According to the principle of deterrence in international relations, the credible threat of retaliation in response to an attack can create international peace and stability. However, one challenge of applying deterrence to cybersecurity at the international level is the attribution problem. The attribution problem occurs when it is difficult to determine who is responsible for a cyber attack, or even if an attack occurred at all. In this paper, researchers model the attribution problem to investigate the implications of imperfect attribution for cyber deterrence. After creating a model in which a defender probabilistically attributes an attack, the researchers identify an equilibrium between the defender and attacker to estimate the success of deterrence. The researchers find some improvements that can strengthen deterrence, including strengthening attack detection, reducing false alarms, and committing to a retaliatory strategy in advance. They also show that some changes can weaken deterrence, such as having too much certainty in attribution.
Author:
Sandeep Baliga, Ethan Bueno De Mesquita, and Alexander Wolitzky