Skip to main content

Changing the game: Winning paper models cyberwarfare game theory

ASU professors' work honored in NSA's sixth annual competition

Tiffany Bao

Arizona State University Assistant Professor Tiffany Bao.

January 02, 2019

Arizona State University Assistant Professor Tiffany Bao won best paper for her collaborative research on cyberwarfare at the NSA’s sixth annual Best Scientific Cybersecurity Paper Competition.

Bao, a new faculty member in the School of Computing, Informatics, and Decision Systems Engineering, one of the six schools in ASU’s Ira A. Fulton Schools of Engineering, partnered with Fulton Schools Assistant Professors Yan Shoshitaishvili and Ruoyu Wang, and collaborations from Carnegie Mellon University and the University of California, Santa Barbara on the research.

The research paper, “How Shall We Play a Game? A Game-theoretical Model for Cyberwarfare Games,” explored ways of finding, exploiting and patching vulnerabilities to prepare for a strategic cyberbattle. Game theory allows researchers to model situations where decision-makers interact in a competitive activity. In the context of cyberwarfare, the decision-makers try to protect themselves or attack an organization’s information systems for strategic or military purposes.

Currently, players or decision-makers develop strategies manually, which slows down developments in the field. ASU researchers have created a new, more comprehensive cyberwarfare model that considers a greater number of decision-makers, actions and choices. Every action, including attacks and defensive maneuvers, reveals information to adversaries about vulnerabilities and choices. The new strategies aid both humans and computers in making decisions about previously unknown vulnerabilities in their own systems.

“Our model is capable of finding better solutions than previous work within seconds, making computer-time strategic reasoning a reality,” the researchers wrote in the recognized paper. “We also provide new insights, compared to previous models, on the impact of optimal strategies.”

Using this approach and strong scientific methods, the authors developed an improved cyberwarfare strategy and tested it on a previous Cyber Reasoning System entered into the DARPA Cyber Grand Challenge. In that competition, teams designed computer systems to identify flaws and protect their host systems.

“Our paper highlights the importance of making the right move in cybersecurity,” Bao said. “It reminds people that a software security technique has its practical merit only to the extent it can be used to achieve a security goal, such as protecting national computing resources.”

For the original paper, which was presented at the 30th IEEE Computer Security Foundations Symposium in 2017, Bao and five other researchers from across the country applied game theory toward advancing the human decision-making process.

Their winning paper was selected from 28 nominations of published papers in 2017.

“This is exactly the type of high-impact cybersecurity research we are conducting at ASU,” said Adam Doupé, associate director for the Center for Cybersecurity and Digital Forensics. “It shows the strength of our new faculty.”

More Science and technology


Photo of two students talking at a table with a poster that reads "RISE Ambassador."

Sara Brownell named among inaugural Charter Professors

Sara Brownell, President’s Professor in the School of Life Sciences and Center for Biology and Society at Arizona State…

February 21, 2024
Two men in suits shake hands

Department of State and ASU announce new initiative to build resilient international microelectronics supply chain

Well known by now is that the CHIPS and Science Act of 2022 was designed to re-establish semiconductor manufacturing, research…

February 20, 2024
A group of people in suits pose next to a U.S. flag.

ASU president, national council urge action to fuel US tech leadership

Arizona State University President Michael Crow and other members of a national advisory council on innovation and…

February 15, 2024