Optimal Security Investments in a Prevention and Detection Game

ABSTRACT: Most security defenses can be breached by motivated adversaries, therefore in addition to attack-prevention technologies, firms investing in cyber-security for their information technology infrastructure need to consider attack-detection and restoration tools to detect intruders, and restore their system to a safe condition. Attackers face similar investment alternatives; they need to invest resources to  finding vulnerabilities in a protected system, and once the protection has been broken, they need to invest in the infrastructure necessary to exploit these attacks and maintain stealthy persistence in the compromised infrastructure. We model this dual considerations as a dynamic programming problem between attackers and defenders and then study the Nash equilibrium of this game. Our goal is to  find models and alternatives that can help us understand optimal security investments in prevention and detection against advanced rational adversaries.

Carlos Barreto (S’07–M’13–GSM’14) received the B.S. degree in electronic engineering from the Universidad Distrital Francisco José de Caldas, Bogotá, Colombia, in 2011, and the M.S. degree in electronic engineering from the Universidad de los Andes, Bogotá, in 2013. He is currently pursuing the Ph.D. degree with the Department of Computer Science, University of Texas at Dallas, Richardson, TX, USA. From 2013 to 2014, he was a Young Researcher with the Department of Electrical and Electronics Engineering, Universidad de los Andes. Since 2014, he has been a Research Assistant with the University of Texas at Dallas. His current research interests include cyber-physical systems security, distributed resource allocation, and game theoretic methods with applications to smart grids

Alvaro Cárdenas (M’06) received the B.S. degree in electrical engineering with a minor in mathematics from the Universidad de los Andes, Bogotá, Colombia, in 2000, and the M.S. and Ph.D. degrees in electrical and computer engineering from the University of Maryland, College Park, MD, in 2002 and 2006, respectively. He is currently an Assistant Professor of Computer Science with the University of Texas at Dallas. His research interests include cyber-physical systems security and network security.

Alain Bensoussan (SM’83–F’86) is the Ashbel Smith Professor and the Director of the International Center for Decision and Risk Analysis (ICDRiA), University of Texas at Dallas, Richardson, TX, USA. He is also the Chair Professor of risk and decision analysis with the City University Hong Kong, Kowloon Tong, Hong Kong. He is Professor Emeritus at the University Paris Dauphine. He has an extensive research background in stochastic control, risk analysis, and inventory control. He has published 13 books and more than 400 papers in journals and conference proceedings. He develops a comprehensive approach to risk analysis, to apprehend technical and socioeconomic risks simultaneously. He has experience in aerospace and information technology industries. His main current research interests include the energy sector, real options, revenue management, and mean field control. Prof. Bensoussan served as the President of the National Institute for Research in Computer Science and Control (INRIA) from 1984 to 1996; the President of the French Space Agency (CNES) from 1996 to 2003; and the Chairman of the European Space Agency (ESA) Council from 1999 to 2002. He was World Class University Distinguished Professor at Ajou University, from 2010 to 2013. He is a member of the French Academy of Sciences, French Academy of Technology, Academia Europae, and International Academy of Astronautics. He is a Fellow of the American Mathematical Society and the Society for Industrial and Applied Mathematics, and received the Von Humboldt award and the NASA public service medal. He is a decorated Officer of Legion d