Adaptive Model of Information Security Technique Investment

董红,邱菀华,吕俊杰,张雯
DOI: https://doi.org/10.3321/j.issn:1001-0920.2008.05.012
2008-01-01
Abstract:Focusing on the asymmetric information between attacker and defender,by applying the methodologies of game theory with incomplete information and network security,a game model of information security technique selections based on cost-benefit is constructed.The study shows the optimal strategies for the players in the deployment of two kinds of security techniques(only deploy firewall or both deploy firewall and intrusion detection systems(IDSs)).Then,by analyzing and comparing with hacking probability,investigation rate,the damage and response cost,the value of security techniques in an organization's IT security architecture is assessed,and thus an adaptive intrusion response strategy is made.Finally,the relative conclusion is illustrated further by an example.
What problem does this paper attempt to address?