Dynamic network security deployment under partial information

A network user’s decision to start and continue using security products is based on economic considerations. The cost of a security compromise (e.g., worm infection) is compared against the cost of deploying and maintaining a sufficient level of security. These costs are not necessarily the real ones, but rather the perceived costs, which depend on the amount of information available to a user at each time. Moreover, the costs (whether real or perceived) depend on the decisions of other users, too: The probability of a user getting infected depends on the security deployed by all the other users. In this paper, we combine an epidemic model for malware propagation in a network with a game theoretic model of the users’ decisions to deploy security or not. Users can dynamically change their decision in order to maximize their currently perceived utility. We study the equilibrium points, and their dependence on the speed of the learning process through which the users learn the state of the network. We find that the faster the learning process, the higher the total network cost.

Published in:
Proceedings of the Forty-Sixth Annual Allerton Conference On Communication, Control, and Computing
Presented at:
46th Annual Allerton Conference on Communication, Control and Computing, Allerton Retreat Center, Monticello, Illinois, September 23-26, 2008
None, None
Invited Paper

 Record created 2008-10-11, last modified 2018-11-26

Download fulltextPDF
External link:
Download fulltextURL
Rate this document:

Rate this document:
(Not yet reviewed)