By Topic

A Game Theoretic Approach for Quantitative Evaluation of Security by Considering Hackers with Diverse Behaviors

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Moayedi, B.Z. ; Performance & Dependability Eng. Lab., Iran Univ. of Sci. & Technol., Tehran, Iran ; Azgomi, M.A.

The most serious problem in the area of quantitative security evaluation is modeling of hacker's behavior. Because of the intelligent and complicated mental aspects of hackers, there are many challenges to model their behavior. Recently, there have been some efforts to use game theory for predicting hacker's behavior. However, it is necessary to revise the proposed approaches if there is a society of hackers with significant diversity in their behaviors. In this paper, we have examined our newly introduced approach to extend the basic ideas of using game theory to predict transition rates in stochastic models. The proposed method categorizes the society of hackers based on two main criteria used widely in hacker classification: motivations and skills. Markov chains are used to model the system. Based on the preferences of each class of hackers and the distribution of skills in each class, the transition rates between the states are computed. The resulting Markov chains can be solved to obtain the corresponding security measures of the system. We have explored some of the applications of the method and have shown that the method facilitates the study of relationships between important factors of hackers/defenders societies and different security measures of the system.

Published in:

Dependable, Autonomic and Secure Computing, 2009. DASC '09. Eighth IEEE International Conference on

Date of Conference:

12-14 Dec. 2009