Game theory meets information security management

Andrew Fielder, Emmanouil Panaousis, Pasquale Malacaria, Chris Hankin, Fabrizio Smeraldi

Research output: Chapter in Book/Conference proceeding with ISSN or ISBNConference contribution with ISSN or ISBN

Abstract

This work addresses the challenge “how do we make better security decisions?” and it develops techniques to support human decision making and algorithms which enable well-founded cyber security decisions to be made. In this paper we propose a game theoretic model which optimally allocates cyber security resources such as administrators’ time across different tasks. We first model the interactions between an omnipresentattackerand a team of system administrators seen as thedefender, and we have derived themixed Nash Equilibria (NE) in such games. We have formulated general-sum games that represent our cyber security environment, and we have proven that the defender’sNash strategyis alsominimax. This result guarantees that independently from the attacker’s strategy the defender’s solution is optimal. We also proposeSingular Value Decomposition(SVD) as an efficient technique to compute approximate equilibria in our games. By implementing and evaluating aminimax solver with SVD, we have thoroughly investigated the improvement that Nash defense introduces compared to other strategies chosen by common sense decision algorithms. Our key finding is that a particular NE, which we callweighted NE, provides the most effective defense strategy. In order to validate this model we have used real-life statistics from Hackmageddon, the Verizon 2013 Data Breach Investigation report, and the Ponemon report of 2011. We finally compare the game theoretic defense method with a method which implements astochastic optimization algorithm.
Original languageEnglish
Title of host publication29th IFIP International Information Security and Privacy Conference
Place of PublicationBerlin Heidelberg
PublisherSpringer
Pages15-29
Number of pages15
Volume428
ISBN (Electronic)9783642554155
ISBN (Print)9783642554148
DOIs
Publication statusPublished - 2 Jun 2014
Event29th IFIP International Information Security and Privacy Conference - Morocco, 2-4 June 2014
Duration: 2 Jun 2014 → …

Publication series

NameIFIP Advances in Information and Communication Technology

Conference

Conference29th IFIP International Information Security and Privacy Conference
Period2/06/14 → …

Fingerprint

Game theory
Security of data
Singular value decomposition
Decision making
Statistics
Decomposition

Bibliographical note

The original publication is available at www.link.springer.com.

Keywords

  • Information security management
  • game theory
  • cyber security

Cite this

Fielder, A., Panaousis, E., Malacaria, P., Hankin, C., & Smeraldi, F. (2014). Game theory meets information security management. In 29th IFIP International Information Security and Privacy Conference (Vol. 428, pp. 15-29). (IFIP Advances in Information and Communication Technology). Berlin Heidelberg: Springer. https://doi.org/10.1007/978-3-642-55415-5_2
Fielder, Andrew ; Panaousis, Emmanouil ; Malacaria, Pasquale ; Hankin, Chris ; Smeraldi, Fabrizio. / Game theory meets information security management. 29th IFIP International Information Security and Privacy Conference. Vol. 428 Berlin Heidelberg : Springer, 2014. pp. 15-29 (IFIP Advances in Information and Communication Technology).
@inproceedings{ffd7811c5f93456d8490f5fa60b73739,
title = "Game theory meets information security management",
abstract = "This work addresses the challenge “how do we make better security decisions?” and it develops techniques to support human decision making and algorithms which enable well-founded cyber security decisions to be made. In this paper we propose a game theoretic model which optimally allocates cyber security resources such as administrators’ time across different tasks. We first model the interactions between an omnipresentattackerand a team of system administrators seen as thedefender, and we have derived themixed Nash Equilibria (NE) in such games. We have formulated general-sum games that represent our cyber security environment, and we have proven that the defender’sNash strategyis alsominimax. This result guarantees that independently from the attacker’s strategy the defender’s solution is optimal. We also proposeSingular Value Decomposition(SVD) as an efficient technique to compute approximate equilibria in our games. By implementing and evaluating aminimax solver with SVD, we have thoroughly investigated the improvement that Nash defense introduces compared to other strategies chosen by common sense decision algorithms. Our key finding is that a particular NE, which we callweighted NE, provides the most effective defense strategy. In order to validate this model we have used real-life statistics from Hackmageddon, the Verizon 2013 Data Breach Investigation report, and the Ponemon report of 2011. We finally compare the game theoretic defense method with a method which implements astochastic optimization algorithm.",
keywords = "Information security management, game theory, cyber security",
author = "Andrew Fielder and Emmanouil Panaousis and Pasquale Malacaria and Chris Hankin and Fabrizio Smeraldi",
note = "The original publication is available at www.link.springer.com.",
year = "2014",
month = "6",
day = "2",
doi = "10.1007/978-3-642-55415-5_2",
language = "English",
isbn = "9783642554148",
volume = "428",
series = "IFIP Advances in Information and Communication Technology",
publisher = "Springer",
pages = "15--29",
booktitle = "29th IFIP International Information Security and Privacy Conference",

