Cyber Terrorism as Game Theory

PLEASE SCROLL DOWN FOR ARTICLE

This article was downloaded by: [Black, dk]On: 30 November 2010Access details: Sample Issue Voucher: Information Security Journal: A Global PerspectiveAccess Details:[subscription number 930380563]Publisher Taylor & FrancisInforma Ltd Registered in England and Wales Registered Number: 1072954 Registered office: Mortimer House, 37-41 Mortimer Street, London W1T 3JH, UK

Information Security Journal: A Global PerspectivePublication details, including instructions for authors and subscription information:http://www.informaworld.com/smpp/title~content=t768221795

A Postmodern Theory of Cyberterrorism: Game TheoryJonathan Matusitza

a University of Central Florida, Lake Mary, Florida, USA

Online publication date: 07 December 2009

To cite this Article Matusitz, Jonathan(2009) 'A Postmodern Theory of Cyberterrorism: Game Theory', InformationSecurity Journal: A Global Perspective, 18: 6, 273 — 281To link to this Article: DOI: 10.1080/19393550903200474URL: http://dx.doi.org/10.1080/19393550903200474

Full terms and conditions of use: http://www.informaworld.com/terms-and-conditions-of-access.pdf

This article may be used for research, teaching and private study purposes. Any substantial orsystematic reproduction, re-distribution, re-selling, loan or sub-licensing, systematic supply ordistribution in any form to anyone is expressly forbidden.

The publisher does not give any warranty express or implied or make any representation that the contentswill be complete or accurate or up to date. The accuracy of any instructions, formulae and drug dosesshould be independently verified with primary sources. The publisher shall not be liable for any loss,actions, claims, proceedings, demand or costs or damages whatsoever or howsoever caused arising directlyor indirectly in connection with or arising out of the use of this material.

http://www.informaworld.com/smpp/title~content=t768221795

http://dx.doi.org/10.1080/19393550903200474

http://www.informaworld.com/terms-and-conditions-of-access.pdf

Information Security Journal: A Global Perspective, 18:273–281, 2009Copyright © Taylor & Francis Group, LLCISSN: 1939-3555 print / 1939-3547 online DOI: 10.1080/19393550903200474

273

UISS1939-35551939-3547Information Security Journal: A Global Perspective, Vol. 18, No. 6, November 2009: pp. 0–0Information Security Journal: A Global Perspective

A Postmodern Theory of Cyberterrorism:Game Theory

A Postmodern Theory of CyberterrorismJ. MatusitzJonathan MatusitzUniversity of Central Florida, Lake Mary, Florida, USA

Address correspondence to Jonathan Matusitz, PhD, University of Central Florida Partnership Center, 100 Weldon Blvd., Sanford, FL 32773. E-mail: [email protected]

ABSTRACT This article analyzes how the battle between computer securityexperts and cyberterrorists can be explained through game theory. This articleis important because it not only applies game theory to the study of cyberter-rorism, which has been rarely done so far, but it also breaks new ground byintersecting the game theoretical model with another theory, social networktheory. An important thesis of this analysis is that under the principles ofgame theory, each player is assumed to be rational; all players wish the out-come to be as positive or rewarding as possible. Another key argument is thatgame theory is a postmodern theory; against opponents who wage attacks in apostmodern fashion, conventional strategies lead nowhere. The cyberterroristand the cyber forensics expert not only engage in real-time game play but alsouse tactics that are not conceivable in conventional conflict.

KEYWORDS Cyberterrorism, game theory, information technology, internet, networks,postmodernism

INTRODUCTIONThis article analyzes how the battle between computer security experts and

cyberterrorists can be explained through game theory. This article is importantbecause it not only applies game theory to the study of cyberterrorism, whichhas been rarely done so far (i.e., Lye & Wing, 2005), but it also breaks newground by intersecting the game theoretical model with another theory, socialnetwork theory. A key premise of this analysis is that under the principles ofgame theory, each player is assumed to be rational; all players wish the out-come to be as positive or rewarding as possible. Game theory is a postmoderntheory; against opponents who wage attacks in a postmodern fashion, conven-tional strategies lead nowhere. The cyberterrorist and the cyber forensicsexpert not only engage in real-time game play but also use tactics that are notconceivable in conventional conflict.

This article begins with an explanation of the rationale for using game theoryin the context of cyberterrorism. The article then provides an extensive literaturereview on game theory, describing the meaning of the theory, three types ofoutcomes that result from the actions taken by the players in the game (i.e.,the Nash equilibrium, the zero-sum game, and the positive-sum game and thenegative-sum game), and the importance of the role of communication in

Downloaded By: [Black, dk] At: 20:41 30 November 2010

J. Matusitz 274

game theory. What comes after the literature review isthe heart of the article: the application of game theoryto cyberterrorism. As such, this section provides aclear definition of cyberterrorism, and describes howgame theory can be applied to this context, how thetheory is postmodern, and what postmodernismmeans. The article ends with a general explanation ofhow game theory and social network theory can beintermingled. Finally, a discussion section and sugges-tions for future research are offered.

