Modelling Telecommunications Operators and Adversaries using Game Theory

Thumbnail Image

Files

master_Panda_Sakshyam_2018.pdf (1.3 MB)

URL

Journal Title

Journal ISSN

Volume Title

Perustieteiden korkeakoulu | Master's thesis
Unless otherwise stated, all rights belong to the author. You may download, display and print this publication for Your own personal use. Commercial use is prohibited.

Authors

Date

2018-05-14

Department

Major/Subject

Human-Computer Interaction and Design

Mcode

HCID

Degree programme

Master's Programme in ICT Innovation

Language

en

Pages

54+10

Series

Abstract

Telecommunications systems being inherently distributed and collaborative in nature present a plurality of attack surfaces to malicious entities and hence vulnerable to many potential attacks even indirectly demanding a need in prioritising security. The choice of security implementations depends upon the currently understood threats, future possible threat vectors, and the dependencies between systems. Executing these choices while contemplating the financial aspects is exceptionally difficult. It is thus critical to have a perceptible decision support framework for better security decision-making. This thesis studies the strategic nature of the interaction between the Telecoms operators and attackers utilising game theory to understand their strategic decision-making characteristics strengthening security decisions. To understand the security investment decision-making criteria of operators, this thesis utilises static security investment games. Through these games, we study the effects of security investment decision of an operator on other operators' behaviour. We determine conditions supporting the security investment decisions and propose strategic recommendations supplementing the dependency conditions. We then study attackers' behaviour considering them with strategic incentives in contrary to their strictly-bounded rationality in traditional game-theoretic modelling approaches. We utilise a behavioural approach and design a decision-flow model capturing the choices of attackers in the attack process. An outcome of this work is a generalised attack framework. Moreover, using this framework, we derive attack strategies optimising attackers' effort. Through this work, we are probing the foundations for drawing inferences about attackers' strategic characteristics from a cybersecurity perspective.

Description

Supervisor

Nieminen, Marko

Thesis advisor

Oliver, Ian

Keywords

cybersecurity, game theory, telecommunications, economics, attackers, decision-making behaviour

Other note

Citation

Permanent link to this item

https://urn.fi/URN:NBN:fi:aalto-201806012978

Collections

[dipl] Perustieteiden korkeakoulu / SCI