Active Defence: An Evolving Gaming Strategy for Attacker Defender in a Network Environment

Abstract

This paper uses active defense mechanism to determine appropriate strategies for attackers and defenders in a simple network security game, using a method which is generic to many other security games. The largest problem facing active defence is determining what actions to take and when to take them given the risks of the actions and the risk of the threats. This leaves only one choice: to implement a defence that can mitigate a threat in real-time that it is detected and the time that it would achieve its goal. This is the essence of active defence. This presents the concept of computing the risk available to the process proactively. Due to resource constraint in time, we will not build a heuristic model for a simulated Game theory that could be set up to give detail experiment; but this paper will expose and stress on the concept of predicting an attacker technique theoretically that could be applied to develop an active defence strategy by evolving an attacker and defender population in parallel and then testing them against each other by considering a prototype generic algorithm for the simulated environment.