RATIONALE FOR USING GAME THEORY

Game theory examines the relationships betweenindividuals or groups, using models with clear state-ments of consequences (individual payoffs) that dependon the actions taken by more than one individual(Aumann & Hart, 1992; Fudenberg & Tirole, 1991; vonNeumann & Morgenstern, 1944). Game theory hasbeen applied to many disciplines: economics, politicalscience, particularly voting decisions (Bilbao, Fernandez,Jimenez, & Lopez, 2002), as well as other numerousdomains, including two important ones for the past sev-eral years (law enforcement and cyber forensics (seeFent, Feichtinger, & Tragler, 2002). The reason for usinggame theory in this study is that game theory is allabout power and control. It deals with two-person (ormore) decision-making situations (with opposing orjoined interests). As explained later, game theory is wellsuited to the analysis of cyberterrorism. Since games fre-quently reproduce or share characteristics with real situ-ations, they can offer strategies for dealing with suchcircumstances. The basic assumption is that the players(decision makers) follow specific objectives and takeinto account both their skills and expectations of theother player’s (decision maker’s) behavior.

Another reason why game theory is suited for thisstudy is that, in the face of opponents who carry outattacks in a postmodern fashion, conventional strategieslead nowhere. The cyber attacker and the computersecurity agent not only engage in real-time game playbut also use strategies that are not conceivable in con-ventional warfare. Game theory can explain howviruses evolve (Turner, 2005). For this reason, the the-ory can greatly contribute to a better understanding ofcyber strategy and its implications. For instance, whena public Web server administrator notices somethingunusual in the network (e.g., caused by a DOS attack),

he or she may suspect that an attack has occurred andthat action must be taken immediately. This impliesthat the two players are in the same context. Oneplayer wants to attack a computer system; the otherwants to protect it. The context involves short-termstrategies on the part of both sides. The interactionsbetween the cyberterrorist and the computer securityagent are to be viewed as a postmodern two-playergame. The goal here is to explain what strategies areused by both players and how computer securityagents can use the outcomes of the game to improvethe security of their network.

LITERATURE REVIEWThis literature review on game theory provides a

description of the theory, illustrates three types of out-comes that result from the actions taken by the playersin the game (i.e., the Nash equilibrium, the zero-sumgame, and the positive-sum game and the negative-sum game), and justifies the role of communication ingame theory.

Description of Game TheoryGame theory, first outlined by John von Neumann

(von Neumann & Morgenstern, 1944), studies howindividuals behave when they are placed in situationsthat require them to interact with other individuals.Game theory analyzes rational behavior in interactiveor interdependent situations and proposes a set ofmathematical tools and models for analyzing theseinteractive or interdependent processes (Neel, 2005). Itrests on the premise that each person “must first knowthe decision of the other agents before knowing whichdecision is best for himself or herself” (Jehle & Reny,2001, p. 267). As the theory suggests, a game consistsof players. The number of players does not matter, butthe theory is best applicable when the number of play-ers does not exceed “a few.” So, each person is a playerin the game and the player is also a decision maker,choosing how he or she acts. Because each playerwants the greatest possible consequence according tohis or her preference, every decision made by eachplayer will have an impact — whether positive or nega-tive — on the outcomes of the game. In other words,each outcome is the result of particular moves made byplayers at a given point in the game (Rapoport, 1974).


275 A Postmodern Theory of Cyberterrorism

The fundamental characteristic of game theory isthe assumption that players are rational and, therefore,look for the maximization of the difference betweentheir own costs and benefits when considering anaction to take. With respect to decisions or movesmade by players, game theory shares fundamentalsimilarities with social exchange theory. Coined byHormans (1958), social exchange theory posits thathuman relationships develop through the use of asubjective cost-benefit analysis and the comparison ofalternatives (e.g., “what my partner gives may be acost to him, just as what my partner gets may be areward”). Just like game theory, social exchange the-ory rests upon rationalization and the outweighing ofperceived benefits. An example of rationalizationwould be the following: “It was the right thing to do.”Thibaut and Kelley (1959) go even further by integrat-ing the notion of irrational moves into the theory.For instance, they illustrated vengefulness as an irra-tional motive (e.g., “I would rather see both of us diethan see him get off easier than I”). They alsoexplained the role of moralization (e.g., “I will be for-given in Heaven”). A parallel to game theory can bedrawn here, as each player is assumed to be rational.This means they all wish the outcome to be as satis-factory as possible according to the specific set ofreward and cost values (Sallhammar, Helvik, &Knapskog, 2006).

