Cyber Security, Imperfect Information Stochastic Game - Literature review Example

Cyber Security METHODOLOGY Selection of research methods is a vital component in the research process (Singleton & Straits, 2010; Creswell, 2007). Therefore, in this research, numerous forms of corresponding qualitative research methods have been employed in the process of evaluating theories and documented evidence. On the other hand, there are other qualitative research methods, which have been employed in the process of gathering background evidence concerning incidents reports for setting the scene. Concerning the social science, there is an integration and amalgamation of qualitative and quantitative process in the research design in order to conduct a social investigation, which is based on definite philosophical probabilities (Creswell, 2007). Moreover, this integration contributes substantially to the process of gathering and examining records, construe and reporting results (Greene, 2007). In fact, this incomparable approach has augmented various social scientists by facilitating comprehensive and wide-ranging strategies for dealing with difficulties experienced in learning (Singleton & Straits, 2010; Creswell & Clark, 2007; Greene, 2007). Nonetheless, Greene (2007) asserted that this approach entails a process of perceiving the world in numerous methods; thus, understanding its predicaments and phenomenon. Nevertheless, there are instinctive defects in either quantitative or qualitative processes, which leads to constraints associated with value and a possibility of tilting results derived from analysis. Moreover, application of diverse process approaches comprising of assorted quantitative and qualitative process leads to imperfection and potencies. However, these partialities are balanced to ensure that there are better solutions, which can enlighten predicaments under the study (Creswell & Clark, 2007; Singleton & Straits, 2010). Creswell and Clark (2007) explain that there are consequent limitations associated with the process of addressing varied process approaches involved in social investigation. However, there are other benefits derived from utilization of process approaches such as having a chance to select various quantitative and qualitative instruments. In fact, researchers are able to deal with problems associated with the process of conducting all-inclusive study. Furthermore, these process approaches offer aptitude for responding to detail research queries and for collaborating with other researchers in other orders. These process approaches offers basis of integrating different worldviews, thereby offering a comprehensive clarification of a crisis. Lastly, they offer capacity to amalgamate inductive and deductive process of thinking. In fact, Connelly (2009) asserted that there are benefits derived from application of diverse process plans through an auxiliary sense. In this case, qualitative data can be used to add value to quantitative figures and vice vassal. Resources Developed cyber security, which is based on Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), deliberates to monitor events of cyber-security that has implications on crucial procedures and manufacturing control systems. Moreover, this entails procedures aimed at dealing with cyber-related incidents such as external hacks, virus attacks, assaults and Denial of Service (DoS). Therefore, vital information during the research is obtained from exploring common cyber-related events and other classified reports from various companies, which allow access to their records. On the other hand, the research will focus on the common sources that entail reviews from Eurostat, ENISA, CSI and consultancies, reports of security gap disclosure, constant monitoring of assault patterns such as Symantec, McAfee and Microsoft and reports gathered from trade bodies such as banking trade associations and Anti-Phishing Working Group. Methodology in this study focuses on gauging and assessing methods that are applicable in the process of data collection and reporting of incidents. There will be a review of reports in order to identify substantial components of security-peril review model. This also entails reorganization and examination of facts in a way that verifies cyber security catastrophes in technological, rule or society. In addition, advances of the research focuses on review of literatures based on various theoretical perceptions. Crucial constituent of the game theory involves its aptitude of predicting equilibrium and analyzing the behaviors. In fact, the research focusing on game theory based on quantitative framework offers mathematical models analysis, though it causes difficulties in modeling network security. In this case, this research will focus on examining, comparing and analyzing the nomenclature of game theory as depicted by various literatures. Moreover, this will involve focusing on identification of applicable theory, which proposes solution of cyber security issues. Obviously, the method section of the study will focus on evaluating and analyzing the game theory concerning cyber security, through a process based on non-cooperative model. The study will also employ methodical, thorough and auditable analytical process, based on qualitative study design. In addition, it will also involve both qualitative and quantitative analysis in the process of evaluating and analyzing documents of incident reports with details of attacker’s tools, trends and countermeasures. Therefore, this research applies a design that explores subjects that are randomly assigned to a specific group. On the other hand, each of the research