Inductive Inference of Security

ABSTRACT

We model security games by combining methods of epistemic game theory and algorithmic information theory. Remarkably, the combination of these two technically and conceptually challenging mathematical theories turns out to be technically simpler than either of them, and perhaps even conceptually clearer. The resulting model turns out to be closely related to the mathematical models of science as inductive inference of algorithms. Introduced in Solomonoff's seminal work in the 1960s, such models are nowadays widely used in algorithmic learning and occasionally in experiment design. The observation that the process of designing secure systems and adapting them after attacks yields to the models of scientific theory formation, testing and refinement brings some concrete problems of cyber security, such as reasoning about security by obscurity, on the well ploughed ground of scientific methods.

Dusko Pavlovic is Professor of Information Security at Royal Holloway, University of London, where he leads ASECOLAB, the Adaptive Security and Economics Laboratory. His current research interests concern theory of security, network and quantum computation, and information extraction.