Dynamic Network Security Deployment Under Partial Information
Baras, John, S.
Date: September 23 - September 26, 2008
A network user’s decision to start and continue using security products is based on economic considerations. The cost of a security compromise (e.g., worm infection) is compared against the cost of deploying and maintaining a sufficient level of security. These costs are not necessarily the real ones, but rather the perceived costs, which depend on the amount of information available to a user at each time. Moreover, the costs (whether real or perceived) depend on the decisions of other users, too: The probability of a user getting infected depends on the security deployed by all the other users. In this paper, we combine an epidemic model for malware propagation in a network with a game theoretic model of the users’ decisions to deploy security or not. Users can dynamically change their decision in order to maximize their currently perceived utility. We study the equilibrium points and their dependence on the speed of the learning process through which the users learn the state of the network. We find that the faster the learning process, the higher the total network cost.