October 25, 2021


Dedicated Forum to help removing adware, malware, spyware, ransomware, trojans, viruses and more!

Evaluating Attacker Risk Behavior in an Internet of Things Ecosystem. (arXiv:2109.11592v1 [cs.CR])

In cybersecurity, attackers range from brash, unsophisticated script kiddies
and cybercriminals to stealthy, patient advanced persistent threats. When
modeling these attackers, we can observe that they demonstrate different
risk-seeking and risk-averse behaviors. This work explores how an attacker’s
risk seeking or risk averse behavior affects their operations against
detection-optimizing defenders in an Internet of Things ecosystem. Using an
evaluation framework which uses real, parametrizable malware, we develop a game
that is played by a defender against attackers with a suite of malware that is
parameterized to be more aggressive and more stealthy. These results are
evaluated under a framework of exponential utility according to their
willingness to accept risk. We find that against a defender who must choose a
single strategy up front, risk-seeking attackers gain more actual utility than
risk-averse attackers, particularly in cases where the defender is better
equipped than the two attackers anticipate. Additionally, we empirically
confirm that high-risk, high-reward scenarios are more beneficial to
risk-seeking attackers like cybercriminals, while low-risk, low-reward
scenarios are more beneficial to risk-averse attackers like advanced persistent