Cybersecurity Threat Assessment Integrating Qualitative Differential and Evolutionary Games

Most current game theory-based cybersecurity analysis methods use traditional game models, which do not meet realistic conditions of continuous dynamic changes in attack-defense behaviors and decision makers without perfect rationality, and therefore they adapt with difficulty to the practical requirements of cybersecurity threat assessment. This paper draws on infectious disease dynamics methods to describe the cybersecurity threat propagation process. It constructs a dynamic game model of a cybersecurity threat based on continuous attack-defense confrontation and boundedly rational decision makers, combining qualitative differential and evolutionary game theories. Qualitative differential games are used to analyze the confrontation process of security threats, calculate attack-defense barriers, and construct a benchmark to measure the degree of a security threat. Evolutionary games are used to analyze the dynamic change of attack-defense strategy-selection probabilities based on replicator dynamics, and to deduce the evolutionary trajectory of the network security state. We then calculate the multidimensional Euclidean distance between the evolutionary trajectory and the attack-defense barrier metric benchmark, and use it as the basis for a dynamic threat assessment algorithm to improve the timeliness and objectivity of threat assessment. Simulation experiments show that the model and algorithm are effective and feasible.