As one can see, both game theory and socialexchange theory involve moves, decisions, strategies,or actions that look like those used in a chess game,where each player does not know what moves his orher opponent will take. Therefore, each of the playersmust find a strategy to examine the possible actions ofeach other in the situation. The ultimate goal is todetermine the best course of action for each player(Jehle & Reny, 2001). By providing tools for analyzingstrategic interactions among two or more players,game theory uses simple models to study complexinteractive relations. The advantage is that game theoryhelps illustrate the potential for, as well as the risksassociated with, collaborative behavior among distrust-ful players in the game. Nevertheless, it is important tonote that, unlike in chess, pieces are never removedfrom the game board. As Workman (2005) puts it,under the principles of game theory, players remainlargely nomothetic, even when modeled out as a Con-tinuous Time Markov Chain (CTMC). According tothe premises of CTMC, given the present state, future

states do not depend on past states (Workman, 2004).In other words, the description of the present statecompletely encapsulates and provides all the informa-tion that could affect the future evolution of the process.It is a probabilistic process, not deterministic, that willallow future states to be reached (Markov, 1971).

According to Rapoport (1974), game theoryimplies players (decision makers) and payoffs accu-mulated by each player as a consequence of each pos-sible outcome. A player will always take the path thatwill result in a greater payoff to himself or herself(which means that each player knows the payoffs andthe opponent(s) at any given end state). This alsoimplies that each player seeks to follow the strategiesthat will accomplish the most beneficial goal in everysituation. Of equal relevance is that game theory isthe strategic thinking about how player A will act in asituation where his or her moves will affect player B,whose moves, in turn, will have an impact on playerA. What comes next is a description of three types ofoutcomes that result from the actions taken by theplayers in the game: (1) the Nash equilibrium, (2) thezero-sum game, and (3) the positive-sum game andthe negative-sum game.

Nash Equilibrium

The concept of Nash equilibrium was coined byJohn Nash (1950). It refers to the outcome of a gamethat occurs when one player takes the best possibleaction based on the action of another player. Likewise,the latter player takes the best possible action based onthe action of the first player. In the Nash equilibrium,both players perform their dominant strategies. Whatthis means is that neither of the two players wouldchange his or her strategy if offered the chance to doso at the end of the game. So, each player makes thebest decision that he or she can, taking the actions ofhis or her opponent as given (Mehlmann, 2000).

In addition, the Nash equilibrium also implies thateach player maximizes his or her own actual or expectedpayoff. Recall that the payoff is the outcome obtained bya combination of decisions. Again, each player takes theother player’s current strategies as given (Nash, 1950). So,a player has nothing to gain by changing only his or herown strategy. If a player has chosen a strategy and if heor she cannot benefit by changing that strategy, whilethe other player keeps his or hers unchanged as well,then the current set of strategies and the payoffs that


J. Matusitz 276

result from the outcome of the game constitute a Nashequilibrium (Fudenberg & Tirole, 1991).

Zero-Sum Game

A zero-sum game is a game in which the interests ofeach player are diametrically opposed (von Neumann &Morgenstern, 1944). In other words, regardless of theoutcome of the game, the winnings of one player areexactly balanced by the losses of the other player.What this means is that each of the payoffs must bethe negative of the other(s) (Fudenberg & Tirole,1991). The outcome of the game is named “zero-sum”because when a player adds up his or her total gainsand subtracts the total losses of the other, they willsum to zero. All in all, player A can gain only at theexpense of player B (or vice versa) and the benefits andlosses to both player A and player B sum to the samevalue (von Neumann & Morgenstern, 1944).

Positive-Sum Game and Negative-Sum Game

A positive-sum game is a situation in which eachplayer can benefit from the actions taken by all players,even if some players benefit more than others. Thus, itcan result in one player losing and another gainingwith an overall gain (Mehlmann, 2000). The gainsexceed the losses. A negative-sum game is a situationin which the actions of each player hurt both them-selves and their opponents. It can also result in oneplayer losing and another gaining with an overall loss(Mehlmann, 2000).

