Optimal and Game-Theoretic Deployment of Security Investments in Interdependent Assets

  title={Optimal and Game-Theoretic Deployment of Security Investments in Interdependent Assets},
  author={Ashish Ranjan Hota and Abraham A. Clements and Shreyas Sundaram and Saurabh Bagchi},
We introduce a game-theoretic framework to compute optimal and strategic security investments by multiple defenders. Each defender is responsible for the security of multiple assets, with the interdependencies between the assets captured by an interdependency graph. We formulate the problem of computing the optimal defense allocation by a single defender as a convex optimization problem, and establish the existence of a pure Nash equilibrium of the game between multiple defenders. We apply our… 
A Game-Theoretic Framework for Securing Interdependent Assets in Networks
A general game-theoretic framework to model the security investments of resource-constrained stakeholders against targeted attacks and how this framework can be applied to determine deployment of moving target defense (MTD) in networks is developed.
A Network Monitoring Game with Heterogeneous Component Criticality Levels
This work considers an attacker-operator game for monitoring a large–scale network that is comprised of components that differ in their criticality levels and uses a previously developed approach to obtain an approximate Nash equilibrium in the general case.
A Cyber-Security Investment Game for Networked Control Systems
A general-sum, two-player, mixed strategy (MS) game, where the attacker attempts to destroy communication equipment of some nodes, and thereby render the LQR feedback gain matrix to be sparse, leading to degradation of closed-loop performance.
Network Inspection Using Heterogeneous Sensors for Detecting Strategic Attacks
This work analytically characterize Nash equilibria of this large-scale zero-sum game when every vulnerable network component can be monitored from a unique sensor location and designs a heuristic solution approach based on minimum set covers for computing inspection strategies in general.
A game theoretic model of computer network exploitation campaigns
  • Robert Mitchell, B. Healy
  • Computer Science
    2018 IEEE 8th Annual Computing and Communication Workshop and Conference (CCWC)
  • 2018
A dynamic, asymmetric, complete-information, general-sum game to model CNE campaigns and techniques to estimate this game's parameters are proposed.
BASCPS: How does behavioral decision making impact the security of cyber-physical systems?
It is shown that behavioral decision making leads to a suboptimal pattern of resource allocation compared to non-behavioral decision making, and that selfish defense decisions together with behavioral decisions significantly increase security risk.
Combining Hybrid Input-Output Automaton and Game Theory for Security Modeling of Cyber-Physical Systems
This work considers a security setting in which the CyberPhysical System (CPS) is composed of subnetworks where each subnetwork is under ownership of one defender and model such CPS using Hybrid Input-Output Automaton (HIOA) where eachSubnetwork is represented by a HIOA module.
Morshed: Guiding Behavioral Decision-Makers towards Better Security Investment in Interdependent Systems
We model the behavioral biases of human decision-making in securing interdependent systems and show that such behavioral decision-making leads to a suboptimal pattern of resource allocation compared
On a Generic Security Game Model
A game model which is generic enough to capture various modes of engagement/interactions between users and network administrators as games and the conditions for formulating the strategies when dealing with more than one attacker and making collaborations are presented.
A Hybrid Attack Model for Cyber-Physical Security Assessment in Electricity Grid
A novel Hybrid Attack Model (HAM) that combines Probabilistic Learning Attacker, Dynamic Defender, PLADD model and a Markov Chain model to simulate the planning and execution stages of a bad data injection attack in power grid is introduced.


Game Theory Meets Information Security Management
A game theoretic model which optimally allocates cyber security resources such as administrators’ time across different tasks is proposed and it is proven that the defender’s Nash strategy is also minimax, and Singular Value Decomposition (SVD) is proposed as an efficient technique to compute approximate equilibria in games.
Multidefender Security Games
Considering interdependencies among targets, the authors develop a novel mixed-integer linear programming formulation to compute a defender's best response, and approximate Nash equilibria of the game using this formulation.
Approximate Solutions for Attack Graph Games with Imperfect Information
This work model the problem of network security hardening as a general-sum extensive-form game with imperfect information and seeks a solution in the form of Stackelberg Equilibrium, and proposes a set of approximate solution methods.
A Survey of Interdependent Information Security Games
This survey summarizes game-theoretic interdependence models, characterize the emerging security inefficiencies, and present mechanisms to improve the security decisions of the participants.
Optimal interdiction of attack plans
We present a Stackelberg game model of security in which the defender chooses a mitigation strategy that interdicts potential attack actions, and the attacker responds by computing an optimal attack
Computing Randomized Security Strategies in Networked Domains
A novel framework for computing optimal randomized security policies in networked domains is introduced which extends previous linear programming techniques for Stackelberg security games to incorporate benefits and costs of arbitrary security configurations on individual assets and offers a principled model of failure cascades.
Multi-Agent Decentralized Network Interdiction Games
This work establishes theoretical bounds on the worst-case efficiency loss of equilibria in DSPI games, with such loss caused by the lack of coordination among noncooperative interdictors, and uses the decentralized algorithms to empirically study the average- case efficiency loss.
Security scheduling for real-world networks
Snares is presented, a novel algorithm that computes optimal solutions for both the defender and the attacker in such network security problems, based on a double-oracle framework and makes novel use of warm starts and greedy responses.
Moving Target Defense II: Application of Game Theory and Adversarial Modeling
This book is designed as a professional book for practitioners and researchers working in the cyber security field, advanced -level students and researchers focused on computer science will also find this book valuable as a secondary text book or reference.
Security And Game Theory Algorithms Deployed Systems Lessons Learned
Thank you very much for reading security and game theory algorithms deployed systems lessons learned, they will help people to enjoy a good book with a cup of tea in the afternoon instead of facing with some infectious virus inside their desktop computer.