GAME THEORETICAL APPROACH TO THE MODELING OF CONFLICTS IN INFORMATION SECURITY SYSTEMS
DOI:
https://doi.org/10.28925/2663-4023.2023.22.168178Keywords:
informational security; information conflicts; game-theoretic approach; player; maximin balance; Stackelberg balance; conflict management scenarioAbstract
The increase in the number and complexity of cyber threats forces us to study not only the technical aspects of cyber security, but also the social and interaction between participants in the digital space. The game-theoretic approach opens up opportunities for a deeper understanding of emerging conflicts and the development of effective management strategies to ensure cyber security. In this context, it is important to investigate how game theory can be applied to the analysis of conflicts in cyberspace and what practical conclusions can be drawn for the improvement of cyber security systems as a whole, which determined the relevance and importance of this work.
Based on the scientific literature, a review of various approaches to the application of game theory in information and cyber security systems was carried out. The main concepts of the concept of game theory are highlighted, such as player, strategy, winning and losing, which allows to structure and understand interactions in security systems. The most common types of games from the point of view of information security management are characterized: maximin equilibrium, Nash equilibrium, Pareto-optimal situations, Stackelberg equilibrium. A formal description of the game model in conflict conditions and a mechanism for applying game theory to modeling decisions in conflict situations in security systems have been developed. The subject area of the game of the conflict situation is presented for each of the “subject-subject” levels: the level of the individual (criminal — user); business level (internal and/or external violator — company manager); state level (violators/hackers — state institutions, state officials); the level of international relations (states, a group of subjects/hackers — institutions and/or political leaders of another state). Specific scenarios for managing conflict situations in security systems using a game-theoretic approach are proposed.
The results of the research can be used in the practice of solving conflict situations in organizations, serve for the development of software on this problem, and also as educational material for students of the specialty 125 Cybersecurity and information protection.
Downloads
References
Cavusoglu, H., & Zhang, J. (2008). Security Patch Management: Share the Burden or Share the Damage? Management Science, 54(4), 657–670.
Khalid, M., Al-Kadhimi, A., Singh, M. (2023). Recent Developments in Game-Theory Approaches for the Detection and Defense against Advanced Persistent Threats (APTs): A Systematic Review Mathematics, 11, 1353. https://doi.org/10.3390/math11061353
Shiyan, A. (2009) Game-theoretic analysis of rational human behavior and decision-making in the management of socio-economic systems. UNIVERSUM-Vinnytsia.
Buryachok, V., & Shiyan, A. (2014). Classification of technologies for informational and psychological influence on the process of rational human activity. Modern information protection, 1, 64–70.
Kolomiets, G. (2020). Application of game theory in taxation as a sphere of reconciliation of public and private interests. Bulletin of the Khmelnytskyi National University, 4(3), 202–205.
Ignatenko, O. (2017). Game-theoretic approach to the problem of network security. Programming problems, 3, 149–160.
Roy, S., et al. (2010). A Survey of Game Theory as Applied to Network Security, Proc. 43rd Hawaii International Conf. on Systems Sciences, 880–889.
Anwar, F., et al (2020). A Comprehensive Insight into Game Theory in relevance to Cyber Security. Indonesian Journal of Electrical Engineering and Informatics (IJEEI), 8, 189-203. https://doi.org/10.11591/ijeei.v8i1.1810
Ho E., et al. (2022). Game Theory in Defence Applications: A Review. Sensors, 22(3):1032. https://doi.org/10.3390/s22031032
Yevseiev, S., et al. (2020). Development and analysis of game-theoretical models of security systems agents interaction. Eastern-European Journal of Enterprise Technologies, 2, 15-29. https://doi.org/10.15587/1729-4061.2020.201418
D. Bauso. (2014). Game Theory: Models, Numerical Methods and Applications. Foundations and Trends in Systems and Control, 1(4), 379–522.
Kazimko, V. (2022). Application of game theory for modeling information security problems. Telecommunications and information technologies, 1(74). https://doi.org/10.31673/2412-4338.2022.011524
Akinwumi D., et al. (2017). A review of game theory approach to cyber security risk management. Nigerian Journal of Technology, 36(4). https://doi.org/10.4314/njt.v36i4.38
Shevchenko, S., Skladanniy, P., Negodenko, O., & Negodenko, V. (2022). Study of applied aspects of conflict theory in security systems. Cybersecurity: education, science, technology, 2(18), 150–162, https://doi.org/10.28925/2663-4023.2022.18.150162
Shevchenko S., et al. (2023). Conflict Analysis in the Information Security System: Subjct – Subject. CEUR Workshop Proceedings., 3421, 56-66. https://ceur-ws.org/Vol-3421/paper6.pdf
Borel, E. (1921). La théorie du jeu les équations intégrales á noyau symétrique. Comptes Rendus de l'Académie, 173, 1304–1308.
Mi, Y., et al. (2021). Optimal Network Defense Strategy Selection Method: A Stochastic Differential Game Model. Security and Communication Networks, 2021, 1–16. https://doi.org/10.1155/2021/5594697
Huang, S., et al. (2018). Markov differential game for network defense decision-making method. IEEE Access, 6, 39621–39634. https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=8387766
Kumar, R. et al. (2018). Effective Analysis of Attack Trees: A Model-Driven Approach. Fundamental Approaches to Software Engineering. Lecture Notes in Computer Science, 10802. https://doi.org/10.1007/978-3-319-89363-1_4
Nguyen T., et al. (2018). Multistage Attack Graph Security Games: Heuristic Strategies, with Empirical Game-Theoretic Analysis. Security and Communication Networks, 2018. https://doi.org/10.1155/2018/2864873
Published
How to Cite
Issue
Section
License
Copyright (c) 2023 Світлана Шевченко , Юлія Жданова, Павло Складанний, Софія Бойко
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
