Share Email Print
cover

Proceedings Paper

Simulating cyber warfare and cyber defenses: information value considerations
Author(s): Martin R. Stytz; Sheila B. Banks
Format Member Price Non-Member Price
PDF $14.40 $18.00
cover GOOD NEWS! Your organization subscribes to the SPIE Digital Library. You may be able to download this paper for free. Check Access

Paper Abstract

Simulating cyber warfare is critical to the preparation of decision-makers for the challenges posed by cyber attacks. Simulation is the only means we have to prepare decision-makers for the inevitable cyber attacks upon the information they will need for decision-making and to develop cyber warfare strategies and tactics. Currently, there is no theory regarding the strategies that should be used to achieve objectives in offensive or defensive cyber warfare, and cyber warfare occurs too rarely to use real-world experience to develop effective strategies. To simulate cyber warfare by affecting the information used for decision-making, we modify the information content of the rings that are compromised during in a decision-making context. The number of rings affected and value of the information that is altered (i.e., the closeness of the ring to the center) is determined by the expertise of the decision-maker and the learning outcome(s) for the simulation exercise. We determine which information rings are compromised using the probability that the simulated cyber defenses that protect each ring can be compromised. These probabilities are based upon prior cyber attack activity in the simulation exercise as well as similar real-world cyber attacks. To determine which information in a compromised "ring" to alter, the simulation environment maintains a record of the cyber attacks that have succeeded in the simulation environment as well as the decision-making context. These two pieces of information are used to compute an estimate of the likelihood that the cyber attack can alter, destroy, or falsify each piece of information in a compromised ring. The unpredictability of information alteration in our approach adds greater realism to the cyber event. This paper suggests a new technique that can be used for cyber warfare simulation, the ring approach for modeling context-dependent information value, and our means for considering information value when assigning cyber resources to information protection tasks. The first section of the paper introduces the cyber warfare simulation challenge and the reasons for its importance. The second section contains background information related to our research. The third section contains a discussion of the information ring technique and its use for simulating cyber attacks. The fourth section contains a summary and suggestions for research.

Paper Details

Date Published: 20 May 2011
PDF: 12 pages
Proc. SPIE 8060, Modeling and Simulation for Defense Systems and Applications VI, 80600H (20 May 2011); doi: 10.1117/12.882891
Show Author Affiliations
Martin R. Stytz, Drexel Univ. (United States)
Sheila B. Banks, Calculated Insight (United States)


Published in SPIE Proceedings Vol. 8060:
Modeling and Simulation for Defense Systems and Applications VI
Eric J. Kelmelis, Editor(s)

© SPIE. Terms of Use
Back to Top