Games and Abstraction: The Science of Cyber Security

Lead Research Organisation: Queen Mary University of London
Department Name: Sch of Electronic Eng & Computer Science

Abstract

Abstracts are not currently available in GtR for all funded research. This is normally because the abstract was not required at the time of proposal submission, but may be because it included sensitive information such as personal details.
 
Description we have introduced new mathematical techniques for decision support for investments in cybersecurity. We have developed an an extensive numerical modelling of cybersecurity data which is used by our methodology. We have developed refined computational optimizations so that onerous calculations like pareto fronts can be efficiently performed
Exploitation Route we have developed an online tool which implements the methodology developed in our research. This may be helpful to people in charge of cybersecurity for small companies, both in helping them determining an effective investment strategy and also as a cybersecurity self-assessment tool.
Sectors Digital/Communication/Information Technologies (including Software)
 
Description We have developed new game-theoretic models of cyber attacks and defence for Enterprise IT systems. We use these models to provide security engineers and systems administrators with advice on how to optimally deploy their limited resources in defending their systems against commodity-style attacks. We have developed an approach to compare several methods of allocating a cyber security budget. We considered a game-theoretic representation of the entire problem, a purely optimisation based approach that does not consider the adversary's strategy and a hybrid method combining the two. We have been able to identify the trade-offs that exist between the optimality of the solutions, computational complexity of generating the solutions and how easily the solutions can be interpreted for practitioners. Additionally, we have developed a more accurate mapping from the available resources to our model. This allows us to better represent the controls and vulnerabilities in our calculations. The outcome of this improved mapping is that it gives us greater confidence in not only the model, but in the reliability of the results to better reflect the real world environment. The case study considers an SME like entity and currently considers 37 different attacks and 27 different controls. The case study has been developed based on a new platform capable of numerically evaluating a wide range of kinds of cyber attacks. The system is designed to assume no technical knowledge of cyber security on the part of the user, but rather for them to supply information about their organisation consisting of their requirements and preferences. This allows us to create a profile of the organisation, which is used to better inform the internal algorithms. The system takes a UI approach based on a simple combination of menus and sliders that provide the input from users, where the advice is given in both a simple text form as well as in a graphical medium. The internal algorithms use lightweight optimisation algorithms to solve the game theory-based representation within the tool. For further information please see the impact description provided for EP/K005790/1
First Year Of Impact 2019
Sector Digital/Communication/Information Technologies (including Software)
Impact Types Societal,Economic