Stochastics and StatisticsFalse targets efficiency in defense strategy
Introduction
Determining risk reduction strategies applying reliability theory have usually assumed a static external threat.1 Bier and Abhichandani, 2002, Bier et al., 2005 assume that the defender minimizes the success probability and expected damage of an attack.2 Levitin (2007) determines the expected damage for any distribution of the attacker’s effort and any separation and distribution of the defender’s effort. The September 11, 2001 attack illustrated that major threats today involve strategic attackers. The defender and attacker of a system of components are fully strategic optimizing agents.3
This paper considers the situation where the defender has a single object that can be destroyed by the attacker. To reduce the attack probability the defender can deploy false targets. False targets are effective only if the attacker cannot distinguish them from the defended object (genuine target) with 100% confidence. In this paper, we consider the case where the attacker has no preferences for attacking one target rather than another target. If false targets are deployed, the attacker can attack each one of these targets or the genuine target or any group of targets with equal intensity. The attacker can decide to attack a subset of the targets. The article assumes that both the defender and attacker have complete information about the structure of the game, the strategy sets (which specify the ranges for the free choice variables), and all parameters, and full rationality.
False targets have to the authors’ knowledge not been discussed within the realm of a contest between a defender and an attacker. Sometimes the word decoy is used, and within computer security the term honeypot is common. Let us consider a few real-world examples to help to motivate the paper. The objective of a false target is to distract or conceal something that someone else may search for (to gain access to, control, destroy, etc.). A false target in war may be a wooden fake tank designed to be mistaken to be real by the crew of an attacking plane. The design of the false target may be adjusted to the technology of the attacker, which e.g. may be an automatic guided missile. Another example arises if it proves difficult to camouflage something of value, e.g. a power station, e.g. in an open landscape. An alternative to camouflage is to spread multiple entities with the same appearance as the genuine target, but with empty content, e.g. empty buildings of concrete which cannot be detected as fake unless when broken into.
Section 2 presents the model. Section 3 assumes fixed attacker and defender resources. Section 4 considers variable attacker and defender resources. Section 5 concludes.
Section snippets
The model
In the case with fixed resources r and R, the defender’s free choice variable is the number N of false targets, and the attacker’s free choice variable is the number Q of targets to attack. In the case with variable resources, the defender’s free choice variables are N and r, while the attacker’s free choice variable are Q and R. The discrete quantities Q and N are treated as continuous variables. If N false targets are deployed, the total number of targets is N + 1. The destruction of any number
Fixed attacker and defender resources
This model is relevant in the cases when both the attacker and the defender have non-zero resources that are not enough to reach the equilibrium strategies in the game with variable resources (considered in the next section), which takes place when the attack and the defense costs are much lower than the expected damage.
The total attacker’s resource is R. The cost of the attacker’s effort unit is A. Therefore the total effort the attacker can make is R/A. If the attacker decides to attack Q out
Variable attacker and defender resources
The previous section assumed that the defender and attacker have to use their specified resources r and R in their entirety. This can be realistic when agents have specific budgets which cannot be exceeded (e.g. through borrowing), and when there are incentives to use the entire budget (e.g. because it gets lost when not used or because the expected damage caused by the attack is much greater than the budgets). But, agents can sometimes adjust their resources more flexibly. This section assumes
Conclusion
In a situation where the defender has a single object that can be destroyed by the attacker and deploys false targets to reduce the attack probability, the optimal number of false targets in general depends on the resources available to the attacker and the defender, on the false target cost and on the contest intensity. False targets are effective only if the attacker cannot distinguish them from the defended object (genuine target).
The optimal number of false targets is determined in this
References (21)
- et al.
Protection of simple series and parallel systems with components of different values
Reliability Engineering and System Safety
(2005) Income, interdependence, and substitution effects affecting incentives for security investment
Journal of Accounting and Public Policy
(2006)Strategic defense and attack for series and parallel reliability systems
European Journal of Operational Research
(2008)Optimal multilevel protection in series-parallel systems
Reliability Engineering and System Safety
(2003)Optimal allocation of multi-state elements in linear consecutively connected systems with vulnerable nodes
European Journal of Operational Research
(2003)- et al.
Optimal separation of elements in vulnerable multi-state systems
Reliability Engineering and System Safety
(2001) - et al.
Optimizing survivability of vulnerable series-parallel multi-state systems
Reliability Engineering and System Safety
(2003) - et al.
Optimizing survivability of multi-state systems with multi-level protection by multi-processor genetic algorithm
Reliability Engineering and System Safety
(2003) - et al.
Optimal resource allocation for security in reliability systems
European Journal of Operational Research
(2007) - et al.
Optimal allocation of resources for defense of simple series and parallel systems from determined adversaries
Cited by (66)
A review of attacker-defender games: Current state and paths forward
2024, European Journal of Operational ResearchFifty Years of Operations Research in Defense
2024, European Journal of Operational ResearchCyber deterrence with imperfect attribution and unverifiable signaling
2023, European Journal of Operational ResearchImproving defensive air battle management by solving a stochastic dynamic assignment problem via approximate dynamic programming
2023, European Journal of Operational ResearchTime dependent network resource optimization in cyber–physical systems using game theory
2021, Computer CommunicationsResource allocation among multiple targets for a defender-attacker game with false targets consideration
2021, Reliability Engineering and System Safety