Predicting your adversary's behaviour is the holy grail of threat modeling. This talk will explore the problem of adversarial reasoning under uncertainty through the lens of game theory, the study of strategic decision-making among cooperating or conflicting agents. Starting with a thorough grounding in classical two-player games such as the Prisoner's Dilemma and the Stag Hunt, we will also consider the curious patterns that emerge in iterated, round-robin, and societal iterated games.
But as a tool for the real world, game theory seems to put the cart before the horse: how can you choose the proper strategy if you don't necessarily even know what game you're playing? For this, we turn to the relatively young field of probabilistic programming, which enables us to make powerful predictions about adversaries' strategies and behaviour based on observed data.
This talk is intended for a general audience; if you can compare two numbers and know which one is bigger than the other, you have all the mathematical foundations you need.
By day a mild-mannered build engineer, by night the leader of the Langsec Conspiracy (http://www.langsec.org), Meredith L. Patterson lives in Brussels, Belgium. She wrote and maintains the Hammer parser generator library (https://github.com/UpstandingHackers/hammer), and is currently working on Tongs, a "standard library" of reference implementations of protocol, file format, and message format parsers. When not traveling to far too many infosec conferences, she enjoys bicycling, cooking, and target shooting.