Optimal Decision Making Approach for Cyber Security Defense Using Evolutionary Game

At present, there are many techniques for cyber security defense such as firewall, intrusion detection and cryptography. Despite decades of studies and experiences on this issue, there still exists a problem that we always pay great attention to technology while overlooking strategy. In the traditional warfare, the level of decision-making and the formulation of optimal strategies have a great effect on the warfare result. Similarly, the timeliness and quality of decision-making in cyber attack-defense also make great significance. Since the attackers and defenders are oppositional, the selection of optimal defense strategy with the maximum payoff is difficult. To solve this problem, the stochastic evolutionary game model is utilized to simulate the dynamic adversary of cyber attack-defense. We add the parameter $\lambda $ to the Logit Quantal Response Dynamics (LQRD) equation to quantify the cognitive differences of real-world players. By calculating the evolutionary stable equilibrium, the best decision-making approach is proposed, which makes a balance between defense cost and benefit. Cases studies on ransomware indicate that the proposed approach can help the defender predict possible attack action, select the related optimal defense strategy over time, and gain the maximum defense payoff.