survey

Game Theory for Cyber Security and Privacy

Authors:
Cuong T. Do

Kyung-Hee University

Kyung-Hee University
View Profile

,
Nguyen H. Tran

Kyung-Hee University

Kyung-Hee University

0000-0001-7323-9213
View Profile

,
Choongseon Hong

Kyung-Hee University

Kyung-Hee University
View Profile

,
Charles A. Kamhoua

Air Force Research Laboratory, Information Directorate

Air Force Research Laboratory, Information Directorate
View Profile

,
Kevin A. Kwiat

Air Force Research Laboratory, Information Directorate

Air Force Research Laboratory, Information Directorate
View Profile

,
Erik Blasch

Air Force Research Laboratory, Information Directorate

Air Force Research Laboratory, Information Directorate
View Profile

,
Shaolei Ren

Florida International University

Florida International University
View Profile

,
Niki Pissinou

Florida International University

Florida International University
View Profile

,
Sundaraja Sitharama Iyengar

Florida International University

Florida International University
View Profile

Authors Info & Claims

ACM Computing Surveys Volume 50 Issue 2Article No.: 30pp 1–37https://doi.org/10.1145/3057268

Published:10 May 2017Publication History

ACM Computing Surveys

Abstract

In this survey, we review the existing game-theoretic approaches for cyber security and privacy issues, categorizing their application into two classes, security and privacy. To show how game theory is utilized in cyberspace security and privacy, we select research regarding three main applications: cyber-physical security, communication security, and privacy. We present game models, features, and solutions of the selected works and describe their advantages and limitations from design to implementation of the defense mechanisms. We also identify some emerging trends and topics for future research. This survey not only demonstrates how to employ game-theoretic approaches to security and privacy but also encourages researchers to employ game theory to establish a comprehensive understanding of emerging security and privacy problems in cyberspace and potential solutions.

