Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
149 tokens/sec
GPT-4o
7 tokens/sec
Gemini 2.5 Pro Pro
45 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
38 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Adversarial Knapsack and Secondary Effects of Common Information for Cyber Operations (2403.10789v1)

Published 16 Mar 2024 in cs.CR

Abstract: Variations of the Flip-It game have been applied to model network cyber operations. While Flip-It can accurately express uncertainty and loss of control, it imposes no essential resource constraints for operations. Capture the flag (CTF) style competitive games, such as Flip-It , entail uncertainties and loss of control, but also impose realistic constraints on resource use. As such, they bear a closer resemblance to actual cyber operations. We formalize a dynamical network control game for CTF competitions and detail the static game for each time step. The static game can be reformulated as instances of a novel optimization problem called Adversarial Knapsack (AK) or Dueling Knapsack (DK) when there are only two players. We define the Adversarial Knapsack optimization problems as a system of interacting Weighted Knapsack problems, and illustrate its applications to general scenarios involving multiple agents with conflicting optimization goals, e.g., cyber operations and CTF games in particular. Common awareness of the scenario, rewards, and costs will set the stage for a non-cooperative game. Critically, rational players may second guess that their AK solution -- with a better response and higher reward -- is possible if opponents predictably play their AK optimal solutions. Thus, secondary reasoning which such as belief modeling of opponents play can be anticipated for rational players and will introduce a type of non-stability where players maneuver for slight reward differentials. To analyze this, we provide the best-response algorithms and simulation software to consider how rational agents may heuristically search for maneuvers. We further summarize insights offered by the game model by predicting that metrics such as Common Vulnerability Scoring System (CVSS) may intensify the secondary reasoning in cyber operations.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (33)
  1. Common Vulnerability Scoreing System SIG. https://www.first.org/cvss/. Accessed: 2023-11-29.
  2. Nessus Vulnerabilty Scanner. https://www.tenable.com/products/nessus. Accessed: 2023-11-29.
  3. Open Vulnerability Assessment Scanner. https://www.openvas.org/. Accessed: 2023-11-29.
  4. Capture The Flag 101. CTF 101. https://www.ctf101.org, 2022.
  5. Random knapsack in expected polynomial time. Journal of Computer and System Sciences, 69(3):306–329, 2004.
  6. King of the hill: A novel cybersecurity competition for teaching penetration testing. In 2018 USENIX Workshop on Advances in Security Education (ASE 18), 2018.
  7. Cyber security via minority games with epistatic signaling. In Proceedings of the 8th international conference on bioinspired information and communications technologies, pages 133–140, 2014.
  8. Economics of security patch management. In Workshop on Economics of Information Security (WEIS 2006). Citeseer, 2006.
  9. Jump: A modeling language for mathematical optimization. SIAM Review, 59(2):295–320, 2017.
  10. Dynamic games in cyber-physical security: An overview. Dynamic Games and Applications, 9(4):884–913, 2019.
  11. A colonel blotto game for interdependence-aware cyber-physical systems security in smart cities. In Proceedings of the 2nd international workshop on science of smart city operations and platforms engineering, pages 7–12, 2017.
  12. Using CVSS in attack graphs. pages 59–66, 2011.
  13. Reducing attack surface by learning adversarial bag of tricks. In Workshop on Economics of Information Security (WEIS 2022), 2022.
  14. Reinforcement learning in flipit. arXiv preprint arXiv:2002.12909, 2020.
  15. A continuous colonel blotto game. Technical report, Rand Project Air Force Santa Monica Ca, 1950.
  16. A three-stage colonel blotto game with applications to cyberphysical security. In 2014 American Control Conference, pages 3820–3825. IEEE, 2014.
  17. Hack The Box. Hack The Box: Hacking Training For the Best. https://www.hackthebox.com, 2022.
  18. Enhancing vulnerability prioritization: Data-driven exploit predictions with community-driven insights. In 2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), pages 194–206. IEEE, 2023.
  19. A colonel blotto game for anti-jamming in the internet of things. In 2015 IEEE global communications conference (GLOBECOM), pages 1–6. IEEE, 2015.
  20. Flipthem: Modeling targeted attacks with flipit for multiple resources. In International Conference on Decision and Game Theory for Security, pages 175–194. Springer, 2014.
  21. Flipit game model-based defense strategy against cyberattacks on scada systems considering insider assistance. IEEE Transactions on Information Forensics and Security, 16:2791–2804, 2021.
  22. Dale McMorrow. Science of cyber-security. Technical report, The MITRE Corporation, 2010.
  23. Hiding information and signatures in trapdoor knapsacks. IEEE transactions on Information Theory, 24(5):525–530, 1978.
  24. Defense against advanced persistent threats: A colonel blotto game approach. In 2017 IEEE international conference on communications (ICC), pages 1–6. IEEE, 2017.
  25. Vulnerability severity scoring and bounties: Why the disconnect? In Proceedings of the 2nd International Workshop on Software Analytics, pages 8–14, 2016.
  26. Qflip: An adaptive reinforcement learning strategy for the flipit security game. In International Conference on Decision and Game Theory for Security, pages 364–384. Springer, 2019.
  27. Battle ground: Data collection and labeling of ctf games to understand human cyber operators. In Proceedings of the 16th Cyber Security Experimentation and Test Workshop, pages 32–40, 2023.
  28. The heterogeneous colonel blotto game. In 2014 7th international conference on NETwork Games, COntrol and OPtimization (NetGCoop), pages 232–238. IEEE, 2014.
  29. Adi Shamir. A polynomial time algorithm for breaking the basic merkle-hellman cryptosystem. In 23rd Annual Symposium on Foundations of Computer Science (SFCS 1982), pages 145–152. IEEE, 1982.
  30. A concept for strategic cyber defense. In MILCOM 1999. IEEE Military Communications. Conference Proceedings (Cat. No. 99CH36341), volume 1, pages 458–463. IEEE, 1999.
  31. Flipit: The game of “stealthy takeover”. Journal of Cryptology, 26(4):655–713, 2013.
  32. Recent advances on filtering and control for cyber-physical systems under security and resource constraints. Journal of the Franklin Institute, 353(11):2451–2466, 2016.
  33. Stealthy attacks and observable defenses: A game theoretic model under strict resource constraints. In 2014 IEEE Global Conference on Signal and Information Processing (GlobalSIP), pages 813–817. IEEE, 2014.
Citations (1)
View on Semantic Scholar

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now