Steganography and Probabilistic Risk Analysis: A Game Theoretical Framework for Quantifying Adversary Advantage and Impact

TL;DR

This paper develops a game-theoretic framework for steganography in adversarial settings, framing defender $\mathcal{U}$ and attacker $\mathcal{A}$ as non‑cooperative players and deriving a Mixed Nash Equilibrium with probabilities $p^*$ and $q^*$. It couples payoff‑based decision making with a probabilistic risk analysis that embeds the adversary’s advantage into Monte Carlo simulations, providing a quantitative assessment of risk under positive, negative, and zero advantage regimes. The key contributions include explicit equilibrium formulas, a sensitivity analysis linking payoff parameters to strategic choices, and a scalable risk framework that highlights how protecting information via steganography interacts with breach costs and harmony benefits. The work offers practical guidance for security investment under uncertainty and illustrates how adversarial advantage shapes risk, enabling more informed resource allocation in complex security environments.

Abstract

In high-risk environments where unlawful surveillance is prevalent, securing confidential communications is critical. This study introduces a novel steganographic game-theoretic model to analyze the strategic interactions between a defending company and an adversary. By framing the scenario as a non-cooperative game, there is systematic evaluation of optimal strategies for both parties, incorporating costs and benefits such as implementation expenses, potential data leaks, and operational advantages. The derived equilibrium probabilities enable the assessment of success rates, illustrating conditions under which the company benefits from hiding messages or faces increased risks when not implementing steganography. Sensitivity analysis explores how changes in key parameters impact these strategies, enhancing the understanding of decision-making in secure communications. Furthermore, the introduction of an adversary model that quantifies the adversary's advantage using conditional probabilities derived from success rates allows for a quantitative measure of the adversary's effectiveness based on the defender's strategies. By integrating the adversary's advantage into a novel risk analysis framework and employing Monte Carlo simulations, dynamic interactions are captured across advantage scenarios, considering factors like impact factor, steganography effectiveness, and equilibrium probabilities. This comprehensive framework offers practical insights into optimizing security strategies by quantifying potential risk reductions when the adversary is disadvantaged, providing a clear methodology for assessing and mitigating adversarial threats in complex security environments.

Figures (7)

• Figure 1: Analysis flow of the Steganographic Security game $\mathcal{G}(C,B)$: this illustration depicts the game's pure Nash Equilibrium analysis presented in subsection \ref{['PureNashAnalysis']}. The coloured arrows indicate the preferable change from one payoff to another, while the different coloured rectangles represent all states in the game analysis.
• Figure 2: This figure shows the relationship between $\mathcal{U}$'s expected payoff and the probability of using steganography. The blue line depicts the expected payoff for hiding, while the red line shows the payoff for not hiding. The intersection at $q^{*} = 0.20$ marks the equilibrium, where expected payoffs are equal, resulting in an equilibrium payoff of £100,000. This point indicates that $\mathcal{U}$ achieves an optimal balance by hiding with a 20% probability.
• Figure 3: The figure shows $\mathcal{A}$'s expected payoff based on the probability of attacking or searching for hidden information. The blue line indicates payoff when attacking, while the red dashed line represents the payoff when not attacking. At $p^* = 0.88$, both actions yield equal payoffs of £0. This high attack probability highlights $\mathcal{A}$’s motivation for surveillance, driven by the high reward of successful data exfiltration compared to surveillance costs, though it also shows diminishing returns as attack probability rises.
• Figure 4: This figure provides a representation of the Nash equilibrium distribution, highlighting areas of high and low equilibrium densities through variations in colour intensity. Regions close to the red colours suggest a higher concentration of data points near the optimal strategies, demonstrating areas of dense equilibrium. Conversely, areas rendered in blue hues signify a sparser distribution of data points, indicating regions further removed from the equilibrium strategies ($p^* = 0.88$ and $q^* = 0.2$).
• Figure 5: Sensitivity analysis of equilibrium probabilities for both the adversary ($p^*$) and the company ($q^*$) across various parameters. Subplots (a) and (b) display the sensitivity of $p^*$ with respect to the cost of surveillance $C^{A}_{look}$ and the benefit of a successful breach $B^{A}_{leak}$, respectively. As $C^{A}_{look}$ rises, $p^*$ decreases, whereas higher $B^{A}_{leak}$ results in an increased likelihood of attack. Subplots (c) and (d) show the sensitivity of $q^*$ concerning the benefit of harmony $B^{U}_{harmony}$ and the benefit of hiding information $B^{U}_{hide}$. An increase in $B^{U}_{harmony}$ reduces the need for hiding, while higher $B^{U}_{hide}$ leads to a greater probability of using steganography. Subplots (e) and (f) illustrate the sensitivity of $q^*$ with respect to the cost of hiding $C^{U}_{hide}$ and the potential cost of a security breach $C^{U}_{leak}$. Here, higher $C^{U}_{hide}$ reduces $q^*$, while increased $C^{U}_{leak}$ incentivizes greater use of steganography by the company.

Theorems & Definitions (15)

• Definition 3.1
• Definition 3.2
• Definition 3.3
• Lemma 1
• Definition 4.1
• Theorem 1
• Proposition 1
• Proof 1
• Proposition 2
• Proof 2