References

Alfssandro Acquisti and Jens Grossklags. 2005. Privacy and rationality in individual decision making. IEEE Security 8 Privacy 3, 1 (Jan. 2005), 26--33. Google ScholarDigital Library
Rosa Karimi Adl, Mina Askari, Ken Barker, and Reihaneh Safavi-Naini. 2012. Privacy consensus in anonymization systems via game theory. In Proceedings of the 26th Annual IFIP WG Working Conference on Data and Applications Security and Privacy, Vol. 7371. 74--89. Google ScholarDigital Library
Khajonpong Akkarajitsakul, Ekram Hossain, and Dusit Niyato. 2013. Cooperative packet delivery in hybrid wireless mobile networks: A coalitional game approach. IEEE Trans. Mobile Comput. 12, 5 (May 2013), 840--854. Google ScholarDigital Library
Kalliopi Anastasopoulou, Theo Tryfonas, and Spyros Kokolakis. 2013. Strategic interaction analysis of privacy-sensitive end-users of cloud-based mobile apps. In Proceedings of Human Aspects of Information Security, Privacy, and Trust. 209--216.Google ScholarCross Ref
Munnujahan Ara, Hugo Reboredo, Samah a. M. Ghanem, and Miguel R. D. Rodrigues. 2012. A zero-sum power allocation game in the parallel Gaussian wiretap channel with an unfriendly jammer. In Proceeding of the IEEE International Conference on Communication Systems (ICCS). 60--64.Google Scholar
Gilad Asharov, Ran Canetti, and Carmit Hazay. 2011. Towards a game theoretic view of secure computation. In Proceedings of Advances in Cryptology (EUROCRYPT). 426--445. Google ScholarDigital Library
Tamer Basar. 1995. H/sup/ control of large scale jump linear systems via averaging and aggregation. In Proceedings of the 1995 34th IEEE Conference on Decision and Control, Vol. 3. 2574--2579.Google Scholar
Tamer Basar and Pierre Bernhard. 2008. H-infinity Optimal Control and Related Minimax Design Problems: A Dynamic Game Approach. Springer Science 8 Business Media.Google Scholar
Harkeerat Singh Bedi, Sankardas Roy, and Sajjan Shiva. 2011. Game theory-based defense mechanisms against DDoS attacks on TCP/TCP-friendly flows. In Proceeding of IEEE Symposium on Computational Intelligence in Cyber Security (CICS). 129--136.Google ScholarCross Ref
Jeremiah Blocki, Nicolas Christin, Anupam Datta, and Arunesh Sinha. 2012. Audit mechanisms for provable risk management and accountable data governance. In Proceedings of Decision and Game Theory for Security, GameSec. Vol. 7638, LNCS. Springer, 38--59.Google Scholar
Stephan Bohacek, Joao Hespanha, Junsoo Lee, Chansook Lim, and Katia Obraczka. 2007. Game theoretic stochastic routing for fault tolerance and security in computer networks. IEEE Trans. Parallel Distrib. Syst. 18, 9 (Sep. 2007), 1227--1240. Google ScholarDigital Library
S. Buchegger and J.-Y. Le Boudec. 2002. Nodes bearing grudges: Towards routing security, fairness, and robustness in mobile ad hoc networks. In Proceedings of the 10th Euromicro Workshop on Parallel, Distributed and Network-Based Processing. Google ScholarDigital Library
Levente Buttyan and Jean-Pierre Hubaux. 2001. Nuglets: A Virtual Currency to Stimulate Cooperation in Self-organized Mobile Ad Hoc Networks. Technical Report.Google Scholar
Bogdan Carbunar, Mahmudur Rahman, and Niki Pissinou. 2013. A survey of privacy vulnerabilities and defenses in geosocial networks. IEEE Commun. Mag. 51, 11 (Nov. 2013), 114--119.Google ScholarCross Ref
Sivadon Chaisiri, Ryan K. L. Ko, and Dusit Niyato. 2015. A joint optimization approach to security-as-a-service allocation and cyber insurance management. In Proceedings of the 2015 IEEE Trustcom/BigDataSE/ISPA. IEEE, 426--433. Google ScholarDigital Library
Pin-yu Chen, Shin-Ming Cheng, and Kwang-Cheng Chen. 2012. Smart attacks in smart grid communication networks. IEEE Commun. Mag. 50, 8 (Aug 2012), 24--29.Google Scholar
Tingting Chen, Liehuang Wu, Fan Wu, and Sheng Zhong. 2011. Stimulating cooperation in vehicular ad hoc networks: A coalitional game theoretic approach. IEEE Trans. Vehic. Technol. 60, 2 (Feb 2011), 566--579.Google ScholarCross Ref
Xiangqian Chen, Kia Makki, Kang Yen, and Niki Pissinou. 2009. Sensor network security: A survey. IEEE Commun. Surv. Tutor. 11, 2 (Jun 2009), 52--73. Google ScholarDigital Library
Keywhan Chung, Charles A. Kamhoua, Kevin A. Kwiat, Zbigniew T. Kalbarczyk, and Ravishankar K. Iyer. 2016. Game theory with learning for cyber security monitoring. In Proceedings of the 2016 IEEE 17th International Symposium on High Assurance Systems Engineering (HASE). IEEE, 1--8. Google ScholarDigital Library
CSIS. 2014. Significant Cyber Incidents Since 2006. Technical Report. Retrieved from http://csis.org/files/publication/131010.Google Scholar
Tomáš Denemark and Jessica Fridrich. 2014. Detection of content adaptive LSB matching (a game theory approach). In Proceeding of IS8T/SPIE Electronic Imaging. International Society for Optics and Photonics.Google Scholar
Brahim Djebaili, Christophe Kiennert, Jean Leneutre, and Lin Chen. 2014. Data integrity and availability verification game in untrusted cloud storage. In Proceedings of the Conference on Decision and Game Theory for Security (GameSec). 287--306.Google ScholarCross Ref
Junqi Duan, Deyun Gao, Dong Yang, Chuan Foh, and Hsiao-Hwa Chen. 2014. An energy-aware trust derivation scheme with game theoretic approach in wireless sensor networks for IoT applications. IEEE Internet Things J. 1, 1 (may 2014), 58--69.Google ScholarCross Ref
Rania El-Badry and Mohamed Younis. 2012. Providing location anonymity in a multi-base station wireless sensor network. In Proceedings of IEEE International Conference on Communications (ICC). 157--161.Google ScholarCross Ref
AbdelRahman Eldosouky, Walid Saad, Charles Kamhoua, and Kevin Kwiat. 2015. Contract-theoretic resource allocation for critical infrastructure protection. In Proceedings of the 2015 IEEE Global Communications Conference (GLOBECOM’15). IEEE, 1--6.Google ScholarCross Ref
Mark Felegyhazi, J.-P. Hubaux, and Levente Buttyan. 2006. Nash equilibria of packet forwarding strategies in wireless ad hoc networks. IEEE Trans. Mobile Comput. 5, 5 (May 2006), 463--476. Google ScholarDigital Library
