Cyber security can be viewed as a non-zero sum game between an attacker and a defender. The attacker tries to find the most destructive adversarial strategies while the defender tries to find the most stable defence strategies.
Nisioti et al. (2021) conduct a research on game-theroretic decision support for optimising cyber forensic investigations. In the study, they provided two game models (Nash Cyber Investigation Game and Bayesian Cyber Investigation Game) and their strategy spaces, expected payoffs and solutions, respectively. Then they provided a case study of a Bayesian game comprising incomplete information model. This methodology enables a investigator to adopt an effective investigative policy that accounts for the case and effects of possible actions and address the uncertainties of attackers. The model the team proposed was validated through a real world example of report date from MITRE ATT&CK STIX database and Common Vulnerability Scoring System (CVSS).
Resource:
Game-Theoretic Decision Support for Cyber Forensic Investigations https://www.mdpi.com/1424-8220/21/16/5300/htm#sec3dot1-sensors-21-05300