Incentive-based modeling and inference of attacker intent, objectives, and strategies

Peng Liu, Wanyu Zang, Meng Yu

Research output: Contribution to journalArticlepeer-review

138 Scopus citations

Abstract

Although the ability to model and infer attacker intent, objectives, and strategies (AIOS) may dramatically advance the literature of risk assessment, harm prediction, and predictive or proactive cyber defense, existing AIOS inference techniques are ad hoc and system or application specific. In this paper, we present a general incentive-based method to model AIOS and a game-theoretic approach to inferring AIOS. On one hand, we found that the concept of incentives can unify a large variety of attacker intents; the concept of utilities can integrate incentives and costs in such a way that attacker objectives can be practically modeled. On the other hand, we developed a game-theoretic AIOS formalization which can capture the inherent interdependency between AIOS and defender objectives and strategies in such a way that AIOS can be automatically inferred. Finally, we use a specific case study to show how attack strategies can be inferred in real-world attack-defense scenarios.

Original languageEnglish (US)
Pages (from-to)78-118
Number of pages41
JournalACM Transactions on Information and System Security
Volume8
Issue number1
DOIs
StatePublished - Feb 2005

All Science Journal Classification (ASJC) codes

  • Computer Science(all)
  • Safety, Risk, Reliability and Quality

Fingerprint Dive into the research topics of 'Incentive-based modeling and inference of attacker intent, objectives, and strategies'. Together they form a unique fingerprint.

Cite this