IDEAS home Printed from https://ideas.repec.org/a/eee/reensy/v119y2013icp35-43.html
   My bibliography  Save this article

A game-theory approach to configuration of detection software with decision errors

Author

Listed:
  • Gao, Xing
  • Zhong, Weijun
  • Mei, Shue

Abstract

The modern computer and communication networks that firms rely on have become more complex due to their dynamic, distributed and heterogeneous features; it is therefore increasingly important to characterize the interaction between a firm and a user to ensure information security. Recently, a game-theory approach has been widely employed to investigate this issue, including the optimal configurations of the detection software. However, for both the firm and the user, inaccuracies may persist in the gap between strategic decisions and actual actions, due to the effects of irrationality and the error-prone nature of the devices that carry their commands. This paper analyzes the effects of decision errors on the optimal strategies of both the firm and the user and, in particular, on the optimal configurations of the detection software. We finally demonstrate that decision errors can promote several pure equilibrium strategies and that fine-tuning these configurations quickly becomes difficult. Furthermore, we find that decision errors can drastically influence the optimal configurations and expected costs for a firm.

Suggested Citation

  • Gao, Xing & Zhong, Weijun & Mei, Shue, 2013. "A game-theory approach to configuration of detection software with decision errors," Reliability Engineering and System Safety, Elsevier, vol. 119(C), pages 35-43.
    • Handle: RePEc:eee:reensy:v:119:y:2013:i:c:p:35-43
    DOI: 10.1016/j.ress.2013.05.004
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S0951832013001294
    Download Restriction: Full text for ScienceDirect subscribers only
    File URL: https://libkey.io/10.1016/j.ress.2013.05.004?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Hausken, Kjell, 2008. "Strategic defense and attack for series and parallel reliability systems," European Journal of Operational Research, Elsevier, vol. 186(2), pages 856-881, April.
    2. Levitin, Gregory & Hausken, Kjell & Ben Haim, Hanoch, 2013. "Defending majority voting systems against a strategic attacker," Reliability Engineering and System Safety, Elsevier, vol. 111(C), pages 37-44.
    3. Kjell Hausken, 2012. "The economics of terrorism against two targets," Applied Economics Letters, Taylor & Francis Journals, vol. 19(12), pages 1135-1138, August.
    4. Jun Zhuang & Vicki M. Bier, 2007. "Balancing Terrorism and Natural Disasters---Defensive Strategy with Endogenous Attacker Effort," Operations Research, INFORMS, vol. 55(5), pages 976-991, October.
    5. Levitin, Gregory & Hausken, Kjell, 2013. "Is it wise to leave some false targets unprotected?," Reliability Engineering and System Safety, Elsevier, vol. 112(C), pages 176-186.
    6. Hausken, Kjell, 2006. "Income, interdependence, and substitution effects affecting incentives for security investment," Journal of Accounting and Public Policy, Elsevier, vol. 25(6), pages 629-665.
    7. Vicki Bier & Santiago Oliveros & Larry Samuelson, 2007. "Choosing What to Protect: Strategic Defensive Allocation against an Unknown Attacker," Journal of Public Economic Theory, Association for Public Economic Theory, vol. 9(4), pages 563-587, August.
    8. Huseyin Cavusoglu & Srinivasan Raghunathan & Hasan Cavusoglu, 2009. "Configuration of and Interaction Between Information Security Technologies: The Case of Firewalls and Intrusion Detection Systems," Information Systems Research, INFORMS, vol. 20(2), pages 198-217, June.
    9. Reniers, Genserik & Soudan, Karel, 2010. "A game-theoretical approach for reciprocal security-related prevention investment decisions," Reliability Engineering and System Safety, Elsevier, vol. 95(1), pages 1-9.
