Final published version
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Other chapter contribution
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Other chapter contribution
}
TY - CHAP
T1 - Random Damage in Interconnected Networks
AU - König, Sandra
AU - Gouglidis, Antonios
PY - 2018/5/31
Y1 - 2018/5/31
N2 - When looking at security incidents in Industrial Control System (ICS) networks, it appears that the interplay between an attacker and a defender can be modeled using a game-theoretic approach. Preparing a game require several steps, including the definition of attack and defense strategies, estimation of payoffs, etc. Specifically, during the preparation of a game, the estimation of payoffs (i.e. damage) for each possible scenario is one of its core tasks. However, damage estimation is not always a trivial task since it cannot be easily predicted, primarily due to incomplete information about the attack or due to external influences (e.g. weather conditions, etc.). Therefore, it is evident that describing the payoffs by means of a probability distribution may be an appropriate approach to deal with this uncertainty. In this chapter, we show that if the network structure of an organization is known, it is possible to estimate the payoff distribution by means of a stochastic spreading model. To this extend, the underlying network is modeled as a graph whose edges are classified depending on their properties. Each of these classes has a different probability of failure (e.g. probability of transmitting a malware). Finally, we demonstrate how these probabilities can be estimated, even if only subjective information is available.
AB - When looking at security incidents in Industrial Control System (ICS) networks, it appears that the interplay between an attacker and a defender can be modeled using a game-theoretic approach. Preparing a game require several steps, including the definition of attack and defense strategies, estimation of payoffs, etc. Specifically, during the preparation of a game, the estimation of payoffs (i.e. damage) for each possible scenario is one of its core tasks. However, damage estimation is not always a trivial task since it cannot be easily predicted, primarily due to incomplete information about the attack or due to external influences (e.g. weather conditions, etc.). Therefore, it is evident that describing the payoffs by means of a probability distribution may be an appropriate approach to deal with this uncertainty. In this chapter, we show that if the network structure of an organization is known, it is possible to estimate the payoff distribution by means of a stochastic spreading model. To this extend, the underlying network is modeled as a graph whose edges are classified depending on their properties. Each of these classes has a different probability of failure (e.g. probability of transmitting a malware). Finally, we demonstrate how these probabilities can be estimated, even if only subjective information is available.
M3 - Other chapter contribution
SN - 9783319752679
T3 - Static & Dynamic Game Theory: Foundations and Applications
BT - Game Theory for Security and Risk Management
A2 - Rass, Stefan
A2 - Schauer, Stefan
PB - Springer Birkhäuser
CY - Basel
ER -