Axel Franzen and Sonja Pointner. 2012. Anonymity in the dictator game revisited. J. Econ. Behav. Organiz. 81, 1 (Jan 2012), 74--81.Google ScholarCross Ref
Julien Freudiger, Mohammad Hossein Manshaei, Jean-Pierre Hubaux, and David C. Parkes. 2009. On non-cooperative location privacy: A game-theoretic analysis. In Proceedings of the 16th ACM Conference on Computer and Communications Security. 324--337. Google ScholarDigital Library
Georg Fuchsbauer, Jonathan Katz, and David Naccache. 2010. Efficient rational secret sharing in standard communication networks. In Proceeding of the 7th Theory of Cryptography Conference, Vol. 5978 LNCS. 419--436. Google ScholarDigital Library
Neal Fultz and Jens Grossklags. 2009. Blue versus red: Towards a model of distributed security attacks. In Proceeding of Financial Cryptography and Data Security. Springer, Berlin, 167--183. Google ScholarDigital Library
Evrim Furuncu and Ibrahim Sogukpinar. 2015. Scalable risk assessment method for cloud computing using game theory (CCRAM). Comput. Stand. Interf. 38 (Feb. 2015), 44--50. Google ScholarDigital Library
Tirthankar Ghosh, Niki Pissinou, and Kia Makki. 2004. Collaborative trust-based secure routing against colluding malicious nodes in multi-hop ad hoc networks. In Proceeding of the 29th Annual IEEE International Conference on Local Computer Networks. 224--231. Google ScholarDigital Library
Ronen Gradwohl, Noam Livne, and Alon Rosen. 2013. Sequential rationality in cryptographic protocols. ACM Trans. Econ. Comput. 1, 1 (Jan. 2013), 1--37. Google ScholarDigital Library
Christopher Griffin and Anna Squicciarini. 2012. Toward a game theoretic model of information release in social media with experimental results. In Proceedings of the IEEE Symposium on Security and Privacy Workshops. 113--116. Google ScholarDigital Library
Adam Groce and Jonathan Katz. 2012. Fair computation with rational players. In Proceeding of Advances in Cryptology (EUROCRYPT’12), Vol. 7237 LNCS. 81--98. Google ScholarDigital Library
Abhishek Gupta, Cedric Langbort, and Tamer Basar. 2010. Optimal control in the presence of an intelligent jammer with limited actions. In Proceeding of the 49th IEEE Conference on Decision and Control (CDC). 1096--1101.Google ScholarCross Ref
Mohamed Hamdi and Habtamu Abie. 2014. Game-based adaptive security in the internet of things for ehealth. In Proceeding of IEEE International Conference on Communications. 920--925.Google ScholarCross Ref
Yi Han, Tansu Alpcan, Jeffrey Chan, Christopher Leckie, and Benjamin I. P. Rubinstein. 2016. A game theoretical approach to defend against co-resident attacks in cloud computing: Preventing co-residence using semi-supervised learning. IEEE Trans. Inf. Forens. Secur. 11, 3 (Mar. 2016), 556--570.Google ScholarDigital Library
Yezekael Hayel and Quanyan Zhu. 2015. Attack-aware cyber insurance for risk sharing in computer networks. In Proceedings of the 6th International Conference, GameSec 2015. 22--34.Google ScholarCross Ref
Fei He, Jun Zhuang, Nageswara S. V. Rao, Chris Y. T. Ma, and David K. Y. Yau. 2013. Game-theoretic resilience analysis of cyber-physical systems. In Proceedings of the 2013 IEEE 1st International Conference on Cyber-Physical Systems, Networks, and Applications (CPSNA) (Aug. 2013), 90--95.Google ScholarCross Ref
Fei He, Jun Zhuang, and United States. 2012. Game-theoretic analysis of attack and defense in cyber-physical network infrastructures. In Proceedings of the Industrial and Systems Engineering Research Conference.Google Scholar
Walter Houser. 2015. Could what happened to sony happen to us? IT Prof. 17, 2 (2015), 54--57.Google ScholarDigital Library
IDC and NUS. 2014. The Link between Pirated Software and Cybersecurity Breaches. Technical Report. Retrieved from http://news.microsoft.com/download/presskits/dcu/docs/idc.Google Scholar
Anil Jade, Sanjay Kumar Madria, and Mark Linderman. 2009. Incentive based routing protocol for mobile peer to peer networks. In Proceeding of the 10th International Conference on Mobile Data Management: Systems, Services and Middleware. 285--292. Google ScholarDigital Library
Maha Jebalia, Asma Ben Letaifa, Mohamed Hamdi, and Sami Tabbane. 2014. A revocation game model for secure cloud storage. In Proceeding of IEEE International Conference on High Performance Computing 8 Simulation (HPCS). 1016--1017.Google ScholarCross Ref
Zhu Ji, Wei Yu, and K. J. Ray Liu. 2006. Cooperation enforcement in autonomous MANETs under noise and imperfect observation. In Proceeding of the 3rd Annual IEEE Communications Society on Sensor and Ad Hoc Communications and Networks. 460--468.Google Scholar
Zhu Ji, Wei Yu, and K. J. Ray Liu. 2010. A belief evaluation framework in autonomous MANETs under noisy and imperfect observation: Vulnerability analysis and cooperation enforcement. IEEE Trans. Mobile Comput. 9, 9 (Sep. 2010), 1242--1254. Google ScholarDigital Library
Xinyu Jin, Niki Pissinou, Sitthapon Pumpichet, Charles A. Kamhoua, and Kevin A. Kwiat. 2013. Modeling cooperative, selfish and malicious behaviors for trajectory privacy preservation using bayesian game theory. In Proceeding of the 38th Annual IEEE Conference on Local Computer Networks. Sydney, 835--842.Google Scholar
Benjamin Johnson, Rainer Bohme, and Jens Grossklags. 2011. Security games with market insurance. In Proceedings of 2nd International Conference on Decision and Game Theory for Security. 117--130. Google ScholarDigital Library
Benjamin Johnson, Pascal Schöttle, and Rainer Böhme. 2012. Where to hide the bits? In Proceedings of the Decision and Game Theory for Security, GameSec, Vol. 7638 LNCS. 1--17.Google ScholarCross Ref
Daniel Kahneman. 2003. Maps of bounded rationality: Psychology for behavioral economics. Am. Econ. Rev. 93, 5 (Nov. 2003), 1449--1475.Google ScholarCross Ref
M. Kaliappan and B. Paramasivan. 2015. Enhancing secure routing in mobile ad hoc networks using a dynamic bayesian signalling game model. Comput. Electr. Eng. 41, 1 (Jan. 2015), 301--313. Google ScholarDigital Library
