A Non-Zero-Sum Game Model for Optimal Cyber Defense Strategies
Dongyoung Park, Gaby G. Dagher
TL;DR
The paper addresses optimal cyber defense under adversarial exploits using a static non-zero-sum game on an attack graph. It defines defender and attacker reward functions that incorporate exploit probabilities, costs, node values, and honeypot costs, and computes Nash equilibria via linear programming and polytope methods. A case study with networks of 2-4 nodes demonstrates that defenders should concentrate resources on high-value nodes and that increasing network size dilutes attacker impact, with heuristic approaches offering scalability gains. The results provide a practical, scalable framework for defense resource allocation and cyber deception in real networks.
Abstract
In the contemporary digital landscape, cybersecurity has become a critical issue due to the increasing frequency and sophistication of cyber attacks. This study utilizes a non-zero-sum game theoretical framework to model the strategic interactions between cyber attackers and defenders, with the objective of identifying optimal strategies for both. By defining precise payoff functions that incorporate the probabilities and costs associated with various exploits, as well as the values of network nodes and the costs of deploying honeypots, we derive Nash equilibria that inform strategic decisions. The proposed model is validated through extensive simulations, demonstrating its effectiveness in enhancing network security. Our results indicate that high-probability, low-cost exploits like Phishing and Social Engineering are more likely to be used by attackers, necessitating prioritized defense mechanisms. Our findings also show that increasing the number of network nodes dilutes the attacker's efforts, thereby improving the defender's payoff. This study provides valuable insights into optimizing resource allocation for cybersecurity and highlights the scalability and practical applicability of the game-theoretic approach.