questions will be approached through a comparison based on the aggregate score of the subject group. ANOVA statistical test will be conducted after determination and consideration of its applicability and appropriateness. However, this test will be based on the postulation that parametric test are independent and distributable. In fact, this approach will follow definitive double objective aimed at enclosing episodes of data foundations, which are substantial elements of the entire source in function of cyber security. Furthermore, the enclosure will focus on formal condition of condition of the cyber security countermeasure, which can prevent cases on computer assaults. Conclusion Using a successive mixed method procedural manner, I will analyze process for qualitative part and will expand a theoretical model that demonstrates theories and quantitative portion that demonstrates practices (descriptive statistics) through which the software can fully presents actual analysis. Analyzing existing material philosophical approaches is the main part of this qualitative research that entails researcher review of incident report documents regarding detail of the attacker’s tools/means in qualitative approach. LITERATURE REVIEW According to Sankardas, Ellis, Shiva, Dasgupta, Shandilya and Wu (2010) the game theory applies to a situations involving multi-personal decisions, whereby there are players (defenders and attackers) expected to select strategies that derive benefits, while expecting rational actions from other players. Nonetheless, there are dynamic games that involve complete or incomplete information, and these sub-classes are discussed through exploration of other research works (Sankardas et al. 2010). Incomplete perfect information According to (Pavel, 2012), game theoretic model can be applied in designing response to significant scanning of attacks caused by internet worms. In fact, this notion is based on the idea that defenders have the ability to select deployment strategies through group distribution. Moreover, this is applicable in the process of introducing ways to reduce the speed of worm proliferation. Nevertheless, the attacker chooses most favorable distribution of group scanning in order to maximize the rate of infection. In this case, the game theory intervenes between the role of attacker and defender. In other words, the attacker seeks to maximize the decreased speed of worm circulation, and the defender’s interest is to reduce the maximum speed of worm circulation. Nevertheless, the problem can be solved by deployment of application in the whole space of IP-address or in every enterprise network. Therefore, this leaves the attacker with a strategy of attacking, which is correspondent to strategy random scanning. Detection The process of detection is related to ISS, whereby it involves identifying the security breaches in the organization. In fact, Straub and Nance (1990) asserts that there are three strategies employed in identifying incidences of computer abuse, which include; purposeful detection activities, internal system controls, accidental discovery. Nevertheless, purposeful detection of computer abuse is highly preferred compared to the other two methods. Furthermore, there are few organizations, which employ systematic approaches for detecting cases of computer abuses (Hoffer & Straub, 1989). Therefore, it leads to increased cases of computer abuse that can be identified via normal system control or accidentally. However, purposeful investigations are more contributive compared to “fishing expeditions” in the process of detecting computer abuse (Straub and Nance, 1990). Imperfect Information Stochastic Game Sankardas et al. (2010) explains that both static and dynamic games are explicit to the category of DoS attacks and their countermeasures. On the other hand, imperfect information stochastic game is applicable to generic cyber security events. Moreover, there were previous proposals of applying stochastic game model as to cyber attacks and defense mechanisms (Lye & Wing 2005). However, changes in state of the game theory are based on the procedures undertaken by attackers and defenders or system configurations. In the process of state transition, both defenders and attackers acquire a payoff or incur costs, though there are techniques used for determination of effective strategies, through which entire payoff can be obtained; in fact, this techniques considers the possible strategies of adversary. Limitation Current approaches of game-theoretic security are based on games with perfect information, static game models or games having absolute information (Liu, Comaniciu, & Man, 2006; Alpcan & Pavel, 2009; Nguyen, Alpcan, & Basar 2009). Nevertheless, there are dynamic games, which have curtailed and faulty information regarding the attacker. Moreover, there are current models that involve dynamic game having curtailed and defective information and they are definite to wireless networks (Alpcan, & Basar, 2004). Game-theoretic research that applies to cyber security is classified in non-cooperative games. In this case, the research paper fails to offer expansive details regarding ‘cooperative games’ and to explore mathematical procedures of game theory. Consequently, this creates the difficulty in identifying vital security faults because of security reasons concerning financial organizations. References Sankardas R., Ellis, C., Shiva, S., Dasgupta, D., Shandilya, V. & Wu, Q. (2010). A Survey of Game Theory as Applied to Network Security. Department of Computer Science, University of Memphis. Retrieved from: http://people.cis.ksu.edu/~sroy/hicss43.pdf   Read More