A Survey of Interdependent Information Security Games
- 29 August 2014
- journal article
- research article
- Published by Association for Computing Machinery (ACM) in ACM Computing Surveys
- Vol. 47 (2), 1-38
- https://doi.org/10.1145/2635673
Abstract
Risks faced by information system operators and users are not only determined by their own security posture, but are also heavily affected by the security-related decisions of others. This interdependence between information system operators and users is a fundamental property that shapes the efficiency of security defense solutions. Game theory is the most appropriate method to model the strategic interactions between these participants. In this survey, we summarize game-theoretic interdependence models, characterize the emerging security inefficiencies, and present mechanisms to improve the security decisions of the participants. We focus our attention on games with interdependent defenders and do not discuss two-player attacker-defender games. Our goal is to distill the main insights from the state of the art and to identify the areas that need more attention from the research community.Keywords
Funding Information
- Bolyai Janos Research Fellowship Nr: BO/00273/12
This publication has 37 references indexed in Scilit:
- The Price of Uncertainty in Security GamesPublished by Springer Science and Business Media LLC ,2010
- Learning More about the Underground Economy: A Case-Study of Keyloggers and DropzonesLecture Notes in Computer Science, 2009
- Learning correlated equilibria in games with compact sets of strategiesGames and Economic Behavior, 2007
- Income, interdependence, and substitution effects affecting incentives for security investmentJournal of Accounting and Public Policy, 2006
- The Economics of Information SecurityScience, 2006
- Inoculation strategies for victims of viruses and the sum-of-squares partition problemJournal of Computer and System Sciences, 2006
- IDS Models of Airline SecurityJournal of Conflict Resolution, 2005
- Sharing information on computer systems security: An economic analysisJournal of Accounting and Public Policy, 2003
- The economics of information security investmentACM Transactions on Information and System Security, 2002
- The Market for "Lemons": Quality Uncertainty and the Market MechanismThe Quarterly Journal of Economics, 1970