Catch the Cyber Thief: A Multi-Dimensional Asymmetric Network Attack-Defense Game

This paper presents a novel multi-dimensional asymmetric game model for network attack-defense decision-making, called "Catch the Cyber Thief". The model is built upon the concept of partially observable stochastic games (POSG) and is designed to systematically incorporate multi-dimensional asymmetry into network attack-defense problems. The attack agent is called a "thief" who wants to control a key host by exploring the unfamiliar network environment, and the defense agent is called a "police" who needs to catch the opponent before its goal is accomplished. The results indicate that the asymmetry of network attack and defense is not only influenced by attack and defense strategies but also by spatio-temporal factors such as the attacker's initial position, network topology, and defense lag time. In addition, we have found that there may exist the "attack rhythm," which makes "how to maintain a good attack rhythm" and "how to generate a robust defense strategy against different attackers" worth exploring. Compared with existing attack-defense game models, our game model can better generate a direct mapping relationship with real elements, enabling us to understand network attack and defense interactions better, recognize security risks, and design defense strategies that can directly serve real-world decision-making.