پیرامون نظریه بازی ها

By Dr. Robert Ghanea-Hercock, Chief Researcher, BT Security Research Practice

Traditionally, many companies viewed the corporate organization as a rigidly defined structure with clear boundaries. Network security then was a simple matter of raising a sufficiently stout wall around that perimeter to keep the miscreants out. Today’s issue is how to dynamically manage data, trust and identity in a fluid boundary-less environment, i.e. reality.

Security gurus now have a mantra-like chant: “people and process,” which is a better focus than on purely technical solutions. However, the IT security problem can be defined in very simple terms, people do bad things.

While one threat to the enterprise is from insiders, (although these account for a small percentage of actual attacks), most corporations can generally afford comprehensive security solutions to lock down networks and hardware. The story for domestic users, small companies and government bodies is much worse, because they don’t always have dedicated system administrators. As a result, they remain vulnerable to the full spectrum of cyber attacks, especially spam, malware and botnets. As in the physical security domain, rich people can afford good security, while poor people live in impoverished areas and tend to get mugged.

Cyber security has proven thus far to be an elusive goal that now requires a radical shift in the mindset of IT practitioners. The first issue stems from the idealized concept that a system can be made invulnerable to attack. This is an unattainable goal when dealing with any complex IT System (and by “complex,” I mean any network containing more than two computers, to which human users have access).

Games of Chance

The best model by which we can understand the issues surrounding cyber security is a Game Theory approach. Originally developed as a strategy tool in the nuclear Cold War, Game Theory studies the choice of optimal behavior when the costs and benefits depend upon the choices of other individuals. What we now have in the cyber domain is also a game involving benign and malicious players. In addition, a legitimate user may choose to switch roles to become a defecting agent at any instant. We are also in a state of co-evolution, in which each new defense strategy leads to co-adaptation by a corresponding set of attacks. In addition, the attack space is infinitely larger than the possible defense space.

This is bad news if you still believe perfect cyber security is an achievable state. The best we can ever achieve is a dynamically stable and robust defense, ideally using a combination of signature and behavior based responses. It may also be productive to consider the idea of Evolutionary Stable Strategies (ESS), as proposed by Maynard Smith, as a model of how the long-term dynamic behavior of offensive and defensive strategies will evolve in cyber security. Using that approach, if we introduce a new security mechanism, the question to ask is: Will it lead to a dynamically stable defensive effect over time? This is a difficult question to resolve for any complex adaptive system, such as a biological ecosystem; and particularly for something like cyber security, that is so dependent on human socio-economic processes.

(A more detailed discussion of these topics can be found in the author’s recent book: “Cohesion – The Making of Society”, available on Amazon, http://www.amazon.co.uk/Cohesion-Making-Society-Robert-Hercock/dp/1445209144/ref=sr_1_1?ie=UTF8&qid=1318321560&sr=8-1