From Individual Decisions from Experience to Behavioral Game Theory: Lessons for Cybersecurity

Abstract

This chapter discusses a central challenge arising from the success of modeling human behavior in making decisions from experience: our ability to scale these models up to explain non-cooperative team behavior in a dynamic cyber space. Computational models of human behavior based on the Instance-Based Learning Theory (IBLT) have been highly successful in representing and predicting individual’s behavior of decisions from experience. Recently, these IBL models have been also applied to represent a security analyst’s experience and cognitive characteristics that would result in accurate predictions of threat identification and cyber-attack detection. The IBL models derive predictions on the accuracy and timing of threat detection in a computer network (i.e., cyber situation awareness or cyberSA). This chapter summarizes the current state of models at the individual level, and it describes the challenges and potentials for extending them to address predictions in 2-player (i.e., defender and attacker) non-cooperative dynamic cybersecurity situations. The advancements that would potentially contribute to a more secure cyberspace are discussed