Résumé :

Cybersecurity is a context in which at least two agents, namely a defender and an attacker, interact to achieve conflicting objectives. As such, its analysis with game theory is natural. Most game theoretic approaches for cybersecurity rely on analytical games described by a reward function depending on agent actions, and the goal is often to find equilibriums (e.g, Nash equilibrium). However, these techniques imply a new analysis for each particular system or network. Contrarily, defining Multi-Agent System (MAS) formalisms adapted to describe multi-step attacks can help generically design defense systems. Moreover, model checking defender strategic abilities in the MAS offers guarantees on active cyber defenses leveraged by the security team, including honeypots (i.e, deception mechanisms) and Moving Target Defenses (i.e, system reconfiguration). The existing formalisms do not capture all the aspects of active defenses, so we developed Capacity Alternating-time Temporal Logic to reason about strategic abilities under imperfect information of the agents’ capacities. Lien Zoom : https://zoom.us/j/93056321213?pwd=d2JkMG5tQnNYM2FqU3U2VVFxanNkQT09