Previous [ 1] [ 2] [ 3] [ 4] [ 5] [ 6] [ 7] [ 8] [ 9] [ 10] [ 11] [ 12] [ 13] [ 14] [ 15] [ 16] [ 17] [ 18] [ 19]

@

Journal of Information Science and Engineering, Vol. 30 No. 6, pp. 1695-1718 (November 2014)


Effect of Security Investment on Evolutionary Games


CHEN ZHANG1, RONG PAN2, ABHIJIT CHAUDHURY2 AND CHANGXIN XU3
1Department of Computer Information Systems
Bryant University
Smithfield, RI USA
E-mail: {czhang; achaudhu}@bryant.edu
2China Constructions Bank
Nanjing, Jiangsu, P.R. China
E-mail: panrong2.js@ccb.com
3School of Business Hohai University Nanjing, P.R. China E-mail: xuchxin@hhu.edu.cn

In this paper, we propose an evolutionary game model to analyze the investment decision making process in the cyber offender-defender interaction and provide a quantified approach for defender to calculate the safety threshold to avoid the occurrence of offender- leading game. Then we use simulation as a workbench to discuss the adjustment of each parameter to the security investment threshold. Our evolutionary game model shows that the cyber offender-defender game can possibly reach one realistic stable point after a long-term evolution, which implicates a tied offender-defender game. We found that an offender-leading game can be avoided by maintaining the security investment above a safety threshold level determined by the system vulnerability among other environmental parameters such as residual risk and potential loss. Hence with an optimal level of security investment, the defender can lead the game effectively to discourage attacking attempts. Both linear and nonlinear simulations share similar trends and our evolutionary game theoretic analysis remains valid in either case.

Keywords: management, network reliability, security

Full Text () Retrieve PDF document (201411_02.pdf)

Received November 20, 2013; revised February 4, 2014; accepted March 1, 2014.
Communicated by Hahn-Ming Lee.