Professional Documents
Culture Documents
Preview
Preview
by
Shanice Gilkes
W
A Capstone Project Submitted to the Faculty
Utica University
IE
May 2022
EV
ii
Abstract
Cybersecurity threats have increased significantly over time. Cybersecurity professionals have
been attempting various solution models in response to this trend. Many of these models,
including the Fault Tree Analysis (FTA) and Q-Learning, have major weaknesses like providing
an insufficient possible range of options for cybersecurity professionals to respond to the ever-
changing threat of cyber-attackers. The purpose of the current research was to explore game
theory security models to investigate whether they can effectively provide cybersecurity
professionals with a wide range of options for responding to cybersecurity threats effectively and
efficiently. The researcher sampled a wide range of credible scholarly articles from Utica
W
University's online library for review on the topic of study. The study findings showed that game
IE
theory models could be an excellent tool for responding to cybersecurity threats. They rely on
proven mathematical models that can model probabilities to predict attack patterns. Game theory
EV
models rely on behavior and situation analysis, allowing cyber security professionals to
understand possible patterns of attack upfront and respond accordingly. Cyber security
professionals can use either cooperative, non-cooperative, or static models, thus effectively
PR
modeling solutions. Game theory models can quantitatively detect cyber-related risks and
provide cyber security professionals with appropriate metrics to implement in response to the
risks. Further, the findings showed that game theory models are a versatile tool, providing
cybersecurity professionals with methods for analyzing the interconnected nature of cyber
cybersecurity professionals.
iii
Acknowledgments
I want to use this opportunity to acknowledge all those who played a role in making this
work a success. First of all, I would like to mention the immense input of Professor Carmen
Mercado, whose guidance was very inevitably helpful in allowing me to tune the study in the
right direction, right from its conceptualization of it to the final details. I also acknowledge the
input of Professor Zambotti and my second reader, Professor William Hagestad. They further
helped ensure that I was editing the work in the best ways possible to make it professional and
scholarly content for this level of study. I am also much thankful to my Mother, brothers, and
sisters, who were all very understanding over the time I was working on the capstone research
W
paper and provided me with all support that I needed from them to make the work a success.
IE
EV
PR
iv
Table of Contents
W
Discussion of the Findings ............................................................................................................ 23
The General and Specific Problem ............................................................................................ 23
Models for Cybersecurity Crime Responses ............................................................................. 24
IE
The Fault Tree Analysis (FTA) Model. ............................................................................. 24
The Q-Learning Model. ..................................................................................................... 25
Recommendations ......................................................................................................................... 31
Conclusion ..................................................................................................................................... 32
EV
References ..................................................................................................................................... 34
PR
v
List of Illustrative Materials
W
IE
EV
PR
vi
Applicability of Game Theory in Cybersecurity Defense Decision Making
The world has witnessed a substantial revolutionization in almost every sphere of life
through the increased use of the Internet to perform tasks that traditionally have been only
possible by being executed by people physically. From online education to online transactions
and even medication consultations, more and more people have turned to the Internet to carry out
transactions and activities that would otherwise be required to take place physically.
Unfortunately, such an increase in the traffic going to various internet platforms has faced a
attack is significant in terms of costs that can be incurred with a successful cyberattack and has
W
previously been very costly to individuals and corporations, including national governments (Ho
IE
et al., 2022). For instance, taking the example of attacks like the one that caused the Finance
Department and Treasury Board to disconnect from the internet in 2011 and the 2014 incidence
EV
involving the hacking of Sony Pictures, it is notable that cybercriminals can direct their attacks to
anyone, including private citizens or organizations and even government agencies (Do et al.,
2017). The increase in the degree and the damage results of cyber-attacks directly links to several
PR
factors that motivate cybercriminals who perpetrate such Internet crimes. According to Cuong et
al. (2017), the core among these favorable factors for cybercriminals is plenty of personal data
that organizations are increasingly storing in the cloud to facilitate smooth online transactions.
The lack of robust cybersecurity models that can effectively and timely allow cybersecurity
professionals to respond to attacks when they have happened. As used in cyber security, personal
data is any identifiable information, including but not limited to personal social security number,
personal, national identification number, personal bank account details, and personal mobile
1
Background of the Problem
effective and efficient in responding to cybersecurity attacks. An example of such a model is the
Fault Tree Analysis (FTA). In FTA, an analysis of system failures in a top-down approach and
the undesired state of the system is analyzed through the use of Boolean logic, as illustrated in
Figure 1, to combine a series of lower-level events that could have been responsible for the
Figure 1
W
IE
EV
PR
Notable shortcomings of the FTA model as a tool for causal analysis in cyber security are
that it lacks standardized tress construction that cybersecurity professionals can apply for
persistent threats (APT) requires more than technical strategies since threats link to faceless
opponents and external forces. The fact that APTs always remain obscured and dynamic
assessment of returns on security investments (Kumar et al., 2022; Rass et al., 2017).
cybersecurity, the goal of the Q-learning principle is to form a Markov process by making
W
discrete and finite-state movements and selecting an action from a finite available action at any
IE
one time. The Q-learning principle improves the quality of the choice of actions from the finite
set of actions. Consequently, it helps find a strategy with the highest chance of profitability in
EV
line with the goal of game theory. However, while Q-learning considers some elements of game
theory in its reasoning and applicability, it presents the limitation of not being thoroughly
investigated and the problem of a limited or finite set of actions that cybersecurity professionals
PR
can base the next course of action. In the ever-changing nature of cybersecurity attacks, the
response models to such attacks need to present an infinite number of possible alternatives so
that cybersecurity professionals literary can have unlimited possibilities from which they can
To overcome the limitations presented by models like the FTA, it has been necessary that
researchers and cybersecurity professionals consider testing other models. One of these models is
the game theory. According to current research, its applicability in cybersecurity is a widely
studied area owing to the continued increase in various cyber-attack methods. With the help of
Reproduced with permission of copyright owner. Further reproduction prohibited without permission.