How Shall We Play a Game? A Game-theoretical Model for Cyber-warfare Games

Tiffany Bao, Yan Shoshitaishvili, Ruoyu Wang, Christopher Kruegel, Giovanni Vigna, David Brumley

Research output: Chapter in Book/Report/Conference proceedingConference contribution

9 Scopus citations


Automated techniques and tools for finding, exploiting and patching vulnerabilities are maturing. In order to achieve an end goal such as winning a cyber-battle, these techniques and tools must be wielded strategically. Currently, strategy development in cyber - even with automated tools - is done manually, and is a bottleneck in practice. In this paper, we apply game theory toward the augmentation of the human decision-making process.Our work makes two novel contributions. First, previous work is limited by strong assumptions regarding the number of actors, actions, and choices in cyber-warfare. We develop a novel model of cyber-warfare that is more comprehensive than previous work, removing these limitations in the process. Second, we present an algorithm for calculating the optimal strategy of the players in our model. We show that our model is capable of finding better solutions than previous work within seconds, making computer-time strategic reasoning a reality. We also provide new insights, compared to previous models, on the impact of optimal strategies.

Original languageEnglish (US)
Title of host publicationProceedings - IEEE 30th Computer Security Foundations Symposium, CSF 2017
PublisherIEEE Computer Society
Number of pages15
ISBN (Electronic)9781538632161
StatePublished - Sep 25 2017
Externally publishedYes
Event30th IEEE Computer Security Foundations Symposium, CSF 2017 - Santa Barbara, United States
Duration: Aug 21 2017Aug 25 2017

Publication series

NameProceedings - IEEE Computer Security Foundations Symposium
ISSN (Print)1940-1434


Other30th IEEE Computer Security Foundations Symposium, CSF 2017
Country/TerritoryUnited States
CitySanta Barbara

ASJC Scopus subject areas

  • General Engineering


Dive into the research topics of 'How Shall We Play a Game? A Game-theoretical Model for Cyber-warfare Games'. Together they form a unique fingerprint.

Cite this