Foundations of Cyber Resilience: The Confluence of Game, Control, and Learning Theories
read the original abstract
Cyber resilience is a complementary concept to cybersecurity, focusing on the preparation, response, and recovery from cyber threats that are challenging to prevent. Organizations increasingly face such threats in an evolving cyber threat landscape. Understanding and establishing foundations for cyber resilience provide a quantitative and systematic approach to cyber risk assessment, mitigation policy evaluation, and risk-informed defense design. A systems-scientific view toward cyber risks provides holistic and system-level solutions. This chapter starts with a systemic view toward cyber risks and presents the confluence of game theory, control theory, and learning theories, which are three major pillars for the design of cyber resilience mechanisms to counteract increasingly sophisticated and evolving threats in our networks and organizations. Game and control theoretic methods provide a set of modeling frameworks to capture the strategic and dynamic interactions between defenders and attackers. Control and learning frameworks together provide a feedback-driven mechanism that enables autonomous and adaptive responses to threats. Game and learning frameworks offer a data-driven approach to proactively reason about adversarial behaviors and resilient strategies. The confluence of the three lays the theoretical foundations for the analysis and design of cyber resilience. This chapter presents various theoretical paradigms, including dynamic asymmetric games, moving horizon control, conjectural learning, and meta-learning, as recent advances at the intersection. This chapter concludes with future directions and discussions of the role of neurosymbolic learning and the synergy between foundation models and game models in cyber resilience.
This paper has not been read by Pith yet.
Forward citations
Cited by 4 Pith papers
-
A Variational Framework for LLM Generator-Regulator Games
A variational framework is developed for regulated language generation, casting generator-regulator interactions as a saddle-point problem over message distributions with applications to moderation and phishing defense.
-
AI Tokenomics: The Economics of Tokens, Computation, and Pricing in Foundation Models
Develops a framework linking token-level technical costs to workflow-level economic value and market design in AI foundation models.
-
Insurance of Agentic AI
Agentic AI requires a coordinated layered insurance ecosystem integrating cyber, liability, and performance coverages rather than a single new product.
-
Cooperative and Noncooperative Paradigms for Game-Theoretic Control of Socio-Technical Systems
A tutorial surveying game-theoretic approaches for modeling and controlling socio-technical systems with human and infrastructure interactions.
discussion (0)
Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.