Decision and Game Theory for Security

Securing complex and networked systems has become increasingly important as these systems play an indispensable role in modern life at the turn of the - formation age. Concurrently, security of ubiquitous communication, data, and computing poses novel research challenges. Security is a multi-faceted problem due to the complexity of underlying hardware, software, and network inter- pendencies as well as human and social factors. It involves decision making on multiple levels and multiple time scales, given the limited resources available to both malicious attackers and administrators defending networked systems. - cision and game theory provides a rich set of analyticalmethods and approaches to address various resource allocation and decision-making problems arising in security. This edited volume contains the contributions presented at the inaugural Conference on Decision and Game Theory for Security - GameSec 2010. These 18 articles (12 full and 6 short papers) are thematically categorized into the following six sections: Security investments and planning contains two articles, which present optimization methods for (security) investments when facing adversaries. Privacy and anonymity has three articles discussing location privacy, - line anonymity, and economic aspects of privacy. Adversarial and robust control contains three articles, which investigate security and robustness aspects of control in networks. Networksecurityandbotnetshasfourarticlesfocusingondefensivestra- giesagainstbotnetsaswellasdetectionofmaliciousadversariesinnetworks. Authorizationandauthenticationhasanarticleonpasswordpracticesand another one presenting a game-theoretic authorization model. Theory and algorithms for security containsfour articles on various th- retic and algorithmic aspects of security.

Fast-track conference proceedings State-of-the-art research Up-to-date results

Klappentext

This book constitutes the refereed proceedings of the First International Conference on Decision and Game Theory for Security, GameSec 2010, held in Berlin, Germany, in November 2010. The 12 revised full papers and 6 revised short papers presented were carefully reviewed and selected from numerous submissions and focus on analytical models based on game, information, communication, optimization, decision, and control theories that are applied to diverse security topics. The papers are organized in topical sections on security investments and planning, privacy and anonymity, adversarial and robust control, network security and botnets, authorization and authentication, as well as theory and algorithms for security.

Inhalt
Security Investments and Planning.- Design of Network Topology in an Adversarial Environment.- Optimal Information Security Investment with Penetration Testing.- Privacy and Anonymity.- Tracking Games in Mobile Networks.- gPath: A Game-Theoretic Path Selection Algorithm to Protect Tor's Anonymity.- When Do Firms Invest in Privacy-Preserving Technologies?.- Adversarial and Robust Control.- Adversarial Control in a Delay Tolerant Network.- Security Interdependencies for Networked Control Systems with Identical Agents.- Robust Control in Sparse Mobile Ad-Hoc Networks.- Network Security and Botnets.- A Game-Theoretical Approach for Finding Optimal Strategies in a Botnet Defense Model.- ISPs and Ad Networks Against Botnet Ad Fraud.- A Localization Game in Wireless Sensor Networks.- Effective Multimodel Anomaly Detection Using Cooperative Negotiation.- Authorization and Authentication.- The Password Game: Negative Externalities from Weak Password Practices.- Towards a Game Theoretic Authorisation Model.- Theory and Algorithms for Security.- Disperse or Unite? A Mathematical Model of Coordinated Attack.- Uncertainty in Interdependent Security Games.- AttackDefense Trees and Two-Player Binary Zero-Sum Extensive Form Games Are Equivalent.- Methods and Algorithms for Infinite Bayesian Stackelberg Security Games.