Wei Sun,Xiangwei Kong,Dequan He,Xingang You

DOI: https://doi.org/10.1109/ICICIC.2008.319

2008-01-01

Abstract:The purpose of this paper is to analyze the strategy to promote the information security investment based on game theory. We use game theory to make the analysis and put forward the fruitful strategy suggestions for the defender organization to invest in information security. We set up the information security game model, and make the Nash Equilibrium analysis. The Nash Equilibrium analysis results of pure strategy and mixed strategy are consistent. By Nash Equilibrium analysis, we get the cost demand for information security investment. If this demand condition is not satisfied, we introduce the penalty parameter to the investment game. By regulating the value of the penalty parameter, we solve the hard problem of information security investment when it is difficult to reduce the investment cost. It is the first time to analyze information security investment by game theory. Our results provide fruitful strategy suggestions to promote information security investment.

Wei Sun,Xiangwei Kong,Dequan He,Xingang You

DOI: https://doi.org/10.1109/ISECS.2008.147

2008-01-01

Abstract:The purpose of this paper is to resolve information security problem in the mobile electronic commerce industry chain. We analyze information security based on evolutionary game theory. In this paper, we set up the information security game model with penalty parameter, calculate replicator dynamics, and analyze the evolutionary stable strategy of the game model. The result reveals that reducing the investment cost is the key factor to promote information security investment. If this condition can not be satisfied, the regulation of penalty parameter will help to promote the investment. The research method in this paper provides a new thought for the solution of information security in the mobile electronic commerce chain.

孙薇,孔祥维,何德全,尤新刚

DOI: https://doi.org/10.3969/j.issn.1007-3221.2008.05.015

2008-01-01

Abstract:Based on Game theory,this paper analyzes the equilibrium of information security investment,and provides a new method to solve the investment quantity of information security.It sets up the information security investment game model of the organizations according to the strategy interdependence,and the relation parameter in the model reflects the game relationship of two organizations,so the equilibrium analysis is made based on reaction function method according to the deferent value of relation parameter.In particular,for the attacker-defender game relationship,it brings forward a proposition of information security investment and makes simulation analysis.The research result not only explains the information security investment in the world,but also provides a good direction of the information security investment quantity for organizations.

Suyuan Luo,Tsan‐Ming Choi

DOI: https://doi.org/10.1111/poms.13666

IF: 4.638

2022-02-21

Production and Operations Management

Abstract:E‐commerce supply chains and their members face risks from cyber‐attacks. Consumers who purchase goods online also risk having their private information stolen. Thus, businesses are investing to improve cyber‐security at a nontrivial cost. In this paper, we conduct a Stackelberg game‐theoretical analysis. In the basic model, we first derive the equilibrium pricing and cyber‐security level decisions in the e‐commerce supply chain. Based on real‐world practices, we then explore whether governments should impose cyber‐security penalty schemes. Our findings show that when the government is characterized by having sufficiently high emphasis on consumer surplus, implementing the penalty scheme is beneficial to social welfare. Then, we extend the analysis to examine how adopting systems security enhancing technologies (such as blockchain) will affect the government's choice of imposing penalty. We uncover that when it is beneficial to have government's penalty scheme, the technology benefit‐to‐cost ratio is a critical factor that governs whether the optimal penalty will be lower or higher with the adoption of systems security enhancing technologies. To generate more insights, we conduct further analyses for various extended modeling cases (e.g., with alliance, competition, and the defense‐level dependent penalty scheme) and find that our main results remain robust. One important insight we have uncovered in this study is that imposing government penalty schemes on cyber‐security issues may do more harm than good; while once it is beneficial to implement, the government should charge the heaviest possible fine. This finding may explain why in the real world, governments basically always adopt a polarized strategy, that is, either do not impose penalty or impose a super heavy penalty, on cyber‐security issues.

