Here's a video of 1,700 time steps, with 20x speed-up.
What you see in this simulation is an ecosystem that provides a positive environment for both Defenders and Attackers. That is, they both have consistently positive payoffs (see bar graph, center left).
While the overall trends of payoffs are pretty clear (bottom graph), there is an "unruly" back and forth between attackers and defenders. Crucially, the time series of payoffs is non-stationary for all agents (see center graphs, third and fourth from the top). Simply, non-stationary means that the probability distribution for each payoff changes over time. You can see a sample distribution of payoffs in the two histograms, center right. You'll notice them changing shape (going from skew to symmetric) and also changes in mean and standard deviation ("SD"). Non-stationarity has implications for risk estimation, as I will detail in the up-coming WEIS paper.
In terms of progress toward the goal, I would say this is not yet a model of cyber security investment. It models competitive relationships rather than not host-parasite relationships which I believe are close to the true nature of cyber security ecosystems. The good news is that I believe I know what extensions and modifications need to be made. I'll save that for a later post.
Here are some key features of this version of the model:
- Three levels of investment: 1) architecture/infrastructure; 2) capabilities; 3) practices/routines (a.k.a. "moves")
- Asymmetric number and variety of "moves" for Defenders and Attackers
- Parametric control over diversity of "moves" and investments by Defenders and Attackers
<update>
Here is the same run after 4,000 time steps. No sign of equilibrium or stationary time series.
 |
| (Click to enlarge) |
No comments:
Post a Comment