We specialize in developing Moving Target Defense (MTD) solutions that are driven by decision and game theoretic techniques, coupled with artificial intelligence and reinforcement learning ones, to harden systems against cyber attacks. We utilize our research methodologies and expertise to engage with businesses, local and federal organizations in modeling, designing, developing and deploying state-of-the-art defense strategies.

Why Game Theory?

In a nutshell, game theory enables us to model the interaction between the defender and the attacker (which we refer to as players) over a one-shot game or a series of games. In a given game, actions available to the players are associated with certain rewards and each player seeks to maximize their own rewards while reasoning about the actions available to their opponent. Solving these games yields rational defense (and attack) strategies.

Consider the simple game of “rock, paper, scissors” between 2 players. The optimal strategy for any player is to play each action with probability 1/3. This is referred to as a mixed strategy which is a probability distribution over the available actions. Playing any other probability distribution would allow the opponent to capitalize on that. For example, if a player plays “rock” with probability 1/2, their opponent can respond with “paper” with probability 1/2. Mixed strategies are very critical since they entail that despite the knowledge of the mixed strategies, each player is not aware of what exact action will be played next.

The relation between Game Theory and Moving Target Defense strategies

The defender’s mixed strategy obtained from solving the games becomes the Moving Target Defense mechanism. In other words, the randomization inherent in the MTD strategy is dictated by the mixed strategy which captures critical parameters such as the value of resources protected, the risk the attacker is willing to take, the attacker available resources, etc.

How are the MTD strategies developed by Blocmount are different from traditional MTD strategies?

Traditional MTD strategies incorporates randomization to make the system look less predictable. This is typically done using different probability distribution functions that are largely independent from the current state and the value of the protected assets nor do they capture the rational strategies available to the attacker. Through careful modelling of the game (e.g., actions, rewards, state), our MTD strategies capture the relative priorities of the assets, in conjunction with the actions (and resources) available to the attacker.

Our MTD strategies are custom developed for the client, rather than a general product that does not capture the critical assets present at the client nor the interest of the attacker in attacking/hacking those assets.

Artificial Intelligence (AI) is in the picture

Solving small games – as the “rock, paper, scissors” – can be easily done with a simple linear program. As the size of the games becomes larger, finding the mixed strategies becomes a challenging problem. We use artificial intelligence and machine learning techniques to obtain the mixed strategies.