Formalizing agents’ beliefs for cyber-security defense strategy planning

Abstract

Critical information infrastructures have been exposed to an increasing number of cyber attacks in recent years. Current protection approaches consider the reaction to a threat from an operational perspective, but leave out human aspects of an attacker. The problem is, no matter how good a defense planning from an operational perspective is, it must be considered that any action taken might influence an attacker’s belief in reaching a goal. For solving this problem this paper introduces a formal model of belief states for defender and intruder agents in a cyber-security setting. We do not only consider an attacker as a deterministic threat, but consider her as a human being and provide a formal method for reasoning about her beliefs given our reactions to her actions, providing more powerful means to assess the merits of countermeasures when planning cyber-security defense strategies.