# A Game Theoretic Analysis of Cyber Threats

### Paul Tavolato, Robert Luh, Robert Luh, Sebastian Eresheim, Sebastian Eresheim

#### 2023

#### Abstract

Cyber threat analysis is crucial to securing modern IT systems. In the ongoing project described here a strictly mathematical method for threat analysis is sketched. The threat landscape between an attacker (hacker) and a defender (system owner) is modeled along the formalisms of stochastic game theory, thus opening the way for a rigorous formal analysis. The key benefit of the project is its applicability to real-world situations. Therefore, the information about possible attack and defense actions is taken from several proven data sources resulting in a large number of actions (173 attack actions and 115 defense actions). We present an adaptation of the so-called Princess-and-Monster game to model the problem. Various problems with the formalization are discussed. To keep the model manageable despite the claim of practicality, it is applied only to specific scenarios mimicking real-world situations.

Download#### Paper Citation

#### in Harvard Style

Tavolato P., Luh R. and Eresheim S. (2023). **A Game Theoretic Analysis of Cyber Threats**. In *Proceedings of the 9th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,* ISBN 978-989-758-624-8, pages 706-713. DOI: 10.5220/0011792700003405

#### in Bibtex Style

@conference{icissp23,

author={Paul Tavolato and Robert Luh and Sebastian Eresheim},

title={A Game Theoretic Analysis of Cyber Threats},

booktitle={Proceedings of the 9th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},

year={2023},

pages={706-713},

publisher={SciTePress},

organization={INSTICC},

doi={10.5220/0011792700003405},

isbn={978-989-758-624-8},

}

#### in EndNote Style

TY - CONF

JO - Proceedings of the 9th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,

TI - A Game Theoretic Analysis of Cyber Threats

SN - 978-989-758-624-8

AU - Tavolato P.

AU - Luh R.

AU - Eresheim S.

PY - 2023

SP - 706

EP - 713

DO - 10.5220/0011792700003405