operations research & management science,engineering, manufacturing

Hengwei Zhang,Jihong Han,Jian Zhang,Jindong Wang

DOI: https://doi.org/10.1109/ihmsc.2013.18

2013-01-01

Abstract:To ensure the security of information systems, security risk have to be accurately evaluate first. Because security risk is influenced by attackers and defenders, it is necessary to consider the costs and benefits of both sides. However, the current evaluation methods mostly focus on one side. To solve the problem, in this paper we propose a security risk evaluation model Based on complete information static game (SRE-CSG). The SRE-CSG model represents the interaction and mutual influence of both sides' strategies in the confrontation. On the basis of the SRE-CSG model, we present an improved payoff calculation method. The method takes into account the cost parameters and benefit parameters, and therefore be able to more accurately calculate the payoff. By analyzing Nash equilibrium strategy of information security game, an algorithm is designed to evaluate security risk value. The risk value derived from the algorithm is Based on equilibrium strategy of attackers and defenders, so it is more comprehensive and accurate. The SRE-CSG model and the algorithm can provide theoretical support for the efficient information systems security protection. The example analysis proves the effectiveness of the model and algorithm.

Xing Gao,Manting Qiu,Ying Wang,Xifan Wang

DOI: https://doi.org/10.1080/01605682.2022.2096506

IF: 3.6

2022-08-04

Journal of the Operational Research Society

Abstract:Nowadays, business connection between firms becomes rather common so that one firm stores not only its information asset but also some of other firms' information asset. The management of information security is vital for these resource-sharing firms. This paper constructs a game-theoretic model between two resource-sharing firms and one hacker to examine their strategic interaction when the firms face budget constraint on security investment. We consider security information sharing between the firms, which can improve their overall security effort but meantime facilitate the hacker's learning to reduce attack costs. We find that although a tight budget constraint can help save investment cost, the firms always suffer from a poorly secure environment. It shows that although security information sharing is usually encouraged, the firms may be hurt when security information sharing is excessive so that fierce cyber-attacks are induced. We finally design an optimal compensation mechanism, in which the compensation fund is shown to increase with the degree of resource sharing.

management,operations research & management science

Yuanzhuo Wang,Chuang Lin,Kun Meng,Junjie Lv

DOI: https://doi.org/10.4304/jcp.4.6.461-468

2009-01-01

Journal of Computers

Abstract:In this paper, we propose a novel modeling method, Stochastic Game Nets (SGN) and use it to model and analyze the attack actions in electronic commerce (e-commerce). Firstly, the definition and modeling algorithm of Stochastic Game Nets are given. And then we apply the Stochastic Game Nets method to describe the attack and defense course in e-commerce. Finally we analyze the attack time and attack probability in the e-commerce quantificationally based on the model successfully. The method can also be applied to other areas with respect to a game.

Guang Zhu,Hu Liu,Mining Feng

DOI: https://doi.org/10.3390/math6100177

IF: 2.4

2018-01-01

Mathematics

Abstract:With the rapid development of information technologies, security violations in online social networks (OSN) have emerged as a critical issue. Traditional technical and organizational approaches do not consider economic factors, which are increasingly important to sustain information security investment. In this paper, we develop an evolutionary game model to study the sustainability of information security investment in OSN, and propose a quantitative approach to analyze and optimize security investment. Additionally, we examine a contract with an incentive mechanism to eliminate free riding, which helps sustain the security investment. Numerical examples are provided for illustration and simulation purposes, leading to several countermeasures and suggestions. Our analytical results show that the optimal strategy of information security investment not only is correlated with profit growth coefficients and investment costs, but is also influenced significantly by the profits from free riding. If the profit growth coefficients are prohibitively small, both OSN service providers and online platforms will not choose to sustain investment based on small profits. As profit growth coefficients increase, there is a higher probability that game players will invest. Another major finding is that the (Invest, Invest) profile is much less sensitive to the change of profit growth coefficients and the convergent speed of this scenario is faster than the other profiles. The government agency can use the proposed model to determine a proper incentive or penalty to help both parties reach the optimal strategies and thus improve OSN security.

