Simulating cyber warfare is critical to the preparation of decision-makers for the challenges posed by cyber attacks.
Simulation is the only means we have to prepare decision-makers for the inevitable cyber attacks upon the
information they will need for decision-making and to develop cyber warfare strategies and tactics. Currently, there
is no theory regarding the strategies that should be used to achieve objectives in offensive or defensive cyber warfare,
and cyber warfare occurs too rarely to use real-world experience to develop effective strategies. To simulate cyber
warfare by affecting the information used for decision-making, we modify the information content of the rings that are
compromised during in a decision-making context. The number of rings affected and value of the information that is
altered (i.e., the closeness of the ring to the center) is determined by the expertise of the decision-maker and the
learning outcome(s) for the simulation exercise. We determine which information rings are compromised using the
probability that the simulated cyber defenses that protect each ring can be compromised. These probabilities are
based upon prior cyber attack activity in the simulation exercise as well as similar real-world cyber attacks. To
determine which information in a compromised "ring" to alter, the simulation environment maintains a record of the
cyber attacks that have succeeded in the simulation environment as well as the decision-making context. These two
pieces of information are used to compute an estimate of the likelihood that the cyber attack can alter, destroy, or
falsify each piece of information in a compromised ring. The unpredictability of information alteration in our
approach adds greater realism to the cyber event.
This paper suggests a new technique that can be used for cyber warfare simulation, the ring approach for modeling
context-dependent information value, and our means for considering information value when assigning cyber
resources to information protection tasks. The first section of the paper introduces the cyber warfare simulation
challenge and the reasons for its importance. The second section contains background information related to our
research. The third section contains a discussion of the information ring technique and its use for simulating cyber
attacks. The fourth section contains a summary and suggestions for research.
|