Skip to main content
SpringerLink
Log in
Book cover

International Conference on Decision and Game Theory for Security

GameSec 2015: Decision and Game Theory for Security pp 150–169Cite as

Interdependent Security Games Under Behavioral Probability Weighting

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9406))

Abstract

We consider a class of interdependent security games where the security risk experienced by a player depends on her own investment in security as well as the investments of other players. In contrast to much of the existing work that considers risk neutral players in such games, we investigate the impacts of behavioral probability weighting by players while making security investment decisions. This weighting captures the transformation of objective probabilities into perceived probabilities, which influence the decisions of individuals in uncertain environments. We show that the Nash equilibria that arise after incorporating probability weightings have much richer structural properties and equilibrium risk profiles than in risk neutral environments. We provide comprehensive discussions of these effects on the properties of equilibria and the social optimum when the players have homogeneous weighting parameters, including comparative statics results. We further characterize the existence and uniqueness of pure Nash equilibria in Total Effort games with heterogeneous players.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    In a related class of security games known as Stackelberg security games with two players, one attacker and one defender, there have been recent studies [4, 13, 17, 31, 32] that incorporate behavioral decision theoretic models, including prospect theory and quantal response equilibrium. However, this class of games is very different from interdependent security games [20], which is the focus of the current work.

  2. 2.

    Both positive and negative externalities have been studied in the literature. Negative externalities capture settings where more investment by others makes a player more vulnerable, and this is usually the case where the attack is targeted towards individuals who have invested less in security. Most of the literature in security games has focused on positive externalities [20].

  3. 3.

    There are also various behavioral characteristics that affect the perceived values of gains and losses [12, 16]. However, as the values of the gains and losses are not strategy-dependent in the games that we consider here, behavioral value functions would not affect the equilibria that arise.

  4. 4.

    While we focus on the Prelec weighting function here, many of our results will also hold under a broader class of weighting functions with similar qualitative properties as the Prelec weighting function.

References

  1. Baddeley, M.: Information security: lessons from behavioural economics. In: Security and Human Behavior (2011)

    Google Scholar 

  2. Barberis, N.C.: Thirty years of prospect theory in economics: a review and assessment. J. Econ. Perspect. 27(1), 173–196 (2013)

    Article  MathSciNet  Google Scholar 

  3. Böhme, R., Schwartz, G.: Modeling cyber-insurance: towards a unifying framework. In: Workshop on the Economics of Information Security (WEIS) (2010)

    Google Scholar 

  4. Brown, M., Haskell, W.B., Tambe, M.: Addressing scalability and robustness in security games with multiple boundedly rational adversaries. In: Saad, W., Poovendran, R. (eds.) GameSec 2014. LNCS, vol. 8840, pp. 23–42. Springer, Heidelberg (2014)

    Google Scholar 

  5. Camerer, C.F., Loewenstein, G., Rabin, M.: Advances in Behavioral Economics. Princeton University Press, Princeton (2011)

    Google Scholar 

  6. Christin, N.: Network security games: combining game theory, behavioral economics, and network measurements. In: Katz, J., Baras, J.S., Altman, E. (eds.) GameSec 2011. LNCS, vol. 7037, pp. 4–6. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  7. Christin, N., Egelman, S., Vidas, T., Grossklags, J.: It’s all about the benjamins: an empirical study on incentivizing users to ignore security advice. In: Danezis, G. (ed.) FC 2011. LNCS, vol. 7035, pp. 16–30. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  8. Gonzalez, R., Wu, G.: On the shape of the probability weighting function. Cogn. Psychol. 38(1), 129–166 (1999)

    Article  Google Scholar 

  9. Grossklags, J., Christin, N., Chuang, J.: Secure or insure?: a game-theoretic analysis of information security games. In: Proceedings of the 17th International Conference on World Wide Web, pp. 209–218. ACM (2008)

    Google Scholar 

  10. Grossklags, J., Christin, N., Chuang, J.: Security and insurance management in networks with heterogeneous agents. In: Proceedings of the 9th ACM Conference on Electronic Commerce, pp. 160–169. ACM (2008)

    Google Scholar 

  11. Grossklags, J., Johnson, B., Christin, N.: The price of uncertainty in security games. In: Moore, T., Pym, D., Ioannidis, C. (eds.) Economics of Information Security and Privacy, pp. 9–32. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  12. Hota, A.R., Garg, S., Sundaram, S.: Fragility of the commons under prospect-theoretic risk attitudes. (2014, arXiv preprint). arXiv:1408.5951

  13. Jiang, A.X., Nguyen, T.H., Tambe, M., Procaccia, A.D.: Monotonic maximin: a robust stackelberg solution against boundedly rational followers. In: Das, S.K., Nita-Rotaru, C., Kantarcioglu, M. (eds.) GameSec 2013. LNCS, vol. 8252, pp. 119–139. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  14. Jiang, L., Anantharam, V., Walrand, J.: How bad are selfish investments in network security? IEEE/ACM Trans. Netw. 19(2), 549–560 (2011)

