EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Information Security Investment When Hackers Disseminate Knowledge

Xing Gao (), Weijun Zhong () and Shue Mei ()
Additional contact information
Xing Gao: School of Economics and Management, Southeast University, Nanjing 211189, Jiangsu, China
Weijun Zhong: School of Economics and Management, Southeast University, Nanjing 211189, Jiangsu, China
Shue Mei: School of Economics and Management, Southeast University, Nanjing 211189, Jiangsu, China

Decision Analysis, 2013, vol. 10, issue 4, 352-368

Abstract: As an emerging and thriving research branch, information security economics has recently drawn significant attention from practitioners and academics. Traditionally, both decision and static game theoretical techniques are employed to characterize the strategies of firms and hackers. However, these techniques fail to capture the dynamic attribute of the risk environment, which is an increasingly important element, especially in modern distributed and complex computer and communication networks. Utilizing a differential game framework in which hackers disseminate security knowledge within a hacker population over time, this paper analyzes dynamic interactions between a firm endeavoring to protect its information assets and a hacker seeking to misappropriate them. In particular, we investigate three differential games in which the firm and the hacker move simultaneously and sequentially, respectively. We find that (a) the hacker invests the most in the simultaneous differential game, whereas the firm, as the leader, invests the most in the sequential differential game, and (b) both the firm and the hacker enjoy their highest payoffs in the sequential differential game with the hacker as the leader. Furthermore, it is numerically shown that in equilibrium, knowledge dissemination may not necessarily benefit the hacker and harm the firm. Some of our results are consistent with the findings of previous work, although the earlier results were obtained from a static game framework. Our main findings contrast with those of several previous studies that showed mixed results for comparisons between simultaneous and sequential games.

Keywords: differential game; equilibrium solution; information security economics; knowledge dissemination (search for similar items in EconPapers)
Date: 2013
References: View references in EconPapers View complete reference list from CitEc
Citations: View citations in EconPapers (12)

Downloads: (external link)
http://dx.doi.org/10.1287/deca.2013.0278 (application/pdf)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:inm:ordeca:v:10:y:2013:i:4:p:352-368

Access Statistics for this article

More articles in Decision Analysis from INFORMS Contact information at EDIRC.
Bibliographic data for series maintained by Chris Asher ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-19
Handle: RePEc:inm:ordeca:v:10:y:2013:i:4:p:352-368