Agent-Based Modelling of O ensive Actors in Cyberspace

Abstract

With the rise of the Information Age, there has also been a growing rate of attacks targeting information. In order to better defend against these attacks being able to understand attackers and simulate their behaviour is of utmost importance. A recent approach of using serious games provides an avenue to explore o ensive cyber attacks in a safe and fun environment. There exists a wide range of cyber attackers, with varying levels of expertise whose motivations are di erent. This project provides a novel contribution in using games to allow people to role play as malicious attackers and then using these games as inputs into the simulation. A board game has been designed that emulates a cyber environment, where players represent o ensive actors, with seven roles - Cyber Mercenary (low and high capability), State-backed (low and high capability), Script Kiddy, Hacktivist and Counter-culture (not motivated by nances or ideology). The facilitator or the Games Master (GM) represents the organisation under attack, and players use the Technique cards to perform attacks on the organisation, all cards are sourced from existing Tools, Techniques and Procedures (TTPs). Along with the game, players also provided responses to a questionnaire, that encapsulated three individual dif ferences: Sneider's self-report, DOSPERT and Barratt's Impulsiveness scale. There was a total of 15 players participating in 13 games, and three key groups of individual di erences players. No correlation was identi ed with the individual Technique card pick rate and role. However, the complexity of the attack patterns (Technique card chains) was modulated by roles, and the players' individual di erences. A proof-of-concept simulation has been made using an Agent-Based Modelling framework that re-plays the actions of a player. One of the aspects of future work is the exploitation of the game data to be used as a learning model to create intelligent standalone agents.