Work Description

Title: Multi-Stage Attack Graph Security Games: Heuristic Strategies, with Empirical Game-Theoretic Analysis --- Dataset Open Access Deposited
Attribute Value
  • Empirical Game-Theoretic Analysis Online
  • In this work , we study the problem of allocating limited security countermeasures to protect network data from cyber-attacks, for scenarios modeled by Bayesian attack graphs. We consider multi-stage interactions between a network administrator and cybercriminals, formulated as a security game. We propose parameterized heuristic strategies for the attacker and defender and provide detailed analysis of their time complexity. Our heuristics exploit the topological structure of attack graphs and employ sampling methods to overcome the computational complexity in predicting opponent actions. Due to the complexity of the game, we employ a simulation-based approach and perform empirical game analysis over an enumerated set of heuristic strategies. Finally, we conduct experiments in various game settings to evaluate the performance of our heuristics in defending networks, in a manner that is robust to uncertainty about the security environment.
Contact information
Funding agency
  • Department of Defense (DOD)
Other Funding agency
  • Department of Defense (DOD)
ORSP grant number
  • W911NF-13-1-0421
Citations to related material
  • Nguyen, T. H., Wright, M., Wellman, M. P., & Singh, S. (2017). Multi-stage attack graph security games: Heuristic strategies, with empirical game-theoretic analysis. In MTD 2017 - Proceedings of the 2017 Workshop on Moving Target Defense, co-located with CCS 2017 (Vol. 2017-January, pp. 87-97). Association for Computing Machinery, Inc.
Resource type
Last modified
  • 07/02/2018
  • doi:10.7302/Z2F18WX2
CC License


Files (Count: 2; Size: 5.62 MB)


Download will include text file of metadata.

Files are ready   Link to Globus download directory
Globus is for large data sets.   What is Globus?