Guang ZHU,Xue-lian CAO,Dan YU,Yue SUN

DOI: https://doi.org/10.13833/j.issn.1007-7634.2018.06.008

2018-01-01

Abstract:[Purpose/significance]To define the game agents composed of users, libraries and hackers in library context service, and to develop a game model of privacy protection from the perspective of privacy profit, cost and loss, have become a important task in library service.[Method/process]This paper designs the game agents consisted of users, libraries and hackers, and investigates the strategic behavior of privacy protection for them. According to the payoff matrices of different agents, several equilibrium strategies can be found.[Result/conclusion]The analysis results show that the privacy strategies of game agents are related with privacy cost, detect probability of hacker attack and privacy loss. There are two kinds of Nash equilibrium and one kind of Bayesian mixed strategy equilibrium. At last, a numerical verification for the mathematical model is given and several countermeasures and suggestions are proposed for the development of privacy protection and library context service.

Haifeng Xu,Albert X. Jiang,Arunesh Sinha,Zinovi Rabinovich,Shaddin Dughmi,Milind Tambe

DOI: https://doi.org/10.48550/arXiv.1504.06058

2015-05-04

Abstract:Most models of Stackelberg security games assume that the attacker only knows the defender's mixed strategy, but is not able to observe (even partially) the instantiated pure strategy. Such partial observation of the deployed pure strategy -- an issue we refer to as information leakage -- is a significant concern in practical applications. While previous research on patrolling games has considered the attacker's real-time surveillance, our settings, therefore models and techniques, are fundamentally different. More specifically, after describing the information leakage model, we start with an LP formulation to compute the defender's optimal strategy in the presence of leakage. Perhaps surprisingly, we show that a key subproblem to solve this LP (more precisely, the defender oracle) is NP-hard even for the simplest of security game models. We then approach the problem from three possible directions: efficient algorithms for restricted cases, approximation algorithms, and heuristic algorithms for sampling that improves upon the status quo. Our experiments confirm the necessity of handling information leakage and the advantage of our algorithms.

Computer Science and Game Theory,Artificial Intelligence

Tridib Bandyopadhyay,Dengpan Liu,Vijay S. Mookerjee,Allen W. Wilhite

DOI: https://doi.org/10.1007/s10796-012-9373-x

2012-01-01

Information Systems Frontiers

Abstract:Hackers evaluate potential targets to identify poorly defended firms to attack, creating competition in IT security between firms that possess similar information assets. We utilize a differential game framework to analyze the continuous time IT security investment decisions of firms in such a target group. We derive the steady state equilibrium of the duopolistic differential game, show how implicit competition induces overspending in IT defense, and then demonstrate how such overinvestment can be combated by innovatively managing the otherwise misaligned incentives for coordination. We show that in order to achieve cooperation, the firm with the higher asset value must take the lead and provide appropriate incentives to elicit participation of the other firm. Our analysis indicates that IT security planning should not remain an internal, firm-level decision, but also incorporate the actions of those firms that hackers consider as alternative targets.

Binbin Liu

DOI: https://doi.org/10.1088/1742-6596/2037/1/012126

2021-09-01

Journal of Physics: Conference Series

Abstract:At present, network security is a problem that needs to be solved urgently in the current network era. In order to reduce the loss caused by network security threats, and also use limited computer resources to select the best defense strategy, a set of network attack and defense game models are designed to identify the situation of network security threats. Aiming at the unstable problem of the security quantification process of traditional network node information, a network security threat situation identification based on the offensive and defensive game model is proposed. First, build an offensive and defensive game model, design the corresponding situation identification strategy, and calculate the overall utility and expected output of both offensive and defensive parties while clarifying the changes in the authority of both sides during the offensive and defensive process. This paper takes the offensive and defensive game model as the theoretical basis of the research, uses the algorithm as the auxiliary research, and integrates its important content to analyze and research the optimization of the algorithm to improve the network security threat situation identification. This paper uses the classic offensive and defensive game model as the research object to identify the threat situation of network security. In the process of selecting the offensive and defensive game model, it is necessary to have a better grasp of the relevant algorithms. This article introduces the offensive and defensive game model into the network security threat situation identification, and on this basis, it deeply discusses the applicability and effectiveness of the offensive and defensive game model in the complex network security threat situation identification, and provides better for the establishment of future network security systems. Reference. The experimental results show that this study is effective and feasible in the offensive and defensive game model in the network security threat situation identification. It should be noted that in the defense process, the probability of success and the degree of damage of the attack path must be grasped to ensure that the optimal offensive and defensive decision-making meets the actual needs of network security.

