Network Security and Contagion
We develop a theoretical model of security investments in a network of interconnected agents. Network connections introduce the possibility of cascading failures due to an exogenous or endogenous attack depending on the profile of security investments by the agents. The general presumption in the literature, based on intuitive arguments or analysis of symmetric networks, is that because security investments create positive externalities on other agents, there will be underinvestment in security. We show that this reasoning is incomplete because of a first-order economic force: security investments are also strategic substitutes. In a general (non-symmetric) network, this implies that underinvestment by some agents will encourage overinvestment by others. We demonstrate by means of examples that there can be overinvestment by some agents and also that aggregate probabilities of infection can be lower in equilibrium compared to the social optimum. We then provide sufficient conditions for underinvestment. This requires both sufficiently convex cost functions (convexity alone is not enough) and networks that are either symmetric or locally tree-like. We also characterize the impact of network structure on equilibrium and optimal investments. Finally, we show that when the attack location is endogenized (by assuming that the attacker chooses a probability distribution over the location of the attack in order to maximize damage), there is an additional incentive for overinvestment: greater investment by an agent shifts the attack to other parts of the network.
|Date of creation:||Jun 2013|
|Contact details of provider:|| Postal: National Bureau of Economic Research, 1050 Massachusetts Avenue Cambridge, MA 02138, U.S.A.|
Web page: http://www.nber.org
More information through EDIRC
References listed on IDEAS
Please report citation or reference errors to , or , if you are the registered author of the cited work, log in to your RePEc Author Service profile, click on "citations" and make appropriate adjustments.:
- Vega-Redondo,Fernando, 2007. "Complex Social Networks," Cambridge Books, Cambridge University Press, number 9780521857406, December.
- Dan Kovenock & Brian Roberson, 2010. "The Optimal Defense of Networks of Targets," Purdue University Economics Working Papers 1251, Purdue University, Department of Economics.
- Daron Acemoglu & Asuman Ozdaglar & Alireza Tahbaz-Salehi, 2015.
"Systemic Risk and Stability in Financial Networks,"
American Economic Review,
American Economic Association, vol. 105(2), pages 564-608, February.
- Matthew O. Jackson & Asher Wolinsky, 1994.
"A Strategic Model of Social and Economic Networks,"
1098, Northwestern University, Center for Mathematical Studies in Economics and Management Science.
- Goldman Steven Marc & Lightwood James, 2002.
"Cost Optimization in the SIS Model of Infectious Disease with Treatment,"
The B.E. Journal of Economic Analysis & Policy,
De Gruyter, vol. 2(1), pages 1-24, April.
- Goldman, Steven M. & Lightwood, James, 1996. "Cost Optimization in the SIS Model of Infectious Disease with Treatment," Department of Economics, Working Paper Series qt0r88q87t, Department of Economics, Institute for Business and Economic Research, UC Berkeley.
- Steven M. Goldman and James Lightwood., 1996. "Cost Optimization in the SIS Model of Infectious Disease with Treatment," Economics Working Papers 96-245, University of California at Berkeley.
- Geoffard, Pierre-Yves & Philipson, Tomas, 1997. "Disease Eradication: Private versus Public Vaccination," American Economic Review, American Economic Association, vol. 87(1), pages 222-230, March.
- Heski Bar-Isaac & Mariagiovanna Baccara, 2006. "How to Organize Crime," Working Papers 06-07, New York University, Leonard N. Stern School of Business, Department of Economics.
- Venkatesh Bala & Sanjeev Goyal, 2000. "A Noncooperative Model of Network Formation," Econometrica, Econometric Society, vol. 68(5), pages 1181-1230, September.
- Vega-Redondo,Fernando, 2007. "Complex Social Networks," Cambridge Books, Cambridge University Press, number 9780521674096, December.
- Benjamin Golub & Matthew O. Jackson, 2012. "How Homophily Affects the Speed of Learning and Best-Response Dynamics," The Quarterly Journal of Economics, Oxford University Press, vol. 127(3), pages 1287-1338.
- de Meza, David & Gould, J R, 1992. "The Social Efficiency of Private Decisions to Enforce Property Rights," Journal of Political Economy, University of Chicago Press, vol. 100(3), pages 561-580, June.
- Brito, Dagobert L. & Sheshinski, Eytan & Intriligator, Michael D., 1991. "Externalities and compulsary vaccinations," Journal of Public Economics, Elsevier, vol. 45(1), pages 69-90, June.
- Larson, Nathan, 2011. "Network security," MPRA Paper 32822, University Library of Munich, Germany.
When requesting a correction, please mention this item's handle: RePEc:nbr:nberwo:19174. See general information about how to correct material in RePEc.
For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: ()
If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.
If references are entirely missing, you can add them using this form.
If the full references list an item that is present in RePEc, but the system did not link to it, you can help with this form.
If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your profile, as there may be some citations waiting for confirmation.
Please note that corrections may take a couple of weeks to filter through the various RePEc services.