Becoming Cybercriminals: Incentives in Networks with Interdependent Security
Aron Laszka, Galina A. Schwartz

Citation
Aron Laszka, Galina A. Schwartz. "Becoming Cybercriminals: Incentives in Networks with Interdependent Security". 7th Conference on Decision and Game Theory for Security (GameSec), November, 2016.

Abstract
We study users’ incentives to become cybercriminals when network security is interdependent. We present a game-theoretic model in which each player (i.e., network user) decides his type, honest or malicious. Honest users represent law-abiding network users, while malicious users represent cybercriminals. After deciding on their types, the users make their security choices. We will follow [29], where breach probabilities for large-scale networks are obtained from a standard interdependent security (IDS) setup. In large-scale IDS networks, the breach probability of each player becomes a function of two variables: the player’s own security action and network security, which is an aggregate characteristic of the network; network security is computed from the security actions of the individual nodes that comprise the network. This allows us to quantify user security choices in networks with IDS even when users have only very limited, aggregate information about security choices of other users of the network.

Electronic downloads

Citation formats  
  • HTML
    Aron Laszka, Galina A. Schwartz. <a
    href="http://www.cps-forces.org/pubs/250.html"
    >Becoming Cybercriminals: Incentives in Networks with
    Interdependent Security</a>, 7th Conference on
    Decision and Game Theory for Security (GameSec), November,
    2016.
  • Plain text
    Aron Laszka, Galina A. Schwartz. "Becoming
    Cybercriminals: Incentives in Networks with Interdependent
    Security". 7th Conference on Decision and Game Theory
    for Security (GameSec), November, 2016.
  • BibTeX
    @inproceedings{LaszkaSchwartz16_BecomingCybercriminalsIncentivesInNetworksWithInterdependent,
        author = {Aron Laszka and Galina A. Schwartz},
        title = {Becoming Cybercriminals: Incentives in Networks
                  with Interdependent Security},
        booktitle = {7th Conference on Decision and Game Theory for
                  Security (GameSec)},
        month = {November},
        year = {2016},
        abstract = {We study usersâ incentives to become
                  cybercriminals when network security is
                  interdependent. We present a game-theoretic model
                  in which each player (i.e., network user) decides
                  his type, honest or malicious. Honest users
                  represent law-abiding network users, while
                  malicious users represent cybercriminals. After
                  deciding on their types, the users make their
                  security choices. We will follow [29], where
                  breach probabilities for large-scale networks are
                  obtained from a standard interdependent security
                  (IDS) setup. In large-scale IDS networks, the
                  breach probability of each player becomes a
                  function of two variables: the playerâs own
                  security action and network security, which is an
                  aggregate characteristic of the network; network
                  security is computed from the security actions of
                  the individual nodes that comprise the network.
                  This allows us to quantify user security choices
                  in networks with IDS even when users have only
                  very limited, aggregate information about security
                  choices of other users of the network.},
        URL = {http://cps-forces.org/pubs/250.html}
    }
    

Posted by Waseem Abbas on 2 Mar 2017.
Groups: forces
For additional information, see the Publications FAQ or contact webmaster at cps-forces org.

Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.