Junjie Lv,Chen Zhao,Min Yu,Shuangshuang Sun,Mingke He

DOI: https://doi.org/10.3233/978-1-61499-440-4-880

2014-01-01

Abstract:Nowadays, digital product online logistics has become an essential part of people's daily life. While online logistics proves to be a convenience and efficient service, it poses potential risk to information security. In this paper, we focus on improving information security of digital products online logistics. The stochastic game nets is employed to simulate online logistics and the behavior of attackers and defenders in order to discover and solve potential safety risks. The authors have conceived a novel scheme for digital products transportation over the internet which has higher level of security.

Jiaqi Ren,Jin Liu,Yibo Dong,Zhe Li,Weili Li

DOI: https://doi.org/10.3390/e26080624

IF: 2.738

2024-07-25

Entropy

Abstract:Recently, research interest in the field of infrastructure attack and defense scenarios has increased. Numerous methods have been proposed for studying strategy interactions that combine complex network theory and game theory. However, the unavoidable effect of constrained strategies in complex situations has not been considered in previous studies. This study introduces a novel approach to analyzing these interactions by including the effects of constrained strategies, a factor often neglected in traditional analyses. First, we introduce the rule of constraints on strategies, which depends on the average distance between selected nodes. As the average distance increases, the probability of choosing the corresponding strategy decreases. Second, we establish an attacker–defender game model with constrained strategies based on the above rule and using information theory to evaluate the uncertainty of these strategies. Finally, we present a method for solving this problem and conduct experiments based on a target network. The results highlight the unique characteristics of the Nash equilibrium when setting constraints, as these constraints influence decision makers' Nash equilibria. When considering the constrained strategies, both the attacker and the defender tend to select strategies with lower average distances. The effect of the constraints on their strategies becomes less apparent as the number of attackable or defendable nodes increases. This research advances the field by introducing a novel framework for examining strategic interactions in infrastructure defense and attack scenarios. By incorporating strategy constraints, our work offers a new perspective on the critical area of infrastructure security.

physics, multidisciplinary

Yuedong Xu,John C.S. Lui

DOI: https://doi.org/10.48550/arXiv.2202.09755

2022-02-20

Abstract:In this paper, we consider a new network security game wherein an attacker and a defender are battling over "multiple" targets. This type of game is appropriate to model many current network security conflicts such as Internet phishing, mobile malware or network intrusions. In such attacks, the attacker and the defender need to decide how to allocate resources on each target so as to maximize his utility within his resource limit. We model such a multi-dimensional network security game as a constrained non-zero sum game. Two security breaching models, the product-form and the proportion-form, are considered. For each breaching model, we prove the existence of a unique Nash equilibrium (NE) based on Rosen's theorem and propose efficient algorithms to find the NE when the games are strictly concave. Furthermore, we show the existence of multiple NEs in the product-form breaching model when the strict concavity does not hold. Our study sheds light on the strategic behaviors of the attacker and the defender, in particular, on how they allocate resources to the targets which have different weights, and how their utilities as well as strategies are influenced by the resource constraints.

Computer Science and Game Theory

Xiaotong Li

DOI: https://doi.org/10.1080/09537325.2020.1841158

2020-11-18

Technology Analysis and Strategic Management

Abstract:<span>With the development of information technology and the deepening of enterprise informatization, there are new challenges of enterprise information security investment decisions because of cooperative relationships among multi-enterprises. In this paper, the Gordon-Loeb model is extended to the multi-enterprise game environment, and combined with the probability of hacker invasion, which can stimulate enterprises to increase investment in information security and reduce costs, the game model of information security investment among complementary enterprises is constructed. Through this model, the impact of factors on optimal investment can be analyzed. It is found that the information security level of enterprises in cooperation situation is higher than that in the non-cooperation situation. Our research shows that the optimal investment will increase with the increase of the probability of one spread in cooperative situations, which is contrary to the changing trend of enterprises in non-cooperation situations, and there is a minimum expected cost threshold. According to the results, enterprise compensation mechanism and information sharing mechanism are designed to ensure the optimal level of social information security, it provides a new solution to deal with the information security investment decision of complementary enterprises under the characteristics of multi-enterprise and non-cooperative.</span>

