Securityby The Ghost in The Prompt2026-03-117 min read

Game Theory and the k_atk of 2026

Security isn't a state of being. It's a rate of change. The attacker has a budget, the defender has a constraint set, and in 2026 both of them have AI. The math hasn't changed. The velocity has.

Every attacker has a budget.

The academic literature on darknet exploit markets has been mapping this since at least 2017 β€” Robertson et al. built the formal model, and it held up well for its era. You had k_atk: the attacker's total budget. You had c_ex: the cost of a specific exploit. You had the defender's constraint set C: the things that cannot be patched because the business needs them running. The math suggested that if the defender could keep the wall expensive enough, the rational attacker would move to softer targets.

The model was correct. The variables evolved into something else.

The Fixed Price Tag Is Gone

In the 2017 model, c_ex was a market price. You went to a darknet forum, you bought GovRAT or a Flash zero-day, you knew what you paid. The exploit had a cost, you compared it to the expected payoff, you made a decision. Rational actor behavior under budget constraint. Predictable.

c_ex in 2026 is an inference cost.

Attackers are not buying exploit kits and deploying them. They are renting GPU time and running autonomous agents that perform thousands of micro-probes per second β€” probing response patterns, timing variations, error message differences, behavioral fingerprints. The exploit is not purchased; it is generated, customized to the specific target, specific version, specific configuration, in real time.

The Exploit Function that used to map tool-to-vulnerability is now a generative process. The attacker does not need to know your exact vulnerability in advance. They need compute and time. Your constraint set C β€” the legacy dependency that cannot be patched, the unrotated credential, the internet-facing service that should not be internet-facing β€” is no longer hidden behind friction. It is visible to any automated scanner that runs long enough.

The math still works. The attacker is still comparing k_atk to expected payoff. The cost structure changed: reconnaissance got cheap, customization got cheap, patience is no longer required because the agent runs while the attacker sleeps.

The Slow Poison: Skewing the Baseline

The overlap payoff in the original model was binary: attacker's tool hits defender's unpatched hole, attacker wins a point. Clean, measurable, gameable by either side.

The asymmetric payoff in 2026 is not a point. It is a baseline.

An attacker who understands your detection strategy does not need to find a clean path through. They need to find the noise floor of your monitoring β€” the level at which your SIEM or your AI-based EDR considers traffic normal β€” and then operate just below it. Not crashing through the wall. Slowly teaching the system that what they are doing is unremarkable.

The technique is model poisoning through behavioral normalization. Send gray traffic β€” activity that is individually ambiguous, collectively meaningful β€” over weeks or months. Your detection model updates on what it sees. The baseline of "normal" drifts. Behavior that would have triggered an alert at the start of the campaign no longer triggers one because the model has been taught, gradually, that this pattern is Tuesday.

# What detecting baseline drift looks like β€” not catching the attack,
# catching the slow movement of "normal" that precedes the attack

import numpy as np
from collections import deque

class BaselineDriftDetector:
    def __init__(self, window_size=1000, drift_threshold=2.5):
        self.window = deque(maxlen=window_size)
        self.initial_mean = None
        self.initial_std = None
        self.drift_threshold = drift_threshold  # standard deviations

    def calibrate(self, initial_observations):
        """Establish baseline from clean historical data"""
        self.window.extend(initial_observations)
        self.initial_mean = np.mean(initial_observations)
        self.initial_std = np.std(initial_observations)

    def observe(self, value):
        self.window.append(value)
        current_mean = np.mean(self.window)

        # How far has the current mean drifted from the calibrated baseline?
        drift = abs(current_mean - self.initial_mean) / (self.initial_std + 1e-9)

        if drift > self.drift_threshold:
            return {
                "alert": True,
                "drift_score": drift,
                "baseline_mean": self.initial_mean,
                "current_mean": current_mean,
                "message": f"Baseline drift detected: {drift:.2f}Οƒ from initial"
            }
        return {"alert": False, "drift_score": drift}


# Use it: feed your detection model's feature distributions through this
# If the "normal" traffic profile is slowly moving, someone is teaching it to move
detector = BaselineDriftDetector(window_size=500, drift_threshold=2.0)

The critical insight: the attack is not in the payload. The attack is in the slow movement of what your system considers normal. By the time the actual intrusion happens, the detection model has been coached to interpret it as background noise. The alert does not fire. The attacker who took three months to shift the baseline spends three minutes on the objective.