THE ROLE OF COMMUNICATION IN GAME THEORY

Communication plays a central role in game theorybecause the theory involves the analysis of conflict,cooperation, and the degree of communicationneeded to reach a desired outcome by each player.Game theory also deals with strategic interaction(Workman, 2008). A strategic interaction requires thatthe players make decisions; the outcome of the gamedepends on the players’ choices. A strategic interac-tion inherently involves human communication. Forinstance, the cyberterrorist needs to find a waythrough communication and trust in order to reach a

collaborative outcome with the computer securityagent. In a collaborative game, the ability with whicheach player communicates, the intensity of communi-cation, and even the organization with which theseplayers communicate can affect, positively or nega-tively, the outcome of the game. If there is no com-munication between two players, then no cooperationcan be formed. However, if they can communicateand engage in cooperative behavior, the outcomewould be quite different. For this reason, repeatedinteraction might lead to different outcomes.

GAME THEORY AS APPLIED TO CYBERTERRORISM

Cyberterrorism is the intentional use of threateningand disruptive actions against computers, networks, orthe Internet in order to cause harm or further ideolog-ical, political, or similar objectives, or to intimidateany person in furtherance of such objectives (Arquilla,Rondfeltd, & Zanini, 1999; Conway, 2002; Dunnigan,2003). A similar definition of cyberterrorism is that itis “aimed at coercing a population or its governmentto accede to certain political or social objectives”(Clem, Galwankar, & Buck, 2003, p. 272). Attacksthrough the Internet need to have a terrorist compo-nent in order to be labeled “cyberterrorism.” From anhistorical standpoint, the word “cyberterrorism” wasborn in the late 1980s when Collin, a senior researchfellow at the Institute for Security and Intelligence(ISI) in California (Collin, 1996), coined this hottechno-phrase by blending two linguistic elements:cyberspace and terrorism. Now that we know whatcyberterrorism means, it would be interesting to seehow game theory can be applied to this context, howthe theory is postmodern, and what postmodernismmeans. Then, an explanation of how game theory andsocial network theory can be intermingled is provided.

Game Theory as Applied to Cyberterrorism: An Overview

Just as we are able to understand the strategies usedby conventional terrorists in a particular game, wemay also be able to understand how cyberterrorists actin a given situation. Two basic principles that make upgame theory are that the players are rational andintelligent in strategic reasoning. With respect to



cyberterrorists, why do many of them try to destroythe computer system of the Pentagon or other federalagencies? Why do they not cripple more targetsoutside those organizations? The answer to these toquestions is simple. Cyberterrorists like to commitmalicious acts where they believe it will help influencethose who make decisions directly in the way of thecyberterrorists’ goals. A network of cyberterrorists has asits main objective to cause damage to the computer sys-tem that it attacks. This damage can take many forms.First, any action undertaken by the computer networkto strengthen its security system against attacks gener-ates benefits for the cyberterrorists because it imposescosts on the computer network. Second, any movetaken by the cyberterrorists that causes damage to thecomputer network increases benefits for the cyberter-rorist (e.g., self-glorification as the “enemy” suffers).

Conversely, the response from the computer net-work against a cyberterrorist action can be twofold:retaliation (offensive) or conciliation (collaborative).Oddly enough, collaboration between the attackersand the defenders can contribute to the shrinking ofthe cyberterrorist network by reducing the number ofmembers who were part of their network. What happensis that the computer network can make it appear thatthe conciliation was not the result of the actions takenby the cyberterrorists. Consequently, some membersmay feel that the cyberterrorist attacks in questionhave not carried the impact they had hoped. In reality,though, the end result is a draw (or a win-win out-come). Retaliation can also increase winnings for bothsides because it expends resources.

The outcome can also be a Nash equilibrium.According to Lye and Wing (2005), a Nash equilibriumgives a computer security expert or a public Web serveradministrator an idea of the cyber attacker’s strategy“and a plan for what to do in each state in the event ofan attack” (p. 9). Finding additional Nash equilibriaallows that public Web server administrator to learnmore about the cyber attacker’s best attack strategies.Just like in a chess game, player A (e.g., a computersecurity agent) does not know the next move of playerB (the cyberterrorist) and vice versa. Player A onlyneeds to act when an attack on the computer networkis suspected. It is fair to assume that both players knowwhat each other is capable of doing. Yet they do noteach other’s next move. Again, it is just like a chessgame, where the game is evolutionary.

Sallhammar, Helvik, and Knapskog (2005) followedthe game model as applied to attacks on computernetworks, based on a reward and cost concept. Theirgoal for using game theory was to compute theexpected attacker behavior in regards to decisionprobabilities. As shown in Figure 1, the game model,based on a reward/cost concept, assumes that attackerswill focus on the reward of successful actions and noton the potential cost of detection (before they takeactions). Attackers will also try to take full advantageof the expected outcome of the attack. Because thegame model hinges on a reward and cost concept, itcan adjust the transition rates of the stochastic modelaccording to a specific threat assumption, such aspotential attackers’ motivation and their awareness ofdetection. The exchanges between an attacker and thesystem are modeled as a two-player zero-sum game(Sallhammar, Helvik, & Knapskog, 2006).

