Table 2 - uploaded by Nicolas Christin
Content may be subject to copyright.
Source publication
A common assumption in security research is that more individual expertise unambiguously leads to a more secure overall network. We present a game-theoretic model in which this common assumption does not hold. Our findings indicate that expert users can be not only invaluable contributors, but also free-riders, defectors, and narcissistic opportuni...
Context in source publication
Similar publications
When novice students encounter diculty when learning to program, some can seek help from instructors or teaching assistants. is one-on-one tutoring is highly eective at fostering learning, but busy instructors and large class sizes can make expert help a scarce resource. Increasingly, programming environments attempt to imitate this human suppo...
Citations
... This can happen even with the simple addition of a new tool to an existing system. For example, in [17] scenarios are identified where increasing the number of (selfish) security experts of an information network may lead to reduced overall security of the network; the Braess paradox [4] shows how adding an extra route to a traffic network may lead to worse conditions for selfish drivers. ...
Spam over Internet Telephony SPIT is a potential source of disruption in Voice over IP VoIP systems. The use of anti-SPIT mechanisms, such as filters and audio CAPTCHA Completely Automated Public Turing Test to Tell Computer and Humans Apart can prevent unsolicited calls and lead to less unwanted traffic. In this paper, we present a game-theoretic model, in which the game is played between SPIT senders and internet telephony users. The game includes call filters and audio CAPTCHA, so as to classify incoming calls as legitimate or malicious. We show how the resulting model can be used to decide upon the trade-offs present in this problem and help us predict the SPIT sender's behavior. We also highlight the advantages in terms of SPIT call reduction of merely introducing CAPTCHA, and provide experimental verification of our results.
... Research studies on the economics of security decision-making primarily investigate the optimal or bounded rational choice between different canonical options to secure a resource (i.e., protection, mitigation, risk-transfer), or the determination of the optimal level of investment in one of these security dimensions. In our own work, we have frequently contributed to the exploration of these research objectives (see, for example, [6,9,8]). Further, these studies have been thoroughly summarized in a recent review effort [11]. ...
Attackers of computing resources increasingly aim to keep security compromises hidden from defenders in order to extract more value over a longer period of time. These covert attacks come in multiple varieties, which can be categorized into two main types: targeted and non-targeted attacks. Targeted attacks include, for example, cyberespionage, while non-targeted attacks include botnet recruitment.
We are concerned with the subclass of these attacks for which detection is too costly or technically infeasible given the capabilities of a typical organization. As a result, defenders have to mitigate potential damages under a regime of incomplete information. A primary mitigation strategy is to reset potentially compromised resources to a known safe state, for example, by reinstalling computer systems, and changing passwords or cryptographic private keys.
In a game-theoretic framework, we study the economically optimal mitigation strategies in the presence of targeted and non-targeted covert attacks. Our work has practical implications for the definition of security policies, in particular, for password and key renewal schedules.
... The mechanisms supporting the decision making about whether one can trust an opponent in network transactions have been considered in various studies over a long period of time. Reputation mechanisms have become a fairly common framework since several pioneering studies [10] [11] and subsequent studies [12]. ...
Online network-based transactions are widespread forms of transactions in e-commerce markets such as peer-to-peer markets or smart media markets. In these markets, the participants need criteria to search, select and manage their partners. One of the most important criteria is the trustworthiness of the partner. The participants aim to enhance the probability of being selected by their opponents through signaling their trustworthiness levels to their opponents. Simultaneously, the opponents adjust their beliefs on the trustworthiness of other participants based on observation of signals. This paper describes this situation using a signaling game in which the seller sends a signal of his/her trust level and the buyer decides his/her payment schedule for the presented signal. The results of the equilibrium analyses suggest criteria for the signaling of the cost structures of participants and the market environment. Additionally, the results of the simulations validate the results of the equilibrium analyses.
