This article delves into the application of game theory in studying cyber attacker and defender behaviors. It critiques the inherent limitations due to game theory’s roots in economics where players may be selfish but not malicious. The authors systematically review major cybersecurity problems studied with a game-theoretic approach, assumptions made, models proposed, and solution concepts. They identify technical gaps that need addressing to make game-theoretic cybersecurity models truly useful and suggest bridges to address these gaps.

 

Publication date: 26 Jan 2024
Project Page: Not provided
Paper: https://arxiv.org/pdf/2401.13815