    10. G Levitin & K Hausken, 2010. "Defence and attack of systems with variable attacker system structure detection probability," Journal of the Operational Research Society, Palgrave Macmillan;The OR Society, vol. 61(1), pages 124-133, January.
    11. Anderson, Simon P. & Goeree, Jacob K. & Holt, Charles A., 1998. "A theoretical analysis of altruism and decision error in public goods games," Journal of Public Economics, Elsevier, vol. 70(2), pages 297-323, November.
    12. Xing Gao & Weijun Zhong & Shue Mei, 2013. "Stochastic Evolutionary Game Dynamics and Their Selection Mechanisms," Computational Economics, Springer;Society for Computational Economics, vol. 41(2), pages 233-247, February.
    13. Rajagopal, 2014. "The Human Factors," Palgrave Macmillan Books, in: Architecting Enterprise, chapter 9, pages 225-249, Palgrave Macmillan.
    14. Huseyin Cavusoglu & Birendra Mishra & Srinivasan Raghunathan, 2005. "The Value of Intrusion Detection Systems in Information Technology Security Architecture," Information Systems Research, INFORMS, vol. 16(1), pages 28-46, March.
    15. Zare Moayedi, Behzad & Azgomi, Mohammad Abdollahi, 2012. "A game theoretic framework for evaluation of the impacts of hackers diversity on security measures," Reliability Engineering and System Safety, Elsevier, vol. 99(C), pages 45-54.
    16. Hausken, Kjell, 2008. "Strategic defense and attack for reliability systems," Reliability Engineering and System Safety, Elsevier, vol. 93(11), pages 1740-1750.
    17. Gregory Levitin & Kjell Hausken, 2012. "Resource Distribution in Multiple Attacks with Imperfect Detection of the Attack Outcome," Risk Analysis, John Wiley & Sons, vol. 32(2), pages 304-318, February.
    18. Bier, Vicki M. & Hausken, Kjell, 2013. "Defending and attacking a network of two arcs subject to traffic congestion," Reliability Engineering and System Safety, Elsevier, vol. 112(C), pages 214-224.
    19. Huseyin Cavusoglu & Srinivasan Raghunathan, 2004. "Configuration of Detection Software: A Comparison of Decision and Game Theory Approaches," Decision Analysis, INFORMS, vol. 1(3), pages 131-148, September.
    20. Hausken, Kjell, 2007. "Information sharing among firms and cyber attacks," Journal of Accounting and Public Policy, Elsevier, vol. 26(6), pages 639-688.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Meng, Xueyu & Cai, Zhiqiang & Si, Shubin & Duan, Dongli, 2021. "Analysis of epidemic vaccination strategies on heterogeneous networks: Based on SEIRV model and evolutionary game," Applied Mathematics and Computation, Elsevier, vol. 403(C).
    2. Ding, Weiyong & Xu, Maochao & Huang, Yu & Zhao, Peng, 2020. "Cyber risks of PMU networks with observation errors: Assessment and mitigation," Reliability Engineering and System Safety, Elsevier, vol. 198(C).
    3. Talarico, Luca & Reniers, Genserik & Sörensen, Kenneth & Springael, Johan, 2015. "MISTRAL: A game-theoretical model to allocate security measures in a multi-modal chemical transportation network with adaptive adversaries," Reliability Engineering and System Safety, Elsevier, vol. 138(C), pages 105-114.
    4. Chuanxi Cai & Shue Mei & Weijun Zhong, 2019. "Configuration of intrusion prevention systems based on a legal user: the case for using intrusion prevention systems instead of intrusion detection systems," Information Technology and Management, Springer, vol. 20(2), pages 55-71, June.
    5. Krishna Kalyanam & David Casbeer & Meir Pachter, 2020. "A sequential partial information bomber‐defender shooting problem," Naval Research Logistics (NRL), John Wiley & Sons, vol. 67(3), pages 223-235, April.
    6. Xing Gao & Weijun Zhong, 2016. "A differential game approach to security investment and information sharing in a competitive environment," IISE Transactions, Taylor & Francis Journals, vol. 48(6), pages 511-526, June.