Charles Kamhoua, Andrew Martin, Deepak K. Tosh, Kevin A. Kwiat, Chad Heitzenrater, and Shamik Sengupta. 2015. Cyber-threats information sharing in cloud computing: A game theoretic approach. In Proceedings of the 2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing. IEEE, 382--389. Google ScholarDigital Library
Charles A. Kamhoua, A. Ruan, A. Martin, and K. A. Kwiat. 2015. On the feasibility of an open-implementation cloud infrastructure: A game theoretic analysis. In Proceedings of the 2015 IEEE/ACM 8th International Conference on Utility and Cloud Computing (UCC). 217--226.Google Scholar
Charles A. Kamhoua, Patrick Hurley, Kevin A. Kwiat, and Joon S. Park. 2012a. Resilient voting mechanisms for mission survivability in cyberspace: Combining replication and diversity. Int. J. Netw. Secur. Appl. 4, 4 (Jul. 2012), 1--20.Google Scholar
Charles A. Kamhoua, Kevin Kwiat, and Joon S. Park. 2012b. A game theoretic approach for modeling optimal data sharing on online social networks. In Proceedings of the 9th International Conference on Electrical Engineering, Computing Science and Automatic Control (CCE). 1--6.Google Scholar
Charles A. Kamhoua, Kevin A. Kwiat, Mainak Chatterjee, Joon S. Park, and Patrick Hurley. 2013. Survivability in cyberspace using diverse replicas a game theoretic approach. J. Inf. Warfare 12, 2 (Jul. 2013), 27--40.Google Scholar
Charles A. Kamhoua, Kevin A. Kwiat, and Joon S. Park. 2012c. Surviving in cyberspace: A game theoretic approach. J. Commun. 7, 6 (Jun. 2012), 436--450.Google ScholarCross Ref
Charles A. Kamhoua, Luke Kwiat, Kevin A. Kwiat, Joon S. Park, Ming Zhao, and Manuel Rodriguez. 2014. Game theoretic modeling of security and interdependency in a public cloud. In Proceedings of the IEEE 7th International Conference on Cloud Computing. 514--521. Google ScholarDigital Library
Charles A. Kamhoua and Niki Pissinou. 2010. Mitigating selfish misbehavior in multi-hop networks using stochastic game theory. In Proceedings of the IEEE Local Computer Network Conference. 232--235. Google ScholarDigital Library
Charles A. Kamhoua, Niki Pissinou, Alan Busovaca, and Kia Makki. 2010. Belief-free equilibrium of packet forwarding game in ad hoc networks under imperfect monitoring. In Proceedings of the International Performance Computing and Communications Conference. 315--324.Google Scholar
Charles A. Kamhoua, Niki Pissinou, and Kia Makki. 2011. Game theoretic modeling and evolution of trust in autonomous multi-hop networks: Application to network security and privacy. In Proceedings of the IEEE International Conference on Communications (ICC). 1--6.Google ScholarCross Ref
Charles A. Kamhoua, Niki Pissinou, Kia Makki, Kevin Kwiat, and S. Sitharama Iyengar. 2012. Game theoretic analysis of users and providers behavior in network under scarce resources. In Proceeding of the International Conference on Computing, Networking and Communications (ICNC). 1149--1155.Google Scholar
Charles A. Kamhoua, Niki Pissinou, and S. Kami Makki. 2010. Game theoretic analysis of cooperation in autonomous multi hop networks: The consequences of unequal traffic load. In Proceedings of the IEEE Globecom Workshops. 1973--1978.Google Scholar
Charles A. Kamhoua, Manuel Rodriguez, and Kevin A. Kwiat. 2014. Testing for hardware trojans: A game-theoretic approach. In Proceedings of the 5th GameSec (Lecture Notes in Computer Science), Vol. 8840. Cham, 360--369.Google Scholar
Charles A. Kamhoua, Hong Zhao, Manuel Rodriguez, and Kevin A. Kwiat. 2016. A game-theoretic approach for testing for hardware trojans. IEEE Trans. Multi-Scale Comput. Syst. 2, 3 (Jul. 2016), 199--210.Google Scholar
Rajgopal Kannan and S. Sitharama Iyengar. 2004. Game-theoretic models for reliable path-length and energy-constrained routing with data aggregation in wireless sensor networks. IEEE J. Select. Areas Commun. 22, 6 (2004), 1141--1150. Google ScholarDigital Library
Rajgopal Kannan, Srivatsan Srinivasagopalan, and S. Sitharama Iyengar. 2003. Strategic path reliability in information networks. In Proceedings of the 14th International Conference on Game Theory.Google Scholar
Murat Kantarcioglu and Wei Jiang. 2013. Incentive compatible privacy-preserving data analysis. IEEE Trans. Knowl. Data Eng. 25, 6 (Jun. 2013), 1323--1335. Google ScholarDigital Library
Murat Kantarcioglu and Robert Nix. 2010. Incentive compatible distributed data mining. In Proceedings of the 2010 IEEE 2nd International Conference on Proceeding of Social Computing (SocialCom). 735--742. Google ScholarDigital Library
Jonathan Katz. 2008. Bridging game theory and cryptography: Recent results and future directions. In Proceedings of the Theory of Cryptography Conference (TCC), Vol. 4948. 251--272. Google ScholarDigital Library
Ad Ker, Patrick Bas, and Rainer Böhme. 2013. Moving steganography and steganalysis from the laboratory into the real world. In Proceedings of the 1st ACM Workshop on Information Hiding and Multimedia Security. 45--58. Google ScholarDigital Library
Tanmay Khirwadkar, Kien C. Nguyen, David M. Nicol, and Tamer Basar. 2010. Methodologies for evaluating game theoretic defense against DDoS attacks. In Proceedings of the 2010 Winter Simulation Conference. 697--707. Google ScholarDigital Library
Joshua A. Kroll, Ian C. Davey, and Edward W. Felten. 2013. The economics of bitcoin mining, or bitcoin in the presence of adversaries. In Proceedings of the Workshop on the Economics of Information Security. 1--21.Google Scholar
Sathish Alampalayam Kumar, Tyler Vealey, and Harshit Srivastava. 2016. Security in internet of things: Challenges, solutions and future directions. In Proceedings of the 2016 49th Hawaii International Conference on System Sciences (HICSS). IEEE, 5772--5781. Google ScholarDigital Library
Kevin Kwiat, Alan Taylor, William Zwicker, Daniel Hill, Sean Wetzonis, and Shangping Ren. 2010. Analysis of binary voting algorithms for use in fault-tolerant and secure computing. In Proceedings of the International Conference on Computer Engineering and Systems. 269--273.Google ScholarCross Ref
Luke Kwiat, Charles A. Kamhoua, Kevin A. Kwiat, Jian Tang, and Andrew Martin. 2015a. Security-aware virtual machine allocation in the cloud: A game theoretic approach. In Proceedings of IEEE Cloud Computing. Google ScholarDigital Library