The supply chains form a complicated interlinked system where any disruption, at any possible level, can affect the network itself but also its surrounding, including the society. This feature is confirmed by a well-known and often repeated statement that the chain is only as strong as its weakest link. This manuscript provides a comprehensive research-based rationale for this statement to shed new light on how the phenomenon could be identified and what are theoretical grounds for its management. The scoping review allowed for exploring the existing literature on the weakest links in supply chains to clarify this complex concept and explain its heterogeneous nature. To structure our research, we have adopted two theoretical perspectives, present in existing studies, that is network interdependency and weakest link public good. The study contributes to the existing body of knowledge by summarising literature in the field, identifying gaps, and setting the agenda for future research. It concentrates on two areas derived from literature, that is the ways of identification of weakest links and the determination and provision of the optimal level of security. The analysis reveals that there is no consensus even regarding the weakest link definition. The majority of studies are theoretical and general with little research devoted to the practical implications. While equilibriums for optimal resource allocation are well recognised specific measures oriented at the elimination of the weakest link are lacking. As a result, we identify gaps in the existing body of knowledge regarding threat-weakest link occurrence, countermeasures, and policy options offered.
With the development of information technology, the infrastructure between enterprises and the connections between businesses show complex network characteristics. The security investment made by an enterprise in a network has an impact on its neighbors, but also bears the impact of its neighbors’ security investments. Such individual interaction problems are often modeled as interdependent security games (IDS). In this paper, we study IDS models under three different attack scenarios: the total effort, the weakest link and the best shot. We use evolutionary game theory to explore the dynamics of social payoffs and the average social investments of these three models under different network topologies. The results show that under the total effort model, individuals are more inclined to increase their investments, while under the weakest link and best shot models, individuals choose to minimize their investments due to selfishness. Finally, we study the cluster effect under different network structures and find the threshold at which it exists.
Accurately modeling human decision-making in security is critical to thinking about when, why, and how to recommend that users adopt certain secure behaviors. In this work, we conduct behavioral economics experiments to model the rationality of end-user security decision-making in a realistic online experimental system simulating a bank account. We ask participants to make a financially impactful security choice, in the face of transparent risks of account compromise and benefits offered by an optional security behavior (two-factor authentication). We measure the cost and utility of adopting the security behavior via measurements of time spent executing the behavior and estimates of the participant's wage. We find that more than 50% of our participants made rational (e.g., utility optimal) decisions, and we find that participants are more likely to behave rationally in the face of higher risk. Additionally, we find that users' decisions can be modeled well as a function of past behavior (anchoring effects), knowledge of costs, and to a lesser extent, users' awareness of risks and context (R2=0.61). We also find evidence of endowment effects, as seen in other areas of economic and psychological decision-science literature, in our digital-security setting. Finally, using our data, we show theoretically that a "one-size-fits"-all emphasis on security can lead to market losses, but that adoption by a subset of users with higher risks or lower costs can lead to market gains.
Cyber insurance is a method for risk transfer but may or may not improve the state of network security. In this work, we consider a profit-maximizing insurer with voluntarily participating insureds. We are particularly interested in two features of cybersecurity and their impact on the contract design problem. The first is the interdependent nature of cybersecurity, whereby one entity's state of security depends on its own effort and others' effort. The second is our ability to perform accurate quantitative assessment of security posture at a firm level by combining recent advances in Internet measurement and machine learning techniques. We observe that security interdependency leads to a "profit opportunity" for the insurer, created by the inefficient effort levels exerted by agents who do not account for risk externalities when insurance is not available; this is in addition to risk transfer that an insurer profits from. Security pre-screening allows the insurer to take advantage of this opportunity by designing appropriate contracts which incentivize agents to increase their effort levels, allowing the insurer to effectively "sell commitment" to interdependent agents, in addition to risk transfer. We identify conditions under which this type of contracts lead to an improved state of network security.
We consider a class of interdependent security games on networks where each node chooses a personal level of security investment. The attack probability experienced by a node is a function of her own investment and the investment by her neighbors in the network. Most of the existing work in these settings considers players who are risk-neutral. In contrast, studies in behavioral decision theory have shown that individuals often deviate from risk-neutral behavior while making decisions under uncertainty. In particular, the true probabilities associated with uncertain outcomes are often transformed into perceived probabilities in a highly nonlinear fashion by the users, which then influence their decisions. In this paper, we investigate the effects of such behavioral probability weightings by the nodes on their optimal investment strategies and the resulting security risk profiles that arise at the Nash equilibria of interdependent network security games. We characterize graph topologies that achieve the largest and smallest worst case average attack probabilities at Nash equilibria in Total Effort games, and equilibrium investments in Weakest Link and Best Shot games.
