Communications of the ACM
Cyberwar Surprise Attacks Get a Mathematical Treatment
A new mathematical model could help predict the timing of cyberattacks.
Credit: Wikimedia Commons
University of Michigan professors Robert Axelrod and Rumen Iliev have written a mathematical model that could help predict the timing of cyberattacks.
The model reworks Axelrod's 1979 work on the prisoner's dilemma game theory problem, which centered on the idea that the element of surprise is a strategic resource and modeling its costs and benefits can lead to counterintuitive actions.
Like physical attacks, cyberattacks can be optimally timed based on changes in risks, costs, and benefits over time; the target’s vulnerabilities, and the element of surprise. Axelrod and Iliev applied the model to several recent cyberattacks, such as the Stuxnet, an advanced computer worm allegedly created by the U.S. and Israeli governments to sabotage Iran's nuclear centrifuges. Stuxnet and other recent cyberattacks have been almost optimally timed, likely as the result of hacker intuition, but the model could help plan future attacks, the researchers say.
In addition, the model could be used defensively to predict when future cyberattacks might occur.
The researchers note the market for information on computer system vulnerabilities known as "zero-day exploits" is growing, which will accelerate the timing of cyberattacks and prompt hackers to act sooner.
"The work provides a solid logical foundation for fresh thinking in the cybersecurity field," says Naval Postgraduate School defense analyst John Arquilla.
From Science
View Full Article
Abstracts Copyright © 2014 Information Inc., Bethesda, Maryland, USA
No entries found