Game Theoretic Solutions to Cyber Attack and Network Defense Problems

Game Theoretic Solutions to Cyber Attack and Network Defense Problems There are increasing needs for research in the area of cyber situational awareness. The protection and defense against cyber attacks to computer network is becoming inadequate as the hacker knowledge sophisticates and as the network and each computer system become more complex. Current methods for alert correlation to detect and identify network attacks rely on data mining approaches that use features or feature sets of network data to discover an attack. These approaches are useful for simple attacks but for complex or coordinated cyber intrusions, they have various issues such as false positive, limited scalability, limits on detecting new types of coordinated and sophisticated cyber attacks. Therefore, the cyberspace security requires next-generation network management and intrusion detection systems that combine both short-term sensor information and longterm knowledge databases to provide decision-support systems and cyberspace command and control. In this paper, we propose a game theoretic high level information fusion based decision and control framework to detect and predict the multistage stealthy cyber attacks. The main focus of this paper is to address the cyber network security problem from a system control and decision perspective and revise the Markov game model with the knowledge of the cyber attack domain. Outline: