The Critical Node Game
Cloud networks are the backbone of the modern distributed internet infrastructure as they provision most of the on-demand resources organizations and individuals use daily. However, any abrupt cyber-attack could disrupt the provisioning of some of the cloud resources fulfilling the needs of customers, industries, and governments. In this work, we introduce a game-theoretic model that assesses the cyber-security risk of cloud networks and informs security experts on the optimal security strategies. Our approach combines game theory, combinatorial optimization, and cyber-security and aims at minimizing the unexpected network disruptions caused by malicious cyber-attacks under uncertainty. Methodologically, our approach consists of a simultaneous and non-cooperative attacker-defender game where each player solves a combinatorial optimization problem parametrized in the variables of the other player. Practically, our approach enables security experts to (i.) assess the security posture of the cloud network, and (ii.) dynamically adapt the level of cyber-protection deployed on the network. We provide a detailed analysis of a real-world cloud network and demonstrate the efficacy of our approach through extensive computational tests.
READ FULL TEXT