Replication and diversity for survivability in cyberspace: A game theoretic approach

Charles Kamhoua, Kevin Kwiat, Mainak Chatterjee, Joon Park, Patrick Hurley

Research output: Chapter in Book/Report/Conference proceedingConference contribution

5 Scopus citations

Abstract

An effective defense-in-depth avoids a large percentage of threats and defeats those threats that turn into attacks. When an attack evades detection, it may disrupt the systems and networks, and then the need for survivability is more critical. In this context, mission assurance seeks to ensure that critical mission essential functions (MEFs) survive and fight through the attacks against the underlying cyber infrastructure. Survivability represents the quantified ability of a system, subsystem, equipment, process, or procedure to function continually during and after a disturbance. US Air Force systems carry varying survivability requirements depending on MEF's criticality and protection conditions. Almost invariably, however, replication of a subsystem, equipment, process, or procedure is necessary to meet a system's survivability requirements. Therefore, the degree of replication within a system can be paramount for MEF's survival. Moreover, diversity will prevent the same fault or attack from damaging all the replicas so that they can continue the mission. This research shows that the more dangerous vulnerabilities (that affect more replicas) in a system are sometimes less likely to be exploited. The attacker may be better off when exploiting small vulnerabilities because they will be less protected by the defender. In fact, diversity always gives extra challenges to attackers. This work uses the mathematical framework of game theory to show the significance of replica diversity for mission survival in cyberspace.

Original languageEnglish (US)
Title of host publication8th International Conference on Information Warfare and Security 2013
Pages116-124
Number of pages9
StatePublished - Dec 1 2013
Event8th International Conference on Information Warfare and Security, ICIW 2013 - Denver, CO, United States
Duration: Mar 25 2013Mar 26 2013

Publication series

Name8th International Conference on Information Warfare and Security, ICIW 2013

Other

Other8th International Conference on Information Warfare and Security, ICIW 2013
CountryUnited States
CityDenver, CO
Period3/25/133/26/13

    Fingerprint

Keywords

  • Cybersecurity
  • Diversity
  • Game theory
  • Replication
  • Survivability

ASJC Scopus subject areas

  • Information Systems
  • Safety, Risk, Reliability and Quality

Cite this

Kamhoua, C., Kwiat, K., Chatterjee, M., Park, J., & Hurley, P. (2013). Replication and diversity for survivability in cyberspace: A game theoretic approach. In 8th International Conference on Information Warfare and Security 2013 (pp. 116-124). (8th International Conference on Information Warfare and Security, ICIW 2013).