Please take notice of the word “random” in thegraph. This concept is part of stochastic game theory.Stochastic simply means random, a process whosebehavior is nondeterministic; a system’s subsequentstate is influenced both by predictable actions of theprocess and by randomness (Bellomo, 2007). Aftersolving the stochastic game, the expected attackerbehavior is then manifested in the transitions betweenstates in the system model by influencing the transitionrates based on a probability distribution. Eventually,the corresponding stochastic process is employed tocalculate security measures of the system, just as in thetypical availability and reliability analysis of ICT systems(Sallhammar, Knapskog, & Helvik, 2005).

FIGURE 1 The interactions between the attacker and thesystem modeled as a stochastic game.


J. Matusitz 278

Game Theory as Applied to Cyberterrorism: A Postmodern View

As opposed to conventional war techniques, gametheory in cyberspace allows for the use of grand strate-gies aiming at fast and easy disintegration of therespective opponent. Not only can a player make mul-tiple, simultaneous moves at the same time (as if he orshe were composed of multiple selves), but both playersalso can make multiple, simultaneous moves coinci-dentally. In most games, players alternate moves. Incyberspace, this is not true anymore. An opponent canlaunch multiple, simultaneous attacks easily andquickly (Littman, 1994). What this also means is thattime is not “constraining” in the context of cyberterror-ism. In other words, opponents in cyberspace are underno time control constraints (Carmel & Markovtich,1996). Timing for move and state updates is neitherfixed nor defined. In actual space, time is “perspectival”(Gebser, 1985), while in cyberspace, time is “aperspec-tival.” For this reason, time becomes a “fluxing inten-sity, rather than a fixed extensity, and as such it is notprone to being fragmented into identical and repetitiveunits of measurement such as past, present, or future”(Kramer, 1997, p. 122). This is postmodernism.

Postmodernism is a cultural movement of the latetwentieth century (Docherty, 1993; Jameson, 1991)that endorses the view that we are living in an era ofindividual freedom from imposed rules and socialconstraint (McQuail, 2000). One of the fundamentalassumptions underlying the theory of postmodernismis that it implies a blurring of the boundaries betweenpreviously distinct or opposite phenomena (Lister,Dovey, Giddings, Grant, & Kelly, 2003) and representsa shift towards spatialization and a triumph over lin-earity (Bubitt, 2002). For postmodernists, “nothing isthe same, the world is decoherent, discontinuous,uncertain, inconsistent” (Kramer, 1997, p. 10). Mean-ing is not important because it is always indetermi-nate. Meaning is deconstructed (Derrida, 1973). Tohave a good idea of what postmodernism is, it wouldbe interesting to compare it with modernism. Whilemodernism is a reaction to the early twentieth centurymachine age, postmodernism is synonym with the ageof simulation, of online selves, and of computer andelectronic media (McDermott, 1992; Turkle, 1992).

The fragmentary aspect of the Internet and commu-nication in cyberspace give each player more autonomyto create his or her own environment and identity.

While modern identity is a location, postmodern“identity” cannot be localized and “therefore oftenseen as nonidentity” (Kramer, 1997, p. xviii). Becausethey are able to change their identities every secondwith just one mouse click, cyberterrorists are free fromimposed rules and social constraint as they know it inthe perspectival, physical world. Is the other player areal threat, or is it just an FBI agent acting as a cyberspy? Because of the postmodern nature of the Internetand the absence of spatiality, the Web user can moveeffortlessly across the spatial divide. When confront-ing each other in cyberspace, the cyberterrorist andthe computer security agent find themselves in a spaceand time that are aperspectival. Kramer (1997) writesextensively on aperspectival time. For Kramer, “aper-spectival time is a dimensional constituent of theworld. Time is not anywhere, nor is it going ‘any-where.’ Nor is time a “constant” (p. 122).

Postmodernism always implies change and fluidity.This is Derrida’s (1967) deconstruction of meaningand of the Other’s sense making and intentions. Theplayer’s opponent may have an end goal that is com-patible with his or hers. Likewise, the opponent maybe trying for something that the player does not like,yet the opponent does not compromise the player’smission critical objectives (Hsu, Anantharaman,Campbell, & Nowatzyk, 1990; Tesauro, 1994). Alsointeresting is that the Internet and computer technologyallow players to change their goals more quickly andmore frequently (Carmel & Frequently, 1996). Theycan even change the rules. In most games, the rules areknown by all participants beforehand. In the case ofcyberterrorism, anything goes.

