A Game Theoretical Attack-Defense Model Oriented to Network Security Risk Assessment

How to quantify the threat probability in network security risk assessment is an important problem to be solved. Most of the existing methods tend to consider the attacker and defender separately. However, the decision to perform the attack is a trade-off between the gain from a successful attack and the possible consequences of detection; meanwhile, the defender’ssecurity strategy depends mostly on the knowledge of the intentions of the attacker. Therefore, ignoring the connections between the attacker and defender’s decisions does not correspond to reality. Game theory is the study of the ways in which strategic interactions among rational players produceoutcomes with respect to the utilities of those players. In this paper, a novel Game Theoretical Attack-Defense Model (GTADM) which quantifies the probability of threats is proposed in order to construct a risk assessment framework. According to the cost-benefit analysis, we define the method of formulating the payoff matrix; the equilibrium of the model is also analyzed. In the end, a simple scenario is presented to illustrate the usage of GTADM in the risk assessment framework to show its efficiency.