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Xing Gao & Weijun Zhong & Shue Mei, 2013. "Information Security Investment When Hackers Disseminate Knowledge," Decision Analysis, INFORMS, vol. 10(4), pages 352-368, December.
    2. Xing Gao & Weijun Zhong & Shue Mei, 2015. "Security investment and information sharing under an alternative security breach probability function," Information Systems Frontiers, Springer, vol. 17(2), pages 423-438, April.
    3. Ding, Tao & Yao, Li & Li, Fangxing, 2018. "A multi-uncertainty-set based two-stage robust optimization to defender–attacker–defender model for power system protection," Reliability Engineering and System Safety, Elsevier, vol. 169(C), pages 179-186.
    4. R Peng & G Levitin & M Xie & S H Ng, 2011. "Optimal defence of single object with imperfect false targets," Journal of the Operational Research Society, Palgrave Macmillan;The OR Society, vol. 62(1), pages 134-141, January.
    5. Yan, Xihong & Ren, Xiaorong & Nie, Xiaofeng, 2022. "A budget allocation model for domestic airport network protection," Socio-Economic Planning Sciences, Elsevier, vol. 82(PB).
    6. Szidarovszky, Ferenc & Luo, Yi, 2014. "Incorporating risk seeking attitude into defense strategy," Reliability Engineering and System Safety, Elsevier, vol. 123(C), pages 104-109.
    7. Levitin, Gregory & Hausken, Kjell, 2008. "Protection vs. redundancy in homogeneous parallel systems," Reliability Engineering and System Safety, Elsevier, vol. 93(10), pages 1444-1451.
    8. Ben Yaghlane, Asma & Azaiez, M. Naceur, 2017. "Systems under attack-survivability rather than reliability: Concept, results, and applications," European Journal of Operational Research, Elsevier, vol. 258(3), pages 1156-1164.
    9. Kjell Hausken & Gregory Levitin, 2008. "Efficiency of Even Separation of Parallel Elements with Variable Contest Intensity," Risk Analysis, John Wiley & Sons, vol. 28(5), pages 1477-1486, October.
    10. Shan, Xiaojun & Zhuang, Jun, 2018. "Modeling cumulative defensive resource allocation against a strategic attacker in a multi-period multi-target sequential game," Reliability Engineering and System Safety, Elsevier, vol. 179(C), pages 12-26.
    11. Ye, Zhi-Sheng & Peng, Rui & Wang, Wenbin, 2017. "Defense and attack of performance-sharing common bus systemsAuthor-Name: Zhai, Qingqing," European Journal of Operational Research, Elsevier, vol. 256(3), pages 962-975.
    12. Xing Gao & Weijun Zhong, 2016. "A differential game approach to security investment and information sharing in a competitive environment," IISE Transactions, Taylor & Francis Journals, vol. 48(6), pages 511-526, June.
    13. Levitin, Gregory & Hausken, Kjell, 2010. "Separation in homogeneous systems with independent identical elements," European Journal of Operational Research, Elsevier, vol. 203(3), pages 625-634, June.
    14. Zhang, Jing & Zhuang, Jun & Jose, Victor Richmond R., 2018. "The role of risk preferences in a multi-target defender-attacker resource allocation game," Reliability Engineering and System Safety, Elsevier, vol. 169(C), pages 95-104.
    15. Levitin, Gregory & Hausken, Kjell, 2009. "False targets efficiency in defense strategy," European Journal of Operational Research, Elsevier, vol. 194(1), pages 155-162, April.
    16. Xing Gao & Weijun Zhong, 2015. "Information security investment for competitive firms with hacker behavior and security requirements," Annals of Operations Research, Springer, vol. 235(1), pages 277-300, December.
    17. Hausken, Kjell, 2017. "Defense and attack for interdependent systems," European Journal of Operational Research, Elsevier, vol. 256(2), pages 582-591.
    18. Levitin, Gregory & Hausken, Kjell, 2009. "Parallel systems under two sequential attacks," Reliability Engineering and System Safety, Elsevier, vol. 94(3), pages 763-772.
    19. Chen, Die & Xu, Maochao & Shi, Weidong, 2018. "Defending a cyber system with early warning mechanism," Reliability Engineering and System Safety, Elsevier, vol. 169(C), pages 224-234.
    20. Levitin, Gregory & Hausken, Kjell, 2009. "Meeting a demand vs. enhancing protections in homogeneous parallel systems," Reliability Engineering and System Safety, Elsevier, vol. 94(11), pages 1711-1717.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:reensy:v:119:y:2013:i:c:p:35-43. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: https://www.journals.elsevier.com/reliability-engineering-and-system-safety .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.