Intersection of Game Theory and Social Network Theory in the Study

of CyberterrorismThe reason game theory can intersect with social

network theory in the study of cyberterrorism isbecause the Internet is a large-scale communicationnetwork that cannot be managed by one centralauthority but rather by different nodes or hubs inter-acting with each other and using various strategies.Some nodes are cyberterrorists themselves and part ofthe game. This lends to the analysis of the networksystem using the game theory model, in which com-munication paths or data streams can be altered byselfish nodes — that is, cyberterrorists — who try to



cause damage or modify the state of the network.Instead of being a homogeneous network where usersinteract safely and in an honest way, the Internet ismore like a social network of heterogeneous, selfishusers who try to maximize their personal desires(Floyd & Fall, 1999). This is where game theory andsocial network theory intersect. Game theory is a naturalmodeling framework for understanding how nodes inthe network make decisions independently and howthey seek to optimize their desires by using strategies.Computer security agents are the standard defendersof the network (Floyd & Fall, 1999). They have tointermingle with cyberterrorists and use different strate-gies to reach their desired outcomes (for the benefit ofthe network, of course). The scenario in Figure 2 repre-sents our game model during the interaction between acyberterrorist and a computer security agent.

The public Web server, the private file server, andthe private workstation are very important nodes.Since these three nodes are highly connected to thou-sands of computers, they are actually hubs. The cyber-terrorist represents a small external node, workingfrom a single computer. The cyberterrorist is not ahub; however, his or her actions could be damaging.The links that we see are direct communication paths.The computer security agent can work, for instance,from a private workstation and can have direct accessto all the features of the public Web server. From agame theory perspective, all kinds of strategies areavailable to each player. For example, “a common targetfor use as a launching base in an attack is the publicWeb server” (Lye & Wing, 2005, p. 4). By using thishub as a springboard from which serious damagecould be inflicted, the cyberterrorist could try to floodprivate-home computers with viruses. Until the cyber-terrorist takes action, the computer security agent doesnot know whether there is an attacker or not. He orshe does not even know about the existence of thenode. It is important to note that not all actions taken

by the cyberterrorist can be observed. Once the gamehas started, each player has several choices at anygiven time during the game. An action pair, composedof the cyberterrorist and the computer security agent,can cause the local network to move from one state toanother (Lye & Wing, 2005).

There are highly expected payoffs based on theactions taken by each player. The cyberterrorist’srewards might be in terms of the amount of damagedone to the network. For instance, a “defaced corpo-rate website may cause the company to lose its reputa-tion and its customer to lose confidence” (Lye &Wing, 2005, p. 3). This is a reward for the cyberattacker. By the same token, disrupting a hub (publicWeb server) can be the desired outcome of the cyber-terrorist, even if it just takes 15 minutes for the publicWeb server administrator to determine the strategyused and restart the service. On the other hand, thereward of the computer security agent would see thestrategies taken by the cyberterrorist fail, whichhappens in most cases (Mitnick & Simon, 2002). Thegame can be a “cooperative” type of game if acyberterrorist uses inducements to get a public Webserver administrator to take actions that will reach apositive outcome. The choices and actions made bythe cyberterrorist can be influenced by the adminis-trator (and vice versa). For example, the cyberterroristcan urge the administrator to install two levels ofpassword protection to make the effort required towreaking havoc more challenging to the attacker. Itmight be the case that the cyberterrorist wants thenetwork to be in a good state in order to create thebiggest damage. After all, it takes a big target to createa big damage.

Based on the motives of the attacker, the adminis-trator might, in turn, increase security to prevent himor her from carrying out an evil plan. The cyberterroristmight perceive this next move as a tradeoff. Con-versely, computer security agents might be able tocontemplate the idea that, while unknown cyberterroristactions may occur at any time, some of their movesare more likely to occur than others.

DISCUSSION AND FUTURE DIRECTIONS

What this article has demonstrated is that gametheory is well suited to studying cyberterrorism. In theface of cyber attackers, who wage attacks in a post-

FIGURE 2 Example of a local network attacked by acyberterrorist.

privatefileserverpublic

WebserverCyberterrorist

privateworkstation


J. Matusitz 280

modern fashion, conventional strategies lead to noavail. The cyberterrorist and the computer securityagent not only engage in real-time game play but alsouse tactics that would not be utilizable in conven-tional conflict. Given this, the theory can greatly con-tribute to a better understanding of cyber strategy andits implications. Not only can a player make multiple,simultaneous moves at the same time (as if he or shewere composed of multiple selves), but both playersalso can make multiple, simultaneous moves coinci-dentally. As we have seen, cyberterrorists and theiropponents are free from time control constraints(Carmel & Markovtich, 1996) because time is notfixed; it is not even defined. While in physical spacetime is perspectival (Gebser, 1985), in cyberspace it is“aperspectival.” Time, then, becomes a fluxing inten-sity, not a fixed extensity. There are no identical,divided, and fragmented units of measurement suchas past, present, or future (Kramer, 1997). “Space,” aswe know it in actual space, is deconstructed; thecenter in cyberspace is everywhere and the circumfer-ence nowhere. This is where the value of postmod-ernism comes into play: fluidity, fragmentation, anddecentralization.

