Jens Grossklags, Benjamin Johnson, Nicolas Christin
Citation
Jens Grossklags, Benjamin Johnson, Nicolas Christin. "The Price of Uncertainty in Security Games". Proceedings (online) of the 8th Workshop on Economics of Information Security, June, 2009.
Abstract
In the realm of information security, lack of information about other users’ incentives in a network can lead to inefficient security choices and reductions in individuals’ payoffs. We propose, contrast and compare three metrics for measuring the price of uncertainty due to the departure from the payoff-optimal security outcomes under complete information. Per the analogy with other efficiency metrics, such as the price of anarchy, we define the price of uncertainty as the maximum discrepancy in expected payoff in a complete information environment versus the payoff in an incomplete information environment. We consider difference, payoff-ratio, and cost-ratio metrics as canonical nontrivial measurements of the price of uncertainty.
We conduct an algebraic, numerical, and graphical analysis of these metrics applied to different well-studied security scenarios proposed in prior work (i.e., best shot, weakest-link, and total effort). In these scenarios, we study how a fully rational expert agent could utilize the metrics to decide whether to gather information about the economic incentives of multiple nearsighted and naive agents. We find substantial differences between the various metrics and evaluate the appropriateness for security choices in networked systems.
Electronic downloads
| Citation formats |
- HTML
Jens Grossklags, Benjamin Johnson, Nicolas Christin. <a href="http://www.truststc.org/pubs/659.html" >The Price of Uncertainty in Security Games</a>, Proceedings (online) of the 8th Workshop on Economics of Information Security, June, 2009.
- Plain text
Jens Grossklags, Benjamin Johnson, Nicolas Christin. "The Price of Uncertainty in Security Games". Proceedings (online) of the 8th Workshop on Economics of Information Security, June, 2009.
- BibTeX
@inproceedings{GrossklagsJohnsonChristin09_PriceOfUncertaintyInSecurityGames, author = {Jens Grossklags and Benjamin Johnson and Nicolas Christin}, title = {The Price of Uncertainty in Security Games}, booktitle = {Proceedings (online) of the 8th Workshop on Economics of Information Security}, month = {June}, year = {2009}, abstract = {In the realm of information security, lack of information about other users’ incentives in a network can lead to inefficient security choices and reductions in individuals’ payoffs. We propose, contrast and compare three metrics for measuring the price of uncertainty due to the departure from the payoff-optimal security outcomes under complete information. Per the analogy with other efficiency metrics, such as the price of anarchy, we define the price of uncertainty as the maximum discrepancy in expected payoff in a complete information environment versus the payoff in an incomplete information environment. We consider difference, payoff-ratio, and cost-ratio metrics as canonical nontrivial measurements of the price of uncertainty. We conduct an algebraic, numerical, and graphical analysis of these metrics applied to different well-studied security scenarios proposed in prior work (i.e., best shot, weakest-link, and total effort). In these scenarios, we study how a fully rational expert agent could utilize the metrics to decide whether to gather information about the economic incentives of multiple nearsighted and naive agents. We find substantial differences between the various metrics and evaluate the appropriateness for security choices in networked systems.}, URL = {http://www.truststc.org/pubs/659.html} }
Posted by Nicolas Christin on 28 Mar 2010.
For additional information, see the
Publications FAQ or
contact webmaster at www truststc org.
Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.