, was defined. Similarly, security requirements for critical components were devised. A pilot implementation of the platform was developed and deployed in the operational environment, which enabled practical evaluation of the design. Also, the security of the anonymity architecture was analyzed.

show abstract

“…(2010), and Dighe et al . (2009) apply game theory to model strategies of the defender's secrecy and deception strategies in attacker–defender games with incomplete information . The strategic interactions among stakeholders are rather essential in the practice.…”

Section: Current Information Sharing Architecturesmentioning

confidence: 99%

Perspectives on Cybersecurity Information Sharing among Multiple Stakeholders Using a Decision‐Theoretic Approach

Devine

Zhuang

2017

Risk Analysis

Self Cite

View full text Add to dashboard Cite

The government, private sectors, and others users of the Internet are increasingly faced with the risk of cyber incidents. Damage to computer systems and theft of sensitive data caused by cyber attacks have the potential to result in lasting harm to entities under attack, or to society as a whole. The effects of cyber attacks are not always obvious, and detecting them is not a simple proposition. As the U.S. federal government believes that information sharing on cybersecurity issues among organizations is essential to safety, security, and resilience, the importance of trusted information exchange has been emphasized to support public and private decision making by encouraging the creation of the Information Sharing and Analysis Center (ISAC). Through a decision-theoretic approach, this article provides new perspectives on ISAC, and the advent of the new Information Sharing and Analysis Organizations (ISAOs), which are intended to provide similar benefits to organizations that cannot fit easily into the ISAC structure. To help understand the processes of information sharing against cyber threats, this article illustrates 15 representative information sharing structures between ISAC, government, and other participating entities, and provide discussions on the strategic interactions between different stakeholders. This article also identifies the costs of information sharing and information security borne by different parties in this public-private partnership both before and after cyber attacks, as well as the two main benefits. This article provides perspectives on the mechanism of information sharing and some detailed cost-benefit analysis.

show abstract

On the value of exposure and secrecy of defense system: First-mover advantage vs. robustness

Cited by 42 publications

References 50 publications

A Study on a Sequential One‐Defender‐N‐Attacker Game

A Study on a Sequential One‐Defender‐N‐Attacker Game

Threat intelligence platform for the energy sector

Perspectives on Cybersecurity Information Sharing among Multiple Stakeholders Using a Decision‐Theoretic Approach

Contact Info

Product

Resources

About