Cyber-investment and cyber-information exchange decision modeling

Proceedings - 2015 IEEE 17th International Conference on High Performance Computing and Communications, 2015 IEEE 7th International Symposium on Cyberspace Safety and Security and 2015 IEEE 12th International Conference on Embedded Software and Systems, HPCC-CSS-ICESS 2015

Volumn , Issue , 2015, Pages 1219-1224

  Tosh, Deepak K ^a   Molloy, Matthew ^a   Sengupta, Shamik ^a   Kamhoua, Charles A ^b   Kwiat, Kevin A ^b  

^a University of Nevada   (United States)

^b AIR FORCE RESEARCH LABORATORY   (United States)

Author keywords

Bismuth; Computer security; Games; Information management; Investment; Robustness

Indexed keywords

BISMUTH; COMPUTER GAMES; COMPUTERS; EMBEDDED SOFTWARE; EMBEDDED SYSTEMS; GAME THEORY; INFORMATION ANALYSIS; INFORMATION MANAGEMENT; INVESTMENTS; PROBABILITY; ROBUSTNESS (CONTROL SYSTEMS); SECURITY OF DATA;

COUPLED CONSTRAINTS; CYBER INFORMATION; DECISION MODELING; GAMES; INFORMATION EXPLOITATION; INFORMATION SHARING; NONCOOPERATIVE GAME; SECURITY INVESTMENTS;

INFORMATION DISSEMINATION;

EID: 84961696236     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/HPCC-CSS-ICESS.2015.264     Document Type: Conference Paper

References (20)

1. E. Gal-Or and A. Ghose, "The economic consequences of sharing security information. " Economics of information security, vol. 12, pp. 95-105, 2004.
2. K. Hausken, "Information sharing among firms and cyber attacks, " Journal of Accounting and Public Policy, vol. 26, pp. 639-688, 2007.
3. M. Kadivar, "Cyber-attack attributes, " Technology Innovation Management Review, p. 22, 2014.
4. E. A. Fischer, E. C. Liu, J. W. Rollins, and C. A. Theohary, "The 2013 cybersecurity executive order: Overview and considerations for congress, " 2013.
5. "Cybersecurity information sharing act of 2015, https://www. congress. gov/114/bills/s754/bills-114s754pcs. pdf. "
6. P. Kampanakis, "Security automation and threat information-sharing options, " Security & Privacy, IEEE, vol. 12, no. 5, pp. 42-51, 2014.
7. A. Rutkowski, Y. Kadobayashi, I. Furey, D. Rajnovic, R. Martin, T. Takahashi, C. Schultz, G. Reid, G. Schudel, M. Hird, and S. Adegbite, "Cybex: The cybersecurity information exchange framework (x. 1500), " SIGCOMM Comput. Commun. Rev., vol. 40, no. 5, pp. 59-64, Oct. 2010. [Online]. Available: http://doi. acm. org/10. 1145/1880153. 1880163
8. http://fcw. com/articles/2014/08/06/what-keeps-darpa-up-at-night. aspx.
9. L. A. Gordon, M. P. Loeb, and W. Lucyshyn, "Sharing information on computer systems security: An economic analysis, " Journal of Accounting and Public Policy, vol. 22, no. 6, pp. 461-485, 2003.
10. D. Liu, Y. Ji, and V. Mookerjee, "Knowledge sharing and investment decisions in information security, " Decision Support Systems, vol. 52, no. 1, pp. 95-107, 2011. [Online]. Available: http://www. sciencedirect. com/science/article/pii/S0167923611001151
11. M. Khouzani, V. Pham, and C. Cid, "Strategic discovery and sharing of vulnerabilities in competitive environments, " in Decision and Game Theory for Security. Springer, 2014, pp. 59-78.
12. S. Bowles, Microeconomics: behavior, institutions, and evolution. Princeton University Press, 2009.
13. W. Bossert and Y. Sprumont, "Non-deteriorating choice, " Economica, vol. 76, no. 302, pp. 337-363, 2009.
14. J. Apesteguia and M. A. Ballester, "A measure of rationality and welfare, " Working Papers (Universitat Pompeu Fabra. Departamento de Econom?a y Empresa), no. 1220, p. 1, 2010.
15. D. K. Tosh, S. Sengupta, C. Kamhoua, K. A. Kwiat, and A. Martin, "An evolutionary game-theoretic framework for cyber-threat information sharing, " in Proceedings of the IEEE International Conference on Communications (ICC), 2015.
16. R. Litzenberger and M. Rubinstein, "The strong case for the generalized logarithmic utility model as the premier model of financial markets, " The Journal of Finance, vol. 31, no. 2, pp. 551-571, 1976.
17. L. L. Kupper, C. Portier, M. D. Hogan, and E. Yamamoto, "The impact of litter effects on dose-response modeling in teratology, " Biometrics, pp. 85-98, 1986.
18. P. Teunis and A. Havelaar, "The beta poisson dose-response model is not a single-hit model, " Risk Analysis, vol. 20, no. 4, pp. 513-520, 2000.
19. S. Anand, S. Sengupta, and R. Chandramouli, "An attack-defense game theoretic analysis of multi-band wireless covert timing networks, " in INFOCOM, 2010 Proceedings IEEE. IEEE, 2010, pp. 1-9.
20. M. H. Fleming and E. Goldstein, "Metrics for measuring the efficacy of critical-infrastructure-centric cybersecurity information sharing efforts, " Available at SSRN 2201033, 2012.