In this paper we propose and discuss a game-theoretic framework for (a) evaluating security vulnerability, (b) quantifying the corresponding Pareto optimal vulnerability/cost tradeo®, and (c) identifying the optimal operating point on this Pareto optimal frontier. We discuss our framework in the context of a °ow-level model of Supply-Demand (S-D) network where we assume a sophisticated attacker attempting to disrupt the network °ow. The vulnerability metric is determined by the Nash equilibrium payoff of the corresponding game. The vulnerability/cost tradeoff is derived by assuming that the "network" can reduce the security vulnerability at the cost of using more expensive flows and the optimal operating point is determined by the "network" preferences with respect to vulnerability and cost. We illustrate the proposed framework on examples through numerical investigations.
Proceedings Title: GameSec 2012, the third Conference on Decision and Game Theory for Security
Conference Dates: November 5-6, 2012
Conference Location: Budapest, -1
Conference Title: GameSec
Pub Type: Conferences
Network Security Vulnerability, Network Security Cost, Vulnerability/Cost Tradeoff, Game Theoretic Model