Protecting shared information in networks: a network security game with strategic attacks

by   Bram de Witte, et al.

A digital security breach, by which confidential information is leaked, does not only affect the agent whose system is infiltrated, but is also detrimental to other agents socially connected to the infiltrated system. Although it has been argued that these externalities create incentives to under-invest in security, this presumption is challenged by the possibility of strategic adversaries that attack the least protected agents. In this paper we study a new model of security games in which agents share tokens of sensitive information in a network of contacts. The agents have the opportunity to invest in security to protect against an attack that can be either strategically or randomly targeted. We show that, in the presence of random attack, under-investments always prevail at the Nash equilibrium in comparison with the social optimum. Instead, when the attack is strategic, either under-investments or over-investments are possible, depending on the network topology and on the characteristics of the process of the spreading of information. Actually, agents invest more in security than socially optimal when dependencies among agents are low (which can happen because the information network is sparsely connected or because the probability that information tokens are shared is small). These over-investments pass on to under-investments when information sharing is more likely (and therefore, when the risk brought by the attack is higher).


page 1

page 2

page 3

page 4


Diversity-seeking Jump Games in Networks

Recently, many researchers have studied strategic games inspired by Sche...

Quantization Games on Social Networks and Language Evolution

We consider a strategic network quantizer design setting where agents mu...

Dynamic Bayesian Games for Adversarial and Defensive Cyber Deception

Security challenges accompany the efficiency. The pervasive integration ...

Network Formation under Random Attack and Probabilistic Spread

We study a network formation game where agents receive benefits by formi...

Centralized vs Decentralized Targeted Brute-Force Attacks: Guessing with Side-Information

According to recent empirical studies, a majority of users have the same...

Minimal Schedule with Minimal Number of Agents in Attack-Defence Trees

Expressing attack-defence trees in a multi-agent setting allows for stud...

Revisiting Strategic Cyberwar Theory Reaching Decisive Strategic Outcome

Each strategy has a foundation, an overarching way of explaining why thi...

Please sign up or login with your details

Forgot password? Click here to reset