Extending Anticipation Games with Location Penalty and Timeline

Over the last few years, attack graphs have became a well recognized tool to analyze and model complex network attack. The most advanced evolution of attack graphs, called anticipation games, is based on game theory. However even if anticipation games allow to model time, collateral effects and player interactions with the network, there is still key aspects of the network security that cannot be modeled in this framework. Theses aspects are network cooperation to fight unknown attack, the cost of attack based on its duration and the introduction of new attack over the time. In this paper we address these needs, by introducing a three-fold extension to anticipation games. We prove that this extension does not change the complexity of the framework. We illustrate the usefulness of this extension by presenting how it can be used to find a defense strategy against 0 days that use an honey net. Finally, we have implemented this extension into a prototype, to show that it can be used to analyze large networks security.
Revised Selected Papers of the 5th International Workshop on Formal Aspects in Security and Trust 2008


Share this paper on your favorite social network.

Stay in touch

Join the 35K awesome readers community!



Be in the Know

Join thousands of readers who receive my latest blog posts in their inbox.
No spam I promise and you can unsubscribe anytime.
Elie Bursztein © 2017
About Me

Recent entries