Are security experts useful? Bayesian Nash equilibria for network security games with limited information

Benjamin Johnson, Jens Grossklags, Nicolas Christin, John Chuang

Research output: Chapter in Book/Report/Conference proceedingConference contribution

16 Scopus citations

Abstract

A common assumption in security research is that more individual expertise unambiguously leads to a more secure overall network. We present a game-theoretic model in which this common assumption does not hold. Our findings indicate that expert users can be not only invaluable contributors, but also free-riders, defectors, and narcissistic opportunists. A direct application is that user education needs to highlight the cooperative nature of security, and foster the community sense, in particular, of higher skilled computer users. As a technical contribution, this paper represents, to our knowledge, the first formal study to quantitatively assess the impact of different degrees of information security expertise on the overall security of a network.

Original languageEnglish (US)
Title of host publicationComputer Security, ESORICS 2010 - 15th European Symposium on Research in Computer Security, Proceedings
Pages588-606
Number of pages19
DOIs
StatePublished - Nov 8 2010
Event15th European Symposium on Research in Computer Security, ESORICS 2010 - Athens, Greece
Duration: Sep 20 2010Sep 22 2010

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume6345 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other15th European Symposium on Research in Computer Security, ESORICS 2010
CountryGreece
CityAthens
Period9/20/109/22/10

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint Dive into the research topics of 'Are security experts useful? Bayesian Nash equilibria for network security games with limited information'. Together they form a unique fingerprint.

  • Cite this

    Johnson, B., Grossklags, J., Christin, N., & Chuang, J. (2010). Are security experts useful? Bayesian Nash equilibria for network security games with limited information. In Computer Security, ESORICS 2010 - 15th European Symposium on Research in Computer Security, Proceedings (pp. 588-606). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 6345 LNCS). https://doi.org/10.1007/978-3-642-15497-3_36