HACK LOVE BETRAY
COMING SOON

HACK LOVE BETRAY

Mobile-first arcade trench run through leverage, trace burn, and betrayal. The City moves first. You keep up or you get swallowed.

VIEW GAME FILE β†’

Defending against this requires monitoring the monitor β€” watching not just what the detection system flags, but whether the distribution of what it considers normal is drifting over time. A detection model that is learning continuously from live traffic can be taught. The defender needs to know when the learning is being weaponized.

Moving Target Defense: Breaking the Attacker's Math

If the attacker is a rational actor with a budget k_atk and the cost of a successful attack is c_ex, the defender's lever is the denominator: make the reconnaissance cost exceed the expected payoff before the attack can be completed.

Moving Target Defense is the stochastic answer to static targeting. The attacker needs to know what they are hitting. If the target changes faster than reconnaissance can be completed, the intelligence the attacker gathered becomes stale before it can be used.

# MTD concept: rotate service ports on a schedule the attacker cannot predict
# Real implementations rotate container identities, IP addresses, instruction sets

import random
import time
import hashlib

class MovingTargetScheduler:
    def __init__(self, base_ports, rotation_interval=300, seed=None):
        self.base_ports = base_ports
        self.rotation_interval = rotation_interval  # seconds
        self.seed = seed or random.randint(0, 2**32)

    def current_ports(self):
        """Deterministic but unpredictable rotation β€” same result for all
           authorized clients who share the seed, unknown to observers"""
        time_slot = int(time.time() / self.rotation_interval)
        slot_hash = hashlib.sha256(
            f"{self.seed}:{time_slot}".encode()
        ).hexdigest()

        rng = random.Random(slot_hash)
        available = list(range(49152, 65535))  # ephemeral port range
        return rng.sample(available, len(self.base_ports))

    def time_until_rotation(self):
        elapsed = time.time() % self.rotation_interval
        return self.rotation_interval - elapsed


scheduler = MovingTargetScheduler(base_ports=[80, 443, 22])
print(f"Current ports: {scheduler.current_ports()}")
print(f"Rotates in: {scheduler.time_until_rotation():.0f}s")
# Authorized clients know the seed β€” they can calculate current_ports()
# An attacker who scanned 30 seconds ago has stale data

The attacker cannot calculate the Exploit Function against a target that changes before the packet arrives. They can still probe β€” but every probe is a cost against k_atk, and the information it produces has a short half-life. The attacker's math requires knowing the target long enough to exploit it. MTD shortens that window to a duration that makes the math not work.

Real MTD implementations rotate more than ports: container identities, internal IP assignments, instruction set variants, even the behavioral signatures that endpoint detection uses to identify processes. The goal is the same β€” maximize the attacker's reconnaissance cost per unit of time, minimize the window in which intelligence gathered yesterday is still valid today.

Keep the Math. Change the Velocity.

The game theory model from 2017 still describes the problem correctly. Attacker budget against expected payoff against defender constraint set. That math is not wrong. The parameters changed.

c_ex is no longer a market price β€” it is an inference cost, and inference is getting cheaper. The payoff is no longer a binary win β€” it is a slow baseline shift that the detection model learns to ignore. The defender's constraint set is no longer hidden by friction β€” it is visible to any automated process with enough runtime.

The counter is velocity. If the attacker's advantage is patience and automation, the defender's answer is to make patience expensive: rotate the surface faster than reconnaissance can be completed, monitor the monitor for drift, and treat the security posture as a rate of change rather than a configuration state.

The darknet is a decentralized compute farm for adversarial agents. The defense needs to be a moving target, not a wall.

Keep the math. Change the velocity.

GhostInThePrompt.com // Security isn't a state of being. It's a rate of change.

Reference: 'Using Game Theory for Threat Intelligence' β€” Robertson et al. (2017).

Continue Reading

security

The AI Training Pipeline: 2026's New Supply Chain Attack

The threat surface shifted while you were looking at the logs. Analyzing the structural blind spots in AI training pipelinesβ€”from the 0.1% poisoning threshold to the invisible suppression of triage models.

security

Malware Development for Ethical Hackers: To Catch a Wolf

Zhussupov's book makes an argument most security curricula avoid: you cannot defend against techniques you haven't written yourself. XOR obfuscation, dynamic API resolution, DLL hijacking β€” the red team toolkit, explained.