Can Game Theory Help Mitigate Cyber Threats?
I read a great article by Forensic Magazine that discusses the benefits of utilizing game theory to predict and quantify power grid cyber threats. According to the article, traditional cyber threats are tagged as either low, medium or high in terms of threat level, but this overly-simplistic ranking methodology isn’t good enough in this day and age.
Ins and Outs of Game Theory
First, let’s start with a definition of game theory. Basically, game theory is a mathematical technique designed to optimize decision-making in a competitive situation where one participant’s course of action depends on the actions of the other participant(s).
In order to apply this concept to the prediction and quantification of cyber threats, something akin to a mathematical model must be developed, and this is exactly what two computer engineers from Iowa State University are working on via an approximate $777k grant from the National Science Foundation. Ultimately, the model will be incorporated into an off-the-shelf software tool that can be utilized by any electric utility.
In a nutshell, the game theory component of the model will help users determine the best decision or course of action in a given scenario. And although the initiative specifically applies to electric utilities initially, the team has plans to expand its usage to other “cyber-physical-infrastructure” as well, such as water & gas utilities, pipeline operators, and transportation companies. Click here to learn more about the Iowa State initiative.
The application of game theory to optimize system hacking threat quantification is exciting, and I’ll be closely watching as this and similar efforts unfold.