How can any organisation detect the onset of an attack on its computer network, giving it time to respond quickly and block any intrusion or compromise of its data? The answer could lie in game theory.
Modern firewalls and other technology are already in place, but these have not prevented major attacks on prominent networks in recent months. Now, information technologist Heechang Shin of Iona College in New Rochelle, New York, has used game theory to develop a defence mechanism for networks that is more effective than previous approaches.
Shin explains that each incident might not only severely disrupt services affecting thousands of people but for a commercial operation it can take as much as one percent of annual sales, per incident, amounting to tens of millions of dollars, according to an Iona statement.
Shin has now developed an effective anti-hacking tool based on a game theoretic model, called defensive forecasting, which can detect network intrusions in real time, the International Journal of Business Continuity and Risk Management reports.
The tool, by playing a “game” of reality versus forecast, wins when reality matches its forecast and it sends out an alert to block the intrusion.
Importantly, the tool works on real-time data flowing in and out of the network rather than analysing logs, an approach that can only detect network intrusions after they have taken place.
The game theoretic model continuously trains the tool so that it can recognize the patterns of typical network attacks: denial of service attacks, unauthorised access from remote machines in which login passwords are being guessed or brute-force tested, attacks by insiders with “superuser” etc.