One conclusion that can be drawn from this theo-retical analysis is that cyberterrorists are postmodernInternet-based terror reapers; they constantly seek toturn the technological superiority and complexity oftheir targets into liabilities rather than assets. Justlook at how immeasurably vulnerable our postmodernsociety is in the face of malicious software programs,destruction, or any disconnection of our informationsystems or power supplies. Despite the fact thatabundant technical safeguards may be created by thefinest experts worldwide, the dangerous game wehave to face against cyberterrorists will be a strategies-versus-counterstrategies game in which the playerswho will prevail will be those who possess thestructural advantage. After all, to disrupt is structurallyless difficult than to protect. The modern protectorsmay be playing a losing game against the postmoderndisruptors.

What this article has also shown is that game theoryand social network theory can be effectively inter-sected to explore the complicated and enigmatic phe-nomenon of cyberterrorism. Game theory is aninherent modeling framework for comprehendinghow nodes in the network make independent moves

and how they seek to optimize their desires by usingvarious tactics. Since computer security agents act asthe standard defenders of the network (Floyd & Fall,1999), they put themselves in situations where theyintermingle with cyberterrorists and use strategies inorder to reach their desired outcomes (for the benefitof the network, of course). The main advantage ofintersecting social network theory and game theory isthat it allows for a more complete analysis and bet-ter understanding of confrontations taking place incyberspace.

For future research, scholars should continue to putgame theory into practice and investigate how thecyberterrorist and his or her opponent eventuallyreach their outcomes. It might prove useful to deter-mine not only how the two opponents in the game(i.e., computer security experts and law enforcementofficials vs. cyberterrorists) are creating a dichotomousdivide between the attacker and the defender but alsothe extent to which the two are intertwined. As such,it might be interesting to see whether or not thosewho defend systems and those who attack them fallinto the gray areas in between. Or, think of the follow-ing question: Do “good” and “evil” blur into gray? Nomatter what the answer to this question may be, gametheory remains a promising theory for exploring thecomplex phenomenon of cyberspace. The informa-tion age has just begun and will pave the way for manymore marvels, events, and mysteries. Understandingthe tactics and strategies used by both cyberterroristsand their opponents is only a beginning step for gametheory scholars.

REFERENCESArquilla, J., Ronfeldt, D., and Zanini, M. (1999). Networks, netwar and

information-age terrorism. In I. O. Lesser, B. Hoffman, J. Arquilla, D.F. Ronfeldt, M. Zanini, & B. M. Jenkins (Eds.), Countering the newterrorism, pp. 39–88, Santa Monica, CA: RAND.

Aumann, R. and Hart, S. (Eds.). (1992). Handbook of game theorywith economic applications. Amsterdam: Elsevier SciencePublishers.

Bellomo, N. (2007). Modeling complex living systems: A kinetic theoryand stochastic game approach. Boston: Birkhäuser.

Bilbao, J., Fernandez, J., Jimenez, N., and Lopez, J. (2002). Voting powerin the European Union enlargement. European Journal of Opera-tional Research, 143, 181–196.

Bubitt, S. (2002). Digital filming and special effects. In D. Harries (Ed.),The new media book, pp. 17–29, London: BFI Publishing.

Carmel, D. and Markovitch, S. (1996). Learning and using opponentmodels in adversary search, Technical Report, CIS9606.

Clem, A., Galwankar, S., and Buck, G. (2003). Health Implicationsof cyber-terrorism. Prehospital and Disaster Medicine, 18(3), 272–275.



Collin, B. (1996). The future of cyberterrorism. Proceedings of the Elev-enth Annual International Symposium on Criminal Justice Issues, TheUniversity of Illinois at Chicago.

Conway, M. (2002). What is cyberterrorism? Current History, 2,436–440.

Derrida, J. (1967). Writing and difference. Chicago: University of ChicagoPress.

Derrida, J. (1973). Speech and phenomena. Evanston, IL: NorthwesternUniversity Press.

Docherty, T. (1993). Postmodernism: A reader. London:HarvesterWheatsheaf.

Dunnigan, J. F. (2003). The next war zone: Confronting the global threatof cyberterrorism. New York: Citadel Press.

