Strategy-Aware Mitigation Using Markov Games for Dynamic Application-Layer Attacks

Targeted and destructive nature of strategies used by attackers to break down the system require mitigation approaches with dynamic awareness. In the domain of adaptive software security, the adaptation manager of a self-protecting software is responsible for selecting countermeasures to prevent or mitigate attacks immediately. Making a right decision in each and every situation is one of the most challenging aspects of engineering self-protecting software systems. Inspired by the game theory, in this research work, we model the interactions between the attacker and the adaptation manager as a two-player zero-sum Markov game. Using this game-theoretic approach, the adaptation manager can refine its strategies in dynamic attack scenarios by utilizing what has learned from the system´s and adversary´s actions. We also present how this approach can be fitted to the well-known MAPE-K architecture model. As a proof of concept, this research conducts a study on a case of dynamic application-layer denial of service attacks. The simulation results demonstrate how our approach performs while encountering different attack strategies.