6. The Skill of Cybersecurity: Adversarial Thinking 141 the level-1 strategy. 54% of seekers and 45% of hiders choose the third box. Interestingly, this game also illustrates asymmetry between hiders and seekers—hiders select the rightmost box twice as often as seekers (22% to 11%). This box is the level-2 choice in the game. Figure 6.6 The hide-and-seek game. Asymmetry like this naturally exists in security games. A security game is a game theoretical game involving an attacker and a defender. In security games defenders tend to start at level-0 whereas attackers tend to start at level-1. In other words, the attacker’s most obvious strategy is actually a level-1 strategy. They start at a more strategic level because they instinctively think about the other player’s perspective. Meanwhile, defenders naturally focus on what they are trying to protect instead of the adversary’s perspective, and they often make the predictable choice (i.e., the level-0 strategy). Predictable choices are not good for cybersecurity because intelligent adversaries can anticipate them. The Colonel Blotto Game At dusk and on opposite sides of a valley, Colonels Alto and Blotto survey the terrain. They know at dawn battles will commence over three distinct strategic positions. They each have nine companies of soldiers, and in the cover of darkness, they must allocate their soldiers to battlefields so that fighting can ensue over each position at first light. Since their forces are equally matched, the battlefields will go to the side that allocates more soldiers. The colonels have no way of knowing what the other side is planning. How many companies of soldiers should Colonel Blotto allocate to each of the three battlefields? In 1921 French mathematician Émile Borel outlined a strategic contest that later became known as the Colonel Blotto game. In the Colonel Blotto game, players allocate soldiers to battlefields, and the player who allocates the most soldiers to a battlefield wins that battlefield. Whether the player allocates one more or one hundred more soldiers, the result is the same. Therefore, it pays to win battlefields by small margins because this frees up more resources to allocate to other battlefields. The Colonel Blotto game is a fundamental model of scarce resource allocation. Economists have applied it to the analysis of electoral competitions in which the candidates (the colonels) compete over battleground states (battlefields) and must decide how much campaign money (soldiers) to spend on each state. The quantity of each state’s electoral votes determines its utility. The candidates’ budgets are limited and they do not know ahead of time how much campaign money their opponent has allocated to each state, but
RkJQdWJsaXNoZXIy MTM4ODY=