}

Fielder, A, Panaousis, E, Malacaria, P, Hankin, C & Smeraldi, F 2014, Game theory meets information security management. in 29th IFIP International Information Security and Privacy Conference. vol. 428, IFIP Advances in Information and Communication Technology, Springer, Berlin Heidelberg, pp. 15-29, 29th IFIP International Information Security and Privacy Conference, 2/06/14. https://doi.org/10.1007/978-3-642-55415-5_2

Game theory meets information security management. / Fielder, Andrew; Panaousis, Emmanouil; Malacaria, Pasquale; Hankin, Chris; Smeraldi, Fabrizio.

29th IFIP International Information Security and Privacy Conference. Vol. 428 Berlin Heidelberg : Springer, 2014. p. 15-29 (IFIP Advances in Information and Communication Technology).

Research output: Chapter in Book/Conference proceeding with ISSN or ISBNConference contribution with ISSN or ISBN

TY - GEN

T1 - Game theory meets information security management

AU - Fielder, Andrew

AU - Panaousis, Emmanouil

AU - Malacaria, Pasquale

AU - Hankin, Chris

AU - Smeraldi, Fabrizio

N1 - The original publication is available at www.link.springer.com.

PY - 2014/6/2

Y1 - 2014/6/2

N2 - This work addresses the challenge “how do we make better security decisions?” and it develops techniques to support human decision making and algorithms which enable well-founded cyber security decisions to be made. In this paper we propose a game theoretic model which optimally allocates cyber security resources such as administrators’ time across different tasks. We first model the interactions between an omnipresentattackerand a team of system administrators seen as thedefender, and we have derived themixed Nash Equilibria (NE) in such games. We have formulated general-sum games that represent our cyber security environment, and we have proven that the defender’sNash strategyis alsominimax. This result guarantees that independently from the attacker’s strategy the defender’s solution is optimal. We also proposeSingular Value Decomposition(SVD) as an efficient technique to compute approximate equilibria in our games. By implementing and evaluating aminimax solver with SVD, we have thoroughly investigated the improvement that Nash defense introduces compared to other strategies chosen by common sense decision algorithms. Our key finding is that a particular NE, which we callweighted NE, provides the most effective defense strategy. In order to validate this model we have used real-life statistics from Hackmageddon, the Verizon 2013 Data Breach Investigation report, and the Ponemon report of 2011. We finally compare the game theoretic defense method with a method which implements astochastic optimization algorithm.

AB - This work addresses the challenge “how do we make better security decisions?” and it develops techniques to support human decision making and algorithms which enable well-founded cyber security decisions to be made. In this paper we propose a game theoretic model which optimally allocates cyber security resources such as administrators’ time across different tasks. We first model the interactions between an omnipresentattackerand a team of system administrators seen as thedefender, and we have derived themixed Nash Equilibria (NE) in such games. We have formulated general-sum games that represent our cyber security environment, and we have proven that the defender’sNash strategyis alsominimax. This result guarantees that independently from the attacker’s strategy the defender’s solution is optimal. We also proposeSingular Value Decomposition(SVD) as an efficient technique to compute approximate equilibria in our games. By implementing and evaluating aminimax solver with SVD, we have thoroughly investigated the improvement that Nash defense introduces compared to other strategies chosen by common sense decision algorithms. Our key finding is that a particular NE, which we callweighted NE, provides the most effective defense strategy. In order to validate this model we have used real-life statistics from Hackmageddon, the Verizon 2013 Data Breach Investigation report, and the Ponemon report of 2011. We finally compare the game theoretic defense method with a method which implements astochastic optimization algorithm.

KW - Information security management

KW - game theory

KW - cyber security

U2 - 10.1007/978-3-642-55415-5_2

DO - 10.1007/978-3-642-55415-5_2

M3 - Conference contribution with ISSN or ISBN

SN - 9783642554148

VL - 428

T3 - IFIP Advances in Information and Communication Technology

SP - 15

EP - 29

BT - 29th IFIP International Information Security and Privacy Conference

PB - Springer

CY - Berlin Heidelberg

ER -

Fielder A, Panaousis E, Malacaria P, Hankin C, Smeraldi F. Game theory meets information security management. In 29th IFIP International Information Security and Privacy Conference. Vol. 428. Berlin Heidelberg: Springer. 2014. p. 15-29. (IFIP Advances in Information and Communication Technology). https://doi.org/10.1007/978-3-642-55415-5_2