Abstract
Modeling and simulation provide many excellent benefits in preparation for successful cyber operations. Whether used for creating realistic training environments, testing new cyber warfare techniques, or predicting possible adversary actions, it is critical for such simulations to take into account the possibility of an active cyber adversary, able to adapt its plans to network conditions. Without realtime high fidelity modeling and simulation, training fails to address how to cope with intelligent and adaptive opponents, and operations become trial and error exercises rife with high-risk improvisation in situations where the adversary does not follow a well defined script. Unfortunately, current simulation techniques are insufficient to model adversaries capable of dynamic adjustment to changes in the simulation environment. Either adversary actions are completely pre-scripted, or live red teams are required to be on hand to tailor adversary actions to circumstances. In this paper, we present a technique for avoiding the prohibitive cost associated with requiring live red team participation during each use of a simulation environment while still providing the advantages dynamic adversary modeling provides. Our approach utilizes game theoretic techniques, using a new probability based search technique to curtail the search-space explosion issues that previous attempts in this area have encountered. This technique, entitled Partially-Serialized Probability Cutoff Search, also includes a new approach to modeling time, allowing modeling of anticipatory strategies and time-dependent attack techniques.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Tesauro, G.: Temporal Difference Learning and TD-Gammon. Communications of the ACM. 38(3), 58–68 (1995)
Body, M., Gohde, J., Haigh, T., Harp, S.: Course of Action Generation for Cyber Security Using Classical Planning. ICAPS. (2005)
Wang, L., Noel S., Jajodia, S.: Minimmum-Cost Network Hardening using Attach Graphs. Computer Communications. 29(18), 3812–3824 (2006)
Cone, B., Irvine, C., Thompson, M., Nguyen, T.: A Video Game for Cyber Security Training and Awareness. Computers and Security. 26(1), 63–72 (2007)
Katz, A., Butler, B.: ”Game Commander” - Applying an Architecture of Game Theory and Tree Lookahead to the Command and Control Process. Conference on AI, Simulation and Planning. (1994)
Winstron, P.: Artificial Intelligence. Addison-Wesley (1992)
Carmel, D.,Markovitch, S.: Learning and using Opponent Models in Adversary Search. Technical Report CIS9606. (1996)
Donkers, H. et al.: Implementing β-pruning Opponent-Model Search, Technical Report CS 00-05 IKAT, Universiteit Maastricht, Maastricht, The Netherlands. (2000)
Duda, R., Hart, P.: Pattern Classification and Scene Analysis. Wiley and Sons (1973)
Samuel, A.: Some studies in Machine Learning using the Game of Checkers.: IGM Journal of Research and Development 3(3), 211–229 (1959)
Tesauro, G.: TD-Gammon, a Self-Teaching Backgammon Program, reaches master-level play.: Neural Computation 6(2), 215–219 (1994)
Hsu, F. et. al.: Deep Thought. In T. A. Marsland and J. Schaeffer (eds.) Computer Chess and Cognition pp.55-78. Spinger Verlag (1990)
Buro, M.: Statistical Feature Combination for Evaluation of Game Positions.: JAIR 3, 373– 382 (1995)
Utgoff, P.: Constructive Function Approximation.: Technical Report 97-4, University of Mass. (1997)
Hamilton, S., Miller, W., Ott, A., Saydjari, O.: The Role of Game Theory in Information Warfare.: The Information Survivability Workshop (2001)
Meyers, K., Saydjari, O.: ARDA Cyber Strategy and Tactics Workshop Final Report. (2002).
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 IFIP International Federation for Information Processing
About this paper
Cite this paper
Hamilton, S.N., Hamilton, W.L. (2008). Adversary Modeling and Simulation in Cyber Warfare. In: Jajodia, S., Samarati, P., Cimato, S. (eds) Proceedings of The Ifip Tc 11 23rd International Information Security Conference. SEC 2008. IFIP – The International Federation for Information Processing, vol 278. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-09699-5_30
Download citation
DOI: https://doi.org/10.1007/978-0-387-09699-5_30
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-09698-8
Online ISBN: 978-0-387-09699-5
eBook Packages: Computer ScienceComputer Science (R0)