Fent, T., Feichtinger, G., and Tragler, G. (2002). A dynamic game ofoffending and law enforcement. International Game Theory Review,4(1), 71–89.

Floyd, S. and Fall, K. (1999). Promoting the use of end-to-endcongestion control. IEEE/ACM Transactions on Networking, 7(4),458–472.

Fudenberg, D. and Tirole, J. (1991). Game theory. Cambridge, MA: MITPress.

Gebser, J. (1985). The ever-present origin. Athens: Ohio University Press.Homans, G. C. (1958). Social behavior as exchange. American Journal of

Sociology, 63(6), 597–606.Hsu, F., Anantharaman, S., Campbell, M. S., and Nowatzyk, A. (1990).

Deep thought. In T.A. Marsland and J. Schaeffer (Eds.), Computer,chess, and cognition, pp. 55–78, New York: Springer Verlag.

Jameson, F. (1991). Postmodernism, or the cultural logic of late capitalism.Durham, NC: Duke University Press.

Jehle, G. A. and Reny, P. J. (2001). Advanced microeconomic theory,third edition. Boston: Addison-Wesley Longman.

Kramer, E. M. (1997). Modern/postmodern: Off the beaten path of anti-modernism. Westport, CT: Praeger.

Lister, M., Dovey, J., Giddings, S., Grant, I., and Kelly, K. (2003).Newmedia: A critical introduction. New York: Routledge.

Littman, M. L. (1994). Markov games as a framework for multi-agentreinforcement learning. Proceedings of the Eleventh InternationalConference on Machine Learning, pp. 157–163.

Lye, K. W. and Wing, J. M. (2005). Game strategies in network security.International Journal of Information Security, 5(1), 1–10.

Markov, A. A. (1971). Extension of the limit theorems of probability theoryto a sum of variables connected in a chain. In R. Howard (Ed.), Dynamicprobabilistic systems, pp. 552–577, New York: John Wiley and Sons.

McDermott, C. (1992). Essential design. London: Bloomsbury.

McQuail, D. (2000). McQuail’s mass communication theory. ThousandOaks, CA: Sage.

Mehlmann, A. (2000). The game’s afoot! Game theory in myth and par-adox. Providence, RI: American Mathematical Society.

Mitnick, K. D., and Simon, W. L. (2002). The art of deception: Controllingthe human element of security. Indianapolis, IN: Wiley Publishing, Inc.

Nash, J. (1950). Equilibrium points in n-person games. Proceedings ofthe National Academy of the USA, 36(1), 48–49.

Neel, J. J. (2005). Gametheory can be used to analyze cognitive radio.Electronic Engineering Times, 1386, 69–72.

Neumann, J. von and Morgenstern, O. (1944). Theory of games andeconomic behavior. Princeton, NJ: Princeton University Press.

Pike, K. L. (1967). Language in relation to a unified theory of structure ofhuman behavior. The Hague: Mouton.

Rapoport, A. (Ed.). (1974). Game theory as a theory of conflict resolu-tion. Boston: D. Reidel Publishing Company.

Sallhammar, K., Helvik, B. E., and Knapskog, S. J. (2005). Incorporatingattacker behavior in stochastic models of security. In Proceedings ofthe 2005 International Conference on Security and Management,Las Vegas, NV.

Sallhammar, K., Helvik, B. E., and Knapskog, S. J. (2006). A game-theoretic approach to stochastic security and dependabilityevaluation. In Proceedings of the Second IEEE International Sym-posium on Dependable, Autonomic and Secure Computing, India-napolis, IN.

Tesauro, G. (1994). TD-Gammon, a self-teaching backgammon programachieves master-level play. Neural Computation, 6, 215–219.

Thibaut, J. W. and Kelley, H. H. (1959). The social psychology of groups.New York: Wiley.

Turkle, S. (1992). Psychoanalytic politics: Freud’s French revolution. London:Free Association Books.

Turner, P. E. (2005). Cheating viruses and game theory. American Sci-entist, 93(5), 428–435.

Workman, M. (2004). When all you have are nails, nothing looks like ahammer: Advancements in technologies and the ontological toepistemic transformation. Reston, VA: Conference on Counter-Intel-ligence and Cyber Counter-Terrorism.

Workman, M. (2005). Nomothetic and ideographic predictions: A gener-alized application of Churchman heuristics in modeling attack epi-sodes. Tampa, FL: A presentation to the Department of DefenseNorthern Command and the National Security Agency, Project GreenDragon.

Workman, M. (2008). Technology: The double-edged sword in terrorand interdiction. Melbourne, FL: The second annual conference ofthe Global Center for Preparedness, pp. 2–11.


Documents

Cyber Terrorism as Game Theory