management

Lv Junjie,Wang Yuanzhuo,Li Jingyuan,Meng Kun,Lin Chuang

DOI: https://doi.org/10.1049/cje.2015.07.002

IF: 1.019

2015-01-01

Chinese Journal of Electronics

Abstract:Model-based quantitative techniques are not commonly used for web service behaviors security evaluation, which have typically been applied to analyze small parts of an overall design. Aiming at the traits of attack behaviors for web services, this paper proposes the hierarchical Stochastic game nets (SGN) model and analysis methods. We give the definitions and important theorems of stochastic game nets, study the modeling algorithm of hierarchical SGN model. A series of simulation results are presented to show that, by applying hierarchical SGN model to describe the attack and defense behaviors in web services, quantifiable results can be successfully obtained for the evaluation of important attributes.

Erick Galinkin

DOI: https://doi.org/10.48550/arXiv.2103.12520

2021-03-03

Cryptography and Security

Abstract:We introduce some preliminaries about game theory and information security. Then surveying a subset of the literature, we identify opportunities for future research.

Yuanzhuo Wang,Jingyuan Li,Kun Meng,Chuang Lin,Xueqi Cheng

DOI: https://doi.org/10.1002/sec.535

IF: 1.968

2012-04-17

Security and Communication Networks

Abstract:In this paper, we propose a novel modeling method attack–defense stochastic game Petri nets (or ADSGN) to model and analyze the security issues in enterprise network. We firstly give the definition and modeling method algorithm of ADSGN and then propose the algorithm of the strategy. The proposed ADSGN method is successfully applied to describe the attack and defense courses in the enterprise network. Finally, we analyze the mean time to first security breach and the mean time to security breach in the enterprise network quantifiably, and proved that our method can also be applied to other areas with respect to game issues. Copyright © 2012 John Wiley &amp; Sons, Ltd. According to the characteristics of the network attack and defense actions, we extend the previous work by proposing attack‐defense stochastic game Petri nets (or ADSGNs), which can be used to model and analyze the competitive game issues by using classical methods from stochastic Petri nets. ADSGN are suitable to investigate the complex and dynamic game‐related issues in network attack. In this paper, we use ADSGN to model and analyze the enterprise network attacks, compute the Nash equilibrium to deduce the best‐response strategies to defend the attacks. We believe that ADSGN can open a new avenue to handle the game‐related issues in network security.

computer science, information systems,telecommunications

Erick Galinkin,John Carter,Spiros Mancoridis

DOI: https://doi.org/10.48550/arXiv.2109.11592

2021-09-23

Cryptography and Security

Abstract:In cybersecurity, attackers range from brash, unsophisticated script kiddies and cybercriminals to stealthy, patient advanced persistent threats. When modeling these attackers, we can observe that they demonstrate different risk-seeking and risk-averse behaviors. This work explores how an attacker's risk seeking or risk averse behavior affects their operations against detection-optimizing defenders in an Internet of Things ecosystem. Using an evaluation framework which uses real, parametrizable malware, we develop a game that is played by a defender against attackers with a suite of malware that is parameterized to be more aggressive and more stealthy. These results are evaluated under a framework of exponential utility according to their willingness to accept risk. We find that against a defender who must choose a single strategy up front, risk-seeking attackers gain more actual utility than risk-averse attackers, particularly in cases where the defender is better equipped than the two attackers anticipate. Additionally, we empirically confirm that high-risk, high-reward scenarios are more beneficial to risk-seeking attackers like cybercriminals, while low-risk, low-reward scenarios are more beneficial to risk-averse attackers like advanced persistent threats.