    Article  Google Scholar 

  15. Johnson, B., Böhme, R., Grossklags, J.: Security games with market insurance. In: Altman, E., Baras, J.S., Katz, J. (eds.) GameSec 2011. LNCS, vol. 7037, pp. 117–130. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  16. Kahneman, D., Tversky, A.: Prospect theory: an analysis of decision under risk. Econom. J. Econom. Soc. 47(2), 263–291 (1979)

    MATH  Google Scholar 

  17. Kar, D., Fang, F., Delle Fave, F., Sintov, N., Tambe, M.: A game of thrones: when human behavior models compete in repeated Stackelberg security games. In: Proceedings of the 2015 International Conference on Autonomous Agents and Multiagent Systems, pp. 1381–1390 (2015)

    Google Scholar 

  18. Kunreuther, H., Heal, G.: Interdependent security. J. Risk Uncertain. 26(2–3), 231–249 (2003)

    Article  MATH  Google Scholar 

  19. La, R.J.: Interdependent security with strategic agents and cascades of infection. IEEE Trans. Netw. (2015, To appear)

    Google Scholar 

  20. Laszka, A., Felegyhazi, M., Buttyan, L.: A survey of interdependent information security games. ACM Comput. Surveys (CSUR) 47(2), 23:1–23:38 (2014)

    Article  Google Scholar 

  21. Lelarge, M., Bolot, J.: A local mean field analysis of security investments in networks. In: Proceedings of the 3rd International Workshop on Economics of Networked Systems, pp. 25–30. ACM (2008)

    Google Scholar 

  22. Lelarge, M., Bolot, J.: Network externalities and the deployment of security features and protocols in the Internet. ACM SIGMETRICS Perform. Eval. Rev. 36(1), 37–48 (2008)

    Article  Google Scholar 

  23. Naghizadeh, P., Liu, M.: Voluntary participation in cyber-insurance markets. In: Workshop on the Economics of Information Security (WEIS) (2014)

    Google Scholar 

  24. Nisan, N., Roughgarden, T., Tardos, E., Vazirani, V.V.: Algorithmic Game Theory. Cambridge University Press, Cambridge (2007)

    Book  MATH  Google Scholar 

  25. Pal, R., Golubchik, L., Psounis, K., Hui, P.: Will cyber-insurance improve network security? A market analysis. In: 2014 Proceedings IEEE INFOCOM, pp. 235–243. IEEE (2014)

    Google Scholar 

  26. Prelec, D.: The probability weighting function. Econometrica 66(3), 497–527 (1998)

    Article  MathSciNet  MATH  Google Scholar 

  27. Rosoff, H., Cui, J., John, R.S.: Heuristics and biases in cyber security dilemmas. Environ. Syst. Decis. 33(4), 517–529 (2013)

    Article  Google Scholar 

  28. Schwartz, G.A., Sastry, S.S.: Cyber-insurance framework for large scale interdependent networks. In: Proceedings of the 3rd International Conference on High Confidence Networked Systems, pp. 145–154. ACM (2014)

    Google Scholar 

  29. Tversky, A., Kahneman, D.: Advances in prospect theory: cumulative representation of uncertainty. J. Risk Uncertain. 5(4), 297–323 (1992)

    Article  MATH  Google Scholar 

  30. Varian, H.: System reliability and free riding. In: Camp, L.J., Lewis, S. (eds.) Economics of Information Security. AIS, pp. 1–15. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  31. Yang, R., Kiekintveld, C., Ordóñez, F., Tambe, M., John, R.: Improving resource allocation strategies against human adversaries in security games: an extended study. Artif. Intell. 195, 440–469 (2013)

    Article  MATH  Google Scholar 

  32. Zhuang, J.: Modeling attacker-defender games with risk preference. Current Research Project Synopses. Paper 69 (2014). http://research.create.usc.edu/current_synopses/69

Download references

Author information

Authors and Affiliations

  1. School of Electrical and Computer Engineering, Purdue University, West Lafayette, USA

    Ashish R. Hota & Shreyas Sundaram

Authors
  1. Ashish R. Hota
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Shreyas Sundaram
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Shreyas Sundaram .

Editor information

Editors and Affiliations

  1. Queen Mary University of London, London, United Kingdom

    MHR Khouzani

  2. University of Brighton, Brighton, United Kingdom

    Emmanouil Panaousis

  3. Cardiff University, Cardiff, United Kingdom

    George Theodorakopoulos

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Hota, A.R., Sundaram, S. (2015). Interdependent Security Games Under Behavioral Probability Weighting. In: Khouzani, M., Panaousis, E., Theodorakopoulos, G. (eds) Decision and Game Theory for Security. GameSec 2015. Lecture Notes in Computer Science(), vol 9406. Springer, Cham. https://doi.org/10.1007/978-3-319-25594-1_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-25594-1_9

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-25593-4

  • Online ISBN: 978-3-319-25594-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation