TY - GEN
T1 - Game theory meets information security management
AU - Fielder, Andrew
AU - Panaousis, Emmanouil
AU - Malacaria, Pasquale
AU - Hankin, Chris
AU - Smeraldi, Fabrizio
N1 - The original publication is available at www.link.springer.com.
PY - 2014/6/2
Y1 - 2014/6/2
N2 - This work addresses the challenge “how do we make better security decisions?” and it develops techniques to support human decision making and algorithms which enable well-founded cyber security decisions to be made. In this paper we propose a game theoretic model which optimally allocates cyber security resources such as administrators’ time across different tasks. We first model the interactions between an omnipresentattackerand a team of system administrators seen as thedefender, and we have derived themixed Nash Equilibria (NE) in such games. We have formulated general-sum games that represent our cyber security environment, and we have proven that the defender’sNash strategyis alsominimax. This result guarantees that independently from the attacker’s strategy the defender’s solution is optimal. We also proposeSingular Value Decomposition(SVD) as an efficient technique to compute approximate equilibria in our games. By implementing and evaluating aminimax solver with SVD, we have thoroughly investigated the improvement that Nash defense introduces compared to other strategies chosen by common sense decision algorithms. Our key finding is that a particular NE, which we callweighted NE, provides the most effective defense strategy. In order to validate this model we have used real-life statistics from Hackmageddon, the Verizon 2013 Data Breach Investigation report, and the Ponemon report of 2011. We finally compare the game theoretic defense method with a method which implements astochastic optimization algorithm.
AB - This work addresses the challenge “how do we make better security decisions?” and it develops techniques to support human decision making and algorithms which enable well-founded cyber security decisions to be made. In this paper we propose a game theoretic model which optimally allocates cyber security resources such as administrators’ time across different tasks. We first model the interactions between an omnipresentattackerand a team of system administrators seen as thedefender, and we have derived themixed Nash Equilibria (NE) in such games. We have formulated general-sum games that represent our cyber security environment, and we have proven that the defender’sNash strategyis alsominimax. This result guarantees that independently from the attacker’s strategy the defender’s solution is optimal. We also proposeSingular Value Decomposition(SVD) as an efficient technique to compute approximate equilibria in our games. By implementing and evaluating aminimax solver with SVD, we have thoroughly investigated the improvement that Nash defense introduces compared to other strategies chosen by common sense decision algorithms. Our key finding is that a particular NE, which we callweighted NE, provides the most effective defense strategy. In order to validate this model we have used real-life statistics from Hackmageddon, the Verizon 2013 Data Breach Investigation report, and the Ponemon report of 2011. We finally compare the game theoretic defense method with a method which implements astochastic optimization algorithm.
KW - Information security management
KW - game theory
KW - cyber security
U2 - 10.1007/978-3-642-55415-5_2
DO - 10.1007/978-3-642-55415-5_2
M3 - Conference contribution with ISSN or ISBN
SN - 9783642554148
VL - 428
T3 - IFIP Advances in Information and Communication Technology
SP - 15
EP - 29
BT - 29th IFIP International Information Security and Privacy Conference
PB - Springer
CY - Berlin Heidelberg
T2 - 29th IFIP International Information Security and Privacy Conference
Y2 - 2 June 2014
ER -