Are we compromised? Modelling security assessment games

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 7638 LNCS, Issue , 2012, Pages 234-247

  Pham, Viet ^a   Cid, Carlos ^a  

^a UNIVERSITY OF LONDON   (United Kingdom)

Author keywords

[No Author keywords available]

Indexed keywords

DIGITAL ASSETS; GAME-THEORETIC; INTEGRAL PART; IT INFRASTRUCTURES; SECURITY ASSESSMENT;

CRITICAL INFRASTRUCTURES;

GAME THEORY;

EID: 84869444399     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-642-34266-0_14     Document Type: Conference Paper

References (15)

1. Bejtlich, R.: Testimony before the USCC Hearing on "Developments in China's Cyber and Nuclear Capabilities" (March 26, 2012), http://www.uscc.gov/hearings/2012hearings/written testimonies/hr12 03 26.php
2. Billo, C.G.: Cyber warfare: An analysis of the means and motivations of selected nation states. Technical report, Institute for Security Technology Studies at Darthmouth College (2004)
3. Böhme, R., Félegyházi, M.: Optimal Information Security Investment with Penetration Testing. In: Alpcan, T., Buttyán, L., Baras, J.S. (eds.) GameSec 2010. LNCS, vol. 6442, pp. 21-37. Springer, Heidelberg (2010)
4. Böhme, R., Moore, T.: The iterated weakest link: A model of adaptive security investment. In: Workshop on the Economics of Information Security, WEIS (2009)
5. Chabrow, E.: Identifying undetected breaches identifying undetected breaches: How data scientists analyze big data to spot vulnerabilities (April 20, 2012), http://www.bankinfosecurity.co.uk/interviews/identifying-undetected- breaches-i-1542
6. Coviello, A.: Open letter to RSA customers (March 17, 2011), http://www.rsa.com/node.aspx?id=3872
7. Gordon, L.A., Loeb, M.P.: The economics of information security investment. ACM Transactions in Information System Security 5(4), 438-457 (2002)
8. Kunreuther, H., Heal, G.: Interdependent Security. Journal of Risk and Uncertainty 26(2), 231-249 (2007)
9. Langner, R.: Stuxnet: Dissecting a cyber warfare weapon. IEEE Security & Privacy 9(3), 49-51 (2011)
10. Manshaei, M.H., Zhu, Q., Alpcan, T., Basar, T., Hubaux, J.: Game Theory Meets Network Security and Privacy. Technical report, EPFL (2010)
11. National Institute of Standards and Technology. Technical Guide to Information Security Testing and Assessment. Special Publication 800-115 (2008)
12. National Institute of Standards and Technology. Recommended security controls for federal information systems and organizations. Special Publication 800-53 (2009)
13. Raya, M., Shokri, R., Hubaux, J.: On the tradeoff between trust and privacy in wireless ad hoc networks. In: Proceedings of the Third ACM Conference onWireless Network Security, WiSec 2010, pp. 75-80. ACM, New York (2010)
14. van Dijk, M., Juels, A., Oprea, A., Rivest, R.L.: Flipit: The game of "stealthy takeover". Cryptology ePrint Archive, Report 2012/103 (2012)
15. Vijayan, J.: Breach, undetected since 2005, exposes data on Kingston customers (July 17, 2007), http://www.computerworld.com/s/article/9027220/ Breach-undetected-since-05-exposes-data-on-Kingston-customers