Luke Kwiat, Charles A. Kamhoua, Kevin A. Kwiat, Jian Tang, and Andrew Martin. 2015b. Security-aware virtual machine allocation in the cloud: A game theoretic approach. In Proceedings of the 2015 IEEE 8th International Conference on Cloud Computing. IEEE, 556--563. Google ScholarDigital Library
Yuzhe Li, Ling Shi, Peng Cheng, Jiming Chen, and Daniel E. Quevedo. 2013. Jamming attack on cyber-physical systems: A game-theoretic approach. In Proceedings of the IEEE International Conference on Cyber Technology in Automation, Control and Intelligent Systems. 252--257.Google Scholar
Xiaohui Liang, Xu Li, Tom H. Luan, Rongxing Lu, Xiaodong Lin, and Xuemin Shen. 2012. Morality-driven data forwarding with privacy preservation in mobile social networks. IEEE Tran. Vehic. Technol. 61, 7 (Sep. 2012), 3209--3222.Google ScholarCross Ref
Jingqiang Lin, Peng Liu, and Jiwu Jing. 2012. Using signaling games to model the multi-step attack-defense scenarios on confidentiality. In Proceedings of Decision and Game Theory for Security (GameSec), Vol. 7638 LNCS. 118--137.Google ScholarCross Ref
Xinxin Liu, Kaikai Liu, Linke Guo, Xiaolin Li, and Yuguang Fang. 2013b. A game-theoretic approach for achieving k-anonymity in location based services. In Proceedings of IEEE INFOCOM. 2985--2993.Google ScholarCross Ref
Yuling Liu, Dengguo Feng, Yifeng Lian, Kai Chen, and Yingjun Zhang. 2013a. Optimal defense strategies for DDoS defender using bayesian game model. In Proceedings of Information Security Practice and Experience. 44--59.Google ScholarCross Ref
Chris Y. T. Ma, Nageswara S. V. Rao, and David K. Y. Yau. 2011. A game theoretic study of attack and defense in cyber-physical systems. In Proceeding of 2011 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS). 708--713.Google Scholar
Chris Y. T. Ma, David K. Y. Yau, Xin Lou, and Nageswara S. V. Rao. 2013b. Markov game analysis for attack-defense of power networks under possible misinformation. IEEE Trans. Power Syst. 28, 2 (May 2013), 1676--1686.Google ScholarCross Ref
Chris Y. T. Ma, David K. Y. Yau, and Nageswara S. V. Rao. 2013a. Scalable solutions of markov games for smart-grid infrastructure protection. IEEE Trans. Smart Grid 4, 1 (Mar. 2013), 47--55.Google ScholarCross Ref
Zhanshan Sam Ma and Axel W. Krings. 2011. Dynamic hybrid fault modeling and extended evolutionary game theory for reliability, survivability and fault tolerance analyses. IEEE Trans. Reliabil. 60, 1 (Mar. 2011), 180--196.Google ScholarCross Ref
George J. Mailath and Larry Samuelson. 2006. Repeated Games and Reputations: Long-Run Relationships.Google Scholar
Sonia Martinez. 2011. Stackelberg-game analysis of correlated attacks in cyber-physical systems. In Proceedings of the 2011 American Control Conference. 4063--4068.Google Scholar
Richard D. McKelvey and Thomas R. Palfrey. 2015. Erratum to: Quantal response equilibria for extensive form games (Exp Econ,). (2015).Google Scholar
Yilin Mo, Tiffany Hyun-Jin Kim, Kenneth Brancik, Dona Dickinson, Heejo Lee, Adrian Perrig, and Bruno Sinopoli. 2012. Cyber physical security of a smart grid infrastructure. Proceedings IEEE 100 100, 1 (Jan 2012), 195--209.Google Scholar
Noman Mohammed, Benjamin C. M. Fung, and Mourad Debbabi. 2011. Anonymity meets game theory: Secure data integration with malicious participants. Int. J. Very Large Data Bases 20, 4 (Aug. 2011), 567--588. Google ScholarDigital Library
Maryam Mohi, Ali Movaghar, and Pooya Moradian Zadeh. 2009. A bayesian game approach for preventing DoS attacks in wireless sensor networks. In Proceedings of the 2009 WRI International Conference on Communications and Mobile Computing. 507--511. Google ScholarDigital Library
Roger B. Myerson. 1991. Game Theory: Analysis of conict.Google Scholar
Satoshi Nakamoto. 2008. Bitcoin: A peer-to-peer electronic cash system. Consulted 1, 2012 (Oct 2008), 28--37.Google Scholar
Robert Nix and Murat Kantarcioglu. 2012. Contractual agreement design for enforcing honesty in cloud outsourcing. In Proceedings of Decision and Game Theory for Security, Vol. 7638 LNCS. 296--308.Google ScholarCross Ref
Robert Nix and Murat Kantarciouglu. 2012. Incentive compatible privacy-preserving distributed classification. IEEE Transactions on Dependable and Secure Computing 9, 4 (May 2012), 451--462. Google ScholarDigital Library
Dusit Niyato, Xiao Lu, Ping Wang, Dong In Kim, and Zhu Han. 2016. Economics of internet of things: An information market approach. IEEE Wireless Communications 23, 4 (Aug 2016), 136--145.Google ScholarDigital Library
Mehrdad Nojoumian and Douglas R. Stinson. 2012. Socio-rational secret sharing as a new direction in rational cryptography. In Proceedings of Conference on Decision and Game Theory for Security, (GameSec), Vol. 7638 LNCS. 1--37.Google Scholar
Martin J. Osborne and Ariel Rubinstein. 1994. A Course in Game Theory. MIT press.Google Scholar
Ranjan Pal, Leana Golubchik, and Konstantinos Psounis. 2011. Aegis a novel cyber-insurance model. In Proceeding of the Second International Conference, GameSec. 131--150. Google ScholarDigital Library
Ranjan Pal, Leana Golubchik, Konstantinos Psounis, and Pan Hui. 2014. Will cyber-insurance improve network security? A market analysis. In Proceedings of IEEE INFOCOM 2014. 235--243.Google ScholarCross Ref
Ranjan Pal and Pan Hui. 2012. CyberInsurance for cybersecurity a topological take on modulating insurance premiums. ACM SIGMETRICS Performance Evaluation Review 40, 3 (Jan 2012), 86--88. Google ScholarDigital Library
Emmanouil Panaousis and Tansu Alpcan. 2014. Secure message delivery games for device-to-device communications. In Proceedings of the Conference on Decision and Game Theory for Security (GameSec). 195--215.Google ScholarCross Ref
Emmanouil Panaousis, Eirini Karapistoli, Hadeer Elsemary, Tansu Alpcan, M.H.R. Khuzani, and Anastasios A Economides. 2017. Game theoretic path selection to support security in device-to-device communications. Ad Hoc Networks 56 (2017), 28--42. Google ScholarDigital Library
