Behavioral and Game-Theoretic Security Investments in Interdependent Systems Modeled by Attack Graphs

by   Mustafa Abdallah, et al.

We consider a system consisting of multiple interdependent assets, and a set of defenders, each responsible for securing a subset of the assets against an attacker. The interdependencies between the assets are captured by an attack graph, where an edge from one asset to another indicates that if the former asset is compromised, an attack can be launched on the latter asset. Each edge has an associated probability of successful attack, which can be reduced via security investments by the defenders. In such scenarios, we investigate the security investments that arise under certain features of human decision-making that have been identified in behavioral economics. In particular, humans have been shown to perceive probabilities in a nonlinear manner, typically overweighting low probabilities and underweighting high probabilities. We show that suboptimal investments can arise under such weighting in certain network topologies. We also show that pure strategy Nash equilibria exist in settings with multiple (behavioral) defenders, and study the inefficiency of the equilibrium investments by behavioral defenders compared to a centralized socially optimal solution.


page 1

page 2

page 3

page 4


The Effect of Behavioral Probability Weighting in a Simultaneous Multi-Target Attacker-Defender Game

We consider a security game in a setting consisting of two players (an a...

BASCPS: How does behavioral decision making impact the security of cyber-physical systems?

We study the security of large-scale cyber-physical systems (CPS) consis...

Game-Theoretic Choice of Curing Rates Against Networked SIS Epidemics by Human Decision-Makers

We study networks of human decision-makers who independently decide how ...

The Impact of Humanoid Affect Expression on Human Behavior in a Game-Theoretic Setting

With the rapid development of robot and other intelligent and autonomous...

M Equilibrium: A dual theory of beliefs and choices in games

We introduce a set-valued generalization of Nash equilibrium, called M e...

Wardrop Equilibrium Can Be Boundedly Rational: A New Behavioral Theory of Route Choice

As one of the most fundamental concepts in transportation science, Wardr...

Cyclic Bayesian Attack Graphs: A Systematic Computational Approach

Attack graphs are commonly used to analyse the security of medium-sized ...

Please sign up or login with your details

Forgot password? Click here to reset