Nav: Home

Game theory could improve cyberwarfare strategy

March 01, 2017

ANN ARBOR--Whether a nation should retaliate against a cyber attack is a complicated decision, and a new framework guided by game theory could help policymakers determine the best strategy.

The "Blame Game" was developed in part by Robert Axelrod, a University of Michigan political scientist who is well known for solving a version of the classic game theory scenario known as "the prisoner's dilemma." Axelrod is the Walgreen Professor for the Study of Human Understanding at the U-M Gerald R. Ford School of Public Policy.

The new study, published in Proceedings of the National Academy of Sciences this week, examines when a victim should tolerate a cyber attack, when a victim should respond--and how. The researchers, including others from the University of Michigan and their colleagues at the University of New Mexico and IBM Research, use historical examples to illustrate how the Blame Game applies to cases of cyber or traditional conflict involving the United States, Russia, China, Japan, North Korea, Estonia, Israel, Iran and Syria.

It is released as the U.S. faces increasing cybersecurity threats, including the recent attacks against the Democratic National Committee and the Chinese theft of databases containing the personal information of 21.5 million federal employees.

"Conflict is increasingly common and severe on the internet today, as governments and corporations have recognized its potential as an instrument of power and control," said Stephanie Forrest, a distinguished professor at the University of New Mexico and an external faculty member at the Santa Fe Institute.

"Unlike nuclear technology, it can be extremely challenging to identify the party responsible for a cyber attack, and this complicates the strategic decision of when to assign blame. Our model elucidates these issues and identifies key parameters that must be considered in formulating a response."

In many cases it may be rational for nations to tolerate cyber attacks, even in the face of strong public criticism.

"You might think you should always publicly blame and retaliate in a cyberwarfare situation," Axelrod said. "But that's not true. The reason it's not is that the attacker may not be vulnerable. It may not matter whether they're blamed or not. And if that's true, you might be in a situation where if you assign blame, your own people would expect you to do something, but there's nothing you can do."

Blame Game offers a series of questions that policymakers can ask as they work through how to respond to a cyber attack. Victims should first ask: Do I know if my attacker is vulnerable? Vulnerability comes in several forms. It could mean a nation is susceptible to a counter cyber attack. It could also mean the attacker is in a difficult geopolitical position and being blamed for a high-profile cyber breach could be detrimental.

If the victim knows that the attacker is vulnerable, the framework moves to the next question: Is the cost of doing nothing higher than the cost of blaming? Nations should always assign blame if the attacker is vulnerable.

Victims can next determine whether to counter attack, switching sides in the game theory model. Questions potential attackers should ask are: Am I vulnerable to blame? If I am, does my intended victim know this? If the answer to either question is no, an attack may be the right option.

While the questions are straightforward, the researchers say the answers are not.

In the cyber domain, assigning blame for an attack or intrusion is complicated both by technical factors and by lack of agreement on basic definitions, such as what constitutes an attack or what counts as critical infrastructure, according to the study.

But the stakes are high.

"It's certainly possible that cyber attacks could be used in a much larger way than we've seen yet," Axelrod said. "It pays to try to understand as much as we can about the incentives and dynamics so we can think about how to prevent them. We hope our model will help policymakers identify gaps in their knowledge and focus on estimating parameters in advance of new cyber attacks."
-end-
The study was funded in part by the National Science Foundation, DARPA and the Santa Fe Institute. In addition to Axelrod and Forrest, other contributors are Benjamin Edwards, a recent Ph.D. in computer science from UNM, now a postdoctoral researcher at IBM Research; and Alexander Furnas, a doctoral student in U-M's Department of Political Science.

University of Michigan

Related Game Theory Articles:

Imaging technique could be game changer for pharma
In drug development, the body can be something of a black box.
An algorithm that knows when you'll get bored with your favorite mobile game
Researchers from the Tokyo-based company Silicon Studio, led by Spanish data scientist África Periáñez, have developed a new algorithm that predicts when a user will leave a mobile game.
Game theory could improve cyberwarfare strategy
Whether a nation should retaliate against a cyber attack is a complicated decision, and a new framework guided by game theory could help policymakers determine the best strategy.
Video game ratings work, if you use them
Nearly every video game sold or downloaded comes with a rating that provides age-appropriate guidelines based on the game's content.
Study applies game theory to genomic privacy
A new study from Vanderbilt University presents an unorthodox approach to protect the privacy of genomic data, showing how optimal trade-offs between privacy risk and scientific utility can be struck as genomic data are released for research.
More Game Theory News and Game Theory Current Events

Best Science Podcasts 2019

We have hand picked the best science podcasts for 2019. Sit back and enjoy new science podcasts updated daily from your favorite science news services and scientists.
Now Playing: TED Radio Hour

Teaching For Better Humans
More than test scores or good grades — what do kids need to prepare them for the future? This hour, guest host Manoush Zomorodi and TED speakers explore how to help children grow into better humans, in and out of the classroom. Guests include educators Olympia Della Flora and Liz Kleinrock, psychologist Thomas Curran, and writer Jacqueline Woodson.
Now Playing: Science for the People

#535 Superior
Apologies for the delay getting this week's episode out! A technical glitch slowed us down, but all is once again well. This week, we look at the often troubling intertwining of science and race: its long history, its ability to persist even during periods of disrepute, and the current forms it takes as it resurfaces, leveraging the internet and nationalism to buoy itself. We speak with Angela Saini, independent journalist and author of the new book "Superior: The Return of Race Science", about where race science went and how it's coming back.