Joon S. Park, Sookyung Kim, Charles A. Kamhoua, and Ke A. Kwiat. 2012a. Optimal state management of data sharing in online social network (OSN) services. In Proceeding of Trust, Security and Privacy in Computing and Communications (TrustCom). 648--655. Google ScholarDigital Library
Joon S. Park, Sookyung Kim, Charles A. Kamhoua, and Kevin A. Kwiat. 2012b. Towards trusted data management in online social network (OSN) services. In Proceedings of the IEEE World Congress on Internet Security (WorldCIS’12). 202--203.Google Scholar
Joon S. Park, Kevin A. Kwiat, Charles A. Kamhoua, Jonathan White, and Sookyung Kim. 2014. Trusted online social network (OSN) services with optimal data management. Computers and Security 42, 1 (May 2014), 116--136.Google ScholarCross Ref
Viet Pham, M.H.R. Khouzani, and Carlos Cid. 2014. Optimal contracts for outsourced computation. In Proceedings of Conference on Decison and Game Theory for Security, GameSec. 79--98.Google ScholarCross Ref
Sören Preibusch and Joseph Bonneau. 2010. The password game: Negative externalities from weak password practices. In Proceedings of Conference on Decison and Game Theory for Security, GameSec, Vol. 6442 LNCS. 192--207. Google ScholarDigital Library
Antonino Rullo, Daniele Midi, Edoardo Serra, and Elisa Bertino. 2016. Strategic security resource allocation for internet of things. In Proceedings of the 2016 IEEE 36th International Conference on Distributed Computing Systems (ICDCS). IEEE, 737--738.Google ScholarCross Ref
Walid Saad, Zhu Han, Tamer Basar, Merouane Debbah, and Are Hjorungnes. 2009. Physical layer security: Coalitional games for distributed cooperation. In Proceeding of the 7th International Symposium on Modeling and Optimization in Mobile, Ad Hoc, and Wireless Networks. 1--8. Google ScholarDigital Library
Pascal Schottle, Aron Laszka, Benjamin Johnson, Jens Grossklags, and Rainer Bohme. 2013. A game-theoretic analysis of content-adaptive steganography with independent embedding. In Proceedings of the 21st European Signal Processing Conference (EUSIPCO). Marrakech, 1--5.Google Scholar
Dan Shen, Genshe Chen, Erik Blasch, and George Tadda. 2007a. Adaptive markov game theoretic data fusion approach for cyber network defense. In Proceeding of IEEE Military Communications Conference (MILCOM). 1--7.Google ScholarCross Ref
Dan Shen, Genshe Chen, Jose B. Cruz, Jr., Leonard Haynes, Martin Kruger, and Erik Blasch. 2007b. A markov game theoretic data fusion approach for cyber situational awareness. In Proceeding of SPIE Defense+ Security, Vol. 3. 65710F--65710F.Google Scholar
Shigen Shen, Risheng Han, Lizheng Guo, Wei Li, and Qiying Cao. 2012. Survivability evaluation towards attacked WSNs based on stochastic game and continuous-time Markov chain. Applied Soft Computing Journal 12 (May 2012), 1467--1476. Google ScholarDigital Library
Smitha Shivshankar and Abbas Jamalipour. 2014. An evolutionary game theory based approach for cooperation in VANETs under different network conditions. IEEE Transactions on Vehicular Technology PP, 99 (Jul 2014), 1--8.Google Scholar
Reza Shokri, George Theodorakopoulos, Carmela Troncoso, Jean-Pierre Hubaux, and Jean-Yves Le Boudec. 2012. Protecting location privacy. In Proceedings of the 2012 ACM Conference on Computer and Communications Security. 617--627. Google ScholarDigital Library
Yasser Shoukry, Jose Araujo, Paulo Tabuada, Mani Srivastava, and Karl H. Johansson. 2013. Minimax control for cyber-physical systems under network packet scheduling attacks. In Proceedings of the 2nd ACM International Conference on High Confidence Networked Systems. 93--100. Google ScholarDigital Library
Theodoros Spyridopoulos, G. Karanikas, Theodore Tryfonas, and Georgios Oikonomou. 2013. A game theoretic defence framework against DoS/DDoS cyber attacks. Computers 8 Security 38 (Oct 2013), 39--50. Google ScholarDigital Library
Vikram Srinivasan, Pavan Nuggehalli, Carla-Fabiana Chiasserini, and Ramesh R. Rao. 2003. Cooperation in wireless ad hoc networks. In Proceedings of INFOCOM, Vol. 2. IEEE, 808--817.Google Scholar
Vivek Srivastava and Luiz DaSilva. 2006. Equilibria for node participation in Ad Hoc networks - An imperfect monitoring approach. In Proceedings of IEEE International Conference on Communications. 3850--3855.Google ScholarCross Ref
Vivek Srivastava, James Neel, A. B. Mackenzie, Rekha Menon, L. A. Dasilva, J. E. Hicks, J. H. Reed, and R. P. Gilles. 2005. Using game theory to analyze wireless ad hoc networks. IEEE Commun. SurvTutor. 7, 4 (Jan 2005), 46--56. Google ScholarDigital Library
Surendran Subbaraj and Prakash Sabarimuthu. 2014. EigenTrust-based non-cooperative game model assisting ACO look-ahead secure routing against selfishness. EURASIP J. Wireless Commun. Netw. 78, 1 (May 2014), 1--20.Google Scholar
Latanya Sweeney. 2002. k-anonymity: A model for protecting privacy. Int. J. Uncert. Fuzz. Knowl.-Based Syst. 10, 5 (Oct. 2002), 557--570. Google ScholarDigital Library
Symantec. 2014. Internet Security Threats Report. Technical Report. Symantec. Retrieved from http://www.symantec.com/threatreport/.Google Scholar
Sapon Tanachaiwiwat, Pinalkumar Dave, Rohan Bhindwale, and Ahmed Helmy. 2004. Location-centric isolation of misbehavior and trust routing in energy-constrained sensor networks. In Proceeding of IEEE International Conference on Performance, Computing, and Communications. 463--469.Google ScholarCross Ref
Deepak Tosh, Shamik Sengupta, Charles A. Kamhoua, Kevin Kwiat, and Andrew Martin. 2015a. An evolutionary game-theoretic framework for cyber-threat information sharing. In Proceeding of IEEE International Conference on Communications.Google ScholarCross Ref
Deepak Tosh, Shamik Sengupta, Charles A. Kamhoua, and Kevin A. Kwiat. 2017. Establishing evolutionary game models for CYBer security information EXchange (CYBEX). J. Comput. System Sci. (Accepted Oct. 2017).Google Scholar
Deepak K. Tosh, Matthew Molloy, Shamik Sengupta, Charles A. Kamhoua, and Kevin A. Kwiat. 2015. Cyber-investment and cyber-information exchange decision modeling. In Proceedings of the 2015 IEEE 7th International Symposium on Cyberspace Safety and Security. IEEE, 1219--1224. Google ScholarDigital Library
Deepak K. Tosh, Shamik Sengupta, Sankar Mukhopadhyay, Charles A. Kamhoua, and Kevin A. Kwiat. 2015b. Game theoretic modeling to enforce security information sharing among firms. In Proceedings of the 2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing. IEEE, 7--12. Google ScholarDigital Library
Marie Vasek and Tyler Moore. 2014. Game-theoretic analysis of DDoS attacks against bitcoin mining pools. In Financial Cryptography and Data Security. 72--86.Google Scholar
Walid Saad, Anibal Sanjab, Yunpeng Wang, Charles A. Kamhoua, and Kevin Kwiat. 2017. Hardware trojan detection game: A prospect-theoretic approach. IEEE Trans. Vehic. Technol. (2017).Google Scholar
John Ross Wallrabenstein and Chris Clifton. 2013. For rational multiparty computation. In Proceeding of Decison and Game Theory for Security (GameSec). 226--245. Google ScholarDigital Library
John Ross Wallrabenstein and Chris Clifton. 2014. Realizable rational multiparty cryptographic protocols. In Proceedings of Conference on Decison and Game Theory for Security (GameSec), Vol. 2014. 134--154.Google ScholarCross Ref
Kun Wang, Miao Du, Dejun Yang, Chunsheng Zhu, Jian Shen, and Yan Zhang. 2016. Game-theory-based active defense for intrusion detection in cyber-physical embedded systems. ACM Trans. Embed. Comput. Syst. 16, 1 (Oct. 2016), 1--21. Google ScholarDigital Library
Wenjing Wang, Mainak Chatterjee, and Kevin A. Kwiat. 2009. Coexistence with malicious nodes: A game theoretic approach. In Proceedings of the 2009 International Conference on Game Theory for Networks (GameNets). 277--286. Google ScholarDigital Library
Wenbo Wang, Andres Kwasinski, and Zhu Han. 2014. A routing game in cognitive radio networks against routing-toward-primary-user attacks. In Proceeding of IEEE Wireless Communications and Networking Conference (WCNC), Vol. 3. 2510--2515.Google ScholarCross Ref
Yufeng Wang, Akihiro Nakao, Athanasios V. Vasilakos, and Jianhua Ma. 2011. P2P soft security: On evolutionary dynamics of P2P incentive mechanism. Comput. Commun. 34, 3 (2011), 241--249. Google ScholarDigital Library
Jonathan White, Joon S. Park, Charles A. Kamhoua, and Kevin A. Kwiat. 2013. Game theoretic attack analysis in online social network (OSN) services. In Proceedings of the IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining. Best Paper Award, 1012--1019. Google ScholarDigital Library
Jonathan White, Joon S. Park, Charles A. Kamhoua, and Kevin A. Kwiat. 2014. Social network attack simulation with honeytokens. Soc. Netw. Anal. Min. 4, 1 (Jul. 2014), 1--14.Google ScholarCross Ref
Qishi Wu, Sajjan Shiva, Sankardas Roy, Charles Ellis, and Vivek Datla. 2010. On modeling and simulation of game theory-based defense mechanisms against DoS and DDoS attacks. In Proceedings of the Spring Simulation Multiconference. 1--8. Google ScholarDigital Library
Yong Xiao, Dusit Niyato, Kwang-Cheng Chen, and Zhu Han. 2016. Enhance device-to-device communication with social awareness: A belief-based stable marriage game framework. IEEE Wireless Commun. 23, 4 (Aug 2016), 36--44.Google ScholarDigital Library
Guanhua Yan, Ritchie Lee, Alex Kent, and David Wolpert. 2012. Towards a bayesian network game framework for evaluating DDoS attacks and defense. In Proceedings of the 2012 ACM Conference on Computer and Communications Security (CCS’12). 553--566. Google ScholarDigital Library
Qing Yang, Kejie Lu, Vincenzo Mancuso, and Chan-Hyun Youn. 2016. Device-to-device communications with social awareness. IEEE Wireless Commun. 23, 4 (Aug. 2016), 10--11.Google ScholarDigital Library
Rong Yang, Christopher Kiekintveld, Fernando Ordóñez, Milind Tambe, and Richard John. 2013. Improving resource allocation strategies against human adversaries in security games: An extended study. Artif. Intell. 195 (2013), 440--469. Google ScholarDigital Library
Zichao Yang and John C. S. Lui. 2012. Security adoption in heterogeneous networks: The influence of cyber-insurance market. In 11th International IFIP TC 6 Networking Conference. 172--183. Google ScholarDigital Library
S. T. Zargar, James Joshi, and David Tipper. 2013. A survey of defense mechanisms against distributed denial of service (DDoS) flooding attacks. IEEE Commun. Surv. Tutor. 15, 4 (Mar. 2013), 2046--2069.Google ScholarCross Ref
Zhifang Zhang and Mulan Liu. 2011. Unconditionally secure rational secret sharing in standard communication networks. In Proceedings of Information Security and Cryptology-ICISC, Vol. 6829 LNCS. 355--369. Google ScholarDigital Library
H. Vicky Zhao, W. Sabrina Lin, and K. J. Ray Liu. 2012. Cooperation and coalition in multimedia fingerprinting colluder social networks. IEEE Trans. Multimedia 14, 3 (Jun. 2012), 717--733. Google ScholarDigital Library
Sheng Zhong, Jiang Chen, and Yang Richard Yang. 2003. Sprite: A simple, cheat-proof, credit-based system for mobile ad-hoc networks. In Proceedings of IEEE INFOCOM, Vol. 3. 1987--1997.Google Scholar
Jie Zhou and Jiannong Cao. 2012. OSR: Optimal and secure routing protocol in multi-hop wireless networks. In Proceeding of 32nd International Conference on Distributed Computing Systems Workshops. 187--193. Google ScholarDigital Library
Quanyan Zhu and Tamer Basar. 2011. Robust and resilient control design for cyber-physical systems with an application to power systems. In Proceedings of IEEE Conference on Decision and Control and European Control Conference. 4066--4071.Google ScholarCross Ref
Quanyan Zhu and Tamer Basar. 2012. A dynamic game-theoretic approach to resilient control system design for cascading failures. In Proceedings of the 1st International Conference on High Confidence Networked Systems. 41--46. Google ScholarDigital Library
Quanyan Zhu, Ju Bin Song, and Tamer Basar. 2011. Dynamic secure routing game in distributed cognitive radio networks. In Proceeding of IEEE Global Telecommunications Conference (GLOBECOM’11). 1--6.Google Scholar
Saman Zonouz and Parisa Haghani. 2013. Cyber-physical security metric inference in smart grid critical infrastructures based on system administrators’ responsive behavior. Comput. Secur. 39 (Nov. 2013), 190--200. Google ScholarDigital Library

Index Terms

Game Theory for Cyber Security and Privacy
1. Security and privacy

Recommendations

Game theory meets network security and privacy

This survey provides a structured and comprehensive overview of research on security and privacy in computer and communication networks that use game-theoretic approaches. We present a selected set of works to highlight the application of game theory in ...
Read More
Privacy consensus in anonymization systems via game theory
DBSec'12: Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy

Privacy protection appears as a fundamental concern when personal data is collected, stored, and published. Several anonymization methods have been proposed to address privacy issues in private datasets. Every anonymization method has at least one ...
Read More
The Functionality-Security-Privacy Game
MDAI '09: Proceedings of the 6th International Conference on Modeling Decisions for Artificial Intelligence

Privacy preservation in the information society is in many respects parallel to environment preservation in the physical world. In this way, "green ICT services" are those achieving functionality and security with minimum invasion of the privacy of ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Published in
ACM Computing Surveys Volume 50, Issue 2
March 2018
567 pages
ISSN:0360-0300
EISSN:1557-7341
DOI:10.1145/3071073
Editor:
Sartaj Sahni
Department of Computer and Information Science and Engineering / University of Florida / Gainesville, FL 32611
Issue’s Table of Contents
Copyright © 2017 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 10 May 2017
- Accepted: 1 February 2017
- Revised: 1 January 2017
- Received: 1 August 2015
Published in csur Volume 50, Issue 2

Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
Game theory
cyber security
privacy
Qualifiers
- survey
- Research
- Refereed
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 150
  Total Citations
  View Citations
- 5,550
  Total Downloads
- Downloads (Last 12 months)577
- Downloads (Last 6 weeks)70
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Game Theory for Cyber Security and Privacy

ACM Computing Surveys

Abstract

References

Cited By

Index Terms

Recommendations

Game theory meets network security and privacy

Privacy consensus in anonymization systems via game theory

The Functionality-Security-Privacy Game