Search GSSD

Would a 'Cyber Warrior' Protect Us? Exploring Trade-Offs Between Attack and Defense of Information Systems

"Recent rep orts to address cybersecurity risks have focused on leveraging the immense technical capacity of the American intelligence community to protect the nation's information technology infrastructure, and to project power in a new domain. This creates a potential conflict of interest: the joint duties of breaking into foreign systems while securing our own raises questions about competing goals. This paper highlights that tension, and introduces two game-theoretic models of the strategic decisions faced in security vulnerability discovery and disclosure. The country must both protect itself in the new domain and pursue an offensive advantage while still remaining at risk. One game describes a cold war of stockpiling, while the other allows for actual attack. In both models, we predict that at least one state will have an incentive to pursue an aggressive cyber war posture, rather than secure its own systems."
Allan Friedman, Tyler Moore, and Ariel D. Procaccia
Center for Research on Computation and Society, Harvard University
Industry Focus: 
Information & Telecommunication
Internet & Cyberspace
United States
Bibliographies & Reports