Co-evolutionary dynamics of attack and defence in cybersecurity

In the evolving digital landscape, it is crucial to study the dynamics of cyberattacks and defences. This study uses an Evolutionary Game Theory (EGT) framework to investigate the evolutionary dynamics of attacks and defences in cyberspace. We develop a two-population asymmetric game between attacker and defender to capture the essential factors of costs, potential benefits, and the probability of successful defences. Through mathematical analysis and numerical simulations, we find that systems with high defence intensities (at least 80%) show stability with minimal attack frequencies (at most 10%), whereas low-defence environments (lower than 50%) show instability and are vulnerable to attacks. We simulate 100,000 randomly sampled games and observe three key results: (i) the defend and attack equilibrium remains stable in 39.8% of configurations; (ii) increasing the defence success rate from 0.2 to 0.8 reduces the frequency of successful attacks by nearly 50%; and (iii) in over 80% of sampled games the system converges to a stable boundary equilibrium, indicating robust evolutionary dynamics. We validate these outcomes using a public dataset of real-world cyber incidents (2004–2020). Our theoretical findings align with this historical data, demonstrating the interdisciplinary impact, such as fraud detection, risk management and cybersecurity decision-making. Our EGT framework uniquely captures co-evolving attacker-defender populations, achieves stable equilibrium outcomes, and demonstrates robustness through large-scale random game analysis and social welfare evaluation. Overall, our analysis suggests that adaptive cybersecurity strategies based on EGT can improve resource allocation, enhance system resilience, and reduce the overall risk of cyberattacks. By incorporating real-world data, this study demonstrates the applicability of EGT in addressing the evolving nature of cyber threats and the need for secure digital ecosystems through strategic planning and proactive defence measures.