Anatomy of threat landscape and security games
Component of Security Games
We dissect security games into the following potential components and elaborate on each one in the context of cybersecurity. We aim to provide a multi-dimension explanation of how these components characterize the strategy interaction between agents.
Action and Policy
Information and Rationality
Dynamic and Timing
Types of security games and solution concepts
We visualize the threat landscape in the following three dimensions.
The x-axis has an increased sophistication in the attackers' Tactics, Techniques, and Procedures (TTPs).
The y-axis has an increased stealthiness or a delay of detection.
The size of the bubble increases as the attack is more likely to exploit human vulnerabilities.