Application of the Hypergame Theory to Security Analysis and Decision Support for Security Incident Response

To date, there are a lot of research works related to the application of game theory to model the interaction between a cyber attacker and defender. At the same time there are some challenges that prevent development and practical application of such approaches. One of the challenges is that at each point in time, the cyber attacker and the defender do not have accurate information about the adversary’s strategy, which results in an uncertainty in choosing their own strategy. The paper considers the application of hypergame theory to process this uncertainty. The authors use the attack graph is used to determine the possible strategies of the cyber attacker, while the graph of dependencies between the assets of the information system is used to determine the gain when applying a particular strategy. Thus, the result of the research is a proposed approach to security analysis and decision support for security incidents response based on the hypergame theory.

Year of Publication
Date Published
Google Scholar | BibTeX | DOI