The MURI research team will develop a novel game theory framework to address the continuous computer hacking attacks, known as advanced persistent threats, which are essentially a game played between the system and adversary, where each is constantly trying to outsmart the other. A unique trait of advanced persistent threats is that they consist of a variety of different attacks over time. Economic game theory, which most modeling methods are grounded in, does not work well in this type of attack. To develop the new framework, the researchers will use a combination of statistical modeling, adaptive game theory, machine learning and control and systems theory. They plan to model the strategic interactions between the malware attacks and develop a methodology to determine which side is “gaining” or “losing” in the attack, which will enable the system to know when to activate a specific defense.
Analytical Framework for Actionable Defense against Advanced Persistent Threats