EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Interdependency Analysis in Security Investment against Strategic Attacks

Mansooreh Ezhei and Behrouz Tork Ladani ()
Additional contact information
Mansooreh Ezhei: University of Isfahan
Behrouz Tork Ladani: University of Isfahan

Information Systems Frontiers, 2020, vol. 22, issue 1, No 15, 187-201

Abstract: Abstract Information security investment is of high importance in management of IT infrastructure. There are many researches focused on game theoretical modeling and analysis of security investment of interdependent firms against potential security attacks. However, these studies usually are not concerned with dynamic and strategic nature of attacks which are increasingly important features of today’s cyber systems. Strategic attackers are those who are able to substitute their investments among targets over time by shifting investments towards poorly protected targets in order to obtain more potential financial gains. In this paper we try to analyze the effects of interdependency in security investment of firms against strategic attackers. Note that although there are a limited number of works that consider the strategic nature of attack, they model the defenders as a set of isolated nodes. Hence the positive externality caused by interconnection of the firms is not considered in these models. We consider both the attackers’ actual strategic behaviors (that causes negative externality via the possibility of substituting the target) as well as structural effects of the networked firms (that leads to positive externality via attack propagation). We propose a differential game among the networked firms in which attackers act strategically. In the proposed game, by employing a linear substitution model for characterizing the process of target selection by the attacker, the open-loop Nash solutions are highlighted in an analytical form. The analytical results show how interconnectivity between firms and the strategic behavior of the attacker determines the firms’ incentives for security investment. It is shown that overinvestment or underinvestment could occur depending on the degree of interdependency among the given firms. Accordingly we designed mechanisms to encourage the firms to invest at a socially optimal level. The achieved results in this paper helps security designers to better formulate their policies in tackling strategic attackers.

Keywords: Security investment; Strategic attack; Interdependency; Differential game (search for similar items in EconPapers)
Date: 2020
References: View references in EconPapers View complete reference list from CitEc
Citations: View citations in EconPapers (4)

Downloads: (external link)
http://link.springer.com/10.1007/s10796-018-9845-8 Abstract (text/html)
Access to the full text of the articles in this series is restricted.

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:spr:infosf:v:22:y:2020:i:1:d:10.1007_s10796-018-9845-8

Ordering information: This journal article can be ordered from
http://www.springer.com/journal/10796

DOI: 10.1007/s10796-018-9845-8

Access Statistics for this article

Information Systems Frontiers is currently edited by Ram Ramesh and Raghav Rao

More articles in Information Systems Frontiers from Springer
Bibliographic data for series maintained by Sonal Shukla () and Springer Nature Abstracting and Indexing ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-20
Handle: RePEc:spr:infosf:v:22:y:2020:i:1:d:10.1007_s10796-018-9845-8