TU Berlin

Internet Network ArchitecturesAll Publications

Page Content

to Navigation

All publications

Modelling Internet Security Investments: Tackling Topological Information Uncertainty
Citation key PH-MISIDWTIU-11
Author Pal, Ranjan and Hui, Pan
Title of Book 2nd International Conference on Decision and Game Theory for Security (GameSec '11)
Pages 239–257
Year 2011
ISBN 978-3-642-25279-2
ISSN 0302-9743
Online ISSN 1611-3349
DOI http://dx.doi.org/10.1007/978-3-642-25280-8_18
Location College Park, MD, USA
Address Berlin / Heidelberg, Germany
Volume 7037
Month November
Publisher Springer
Series Lecture Notes on Computer Science (LNCS)
Organization ACM / IEEE
Abstract Modern distributed communication networks like the Internet are characterized by nodes (Internet users) interconnected with one another via communication links. In this regard, the security of individual nodes depend not only on their own efforts, but also on the efforts and underlying connectivity structure of neighboring network nodes. By the term "effort", we imply the amount of investments made by a user in security mechanisms like antivirus softwares, firewalls, etc., to improve his security. However, often due to the large magnitude of such networks, it is not always possible for nodes to have complete effort and connectivity structure information about all their neighbor nodes. Added to this is the fact that in many applications, the Internet users are selfish and are not willing to co-operate with other users on sharing effort information. In this paper, we adopt a non-cooperative game-theoretic approach to analyze individual user security in a communication network by accounting for both, the partial information that a network node possess about its underlying neighborhood connectivity structure and security investment of its neighbors, as well as the presence of positive externalities arising from efforts exerted by neighboring nodes. We analyze the strategic interactions between Internet users on their security investments in order to investigate the equilibrium behavior of nodes and show (i) the existence of monotonic symmetric Bayesian Nash equilibria of efforts and (ii) better connected Internet users choose lower efforts to exert but earn higher utilities than less connected peers with respect to security improvement when user utility functions exhibit strategic substitutes, i.e, are submodular. Our results extend previous work with respect to tackling topological information uncertainty, and provide useful insights to Internet users on appropriately (from improving payoffs perspective) investing in security mechanisms under realistic environments of effort and topological information uncertainty, in order to improve system security and welfare. We also discuss the implications of our results on the parameters of risk management techniques like cyber-insurance, and compare the user investment behavior in the incomplete information case with the case when users have increased topological information of their network.
Link to publication Download Bibtex entry


Quick Access

Schnellnavigation zur Seite über Nummerneingabe