A Survey of Interdependent Information Security Games

Aron Laszka, Mark Felegyhazi, Levente Buttyan
2014 ACM Computing Surveys  
Risks faced by information system operators and users are not only determined by their own security posture, but are also heavily affected by the security-related decisions of others. This interdependence between information system operators and users is a fundamental property that shapes the efficiency of security defense solutions. Game theory is the most appropriate method to model the strategic interactions between these participants. In this survey, we summarize game-theoretic
more » ... ce models, characterize the emerging security inefficiencies, and present mechanisms to improve the security decisions of the participants. We focus our attention on games with interdependent defenders and do not discuss two-player attackerdefender games. Our goal is to distill the main insights from the state-of-the-art and to identify the areas that need more attention from the research community.
doi:10.1145/2635673 fatcat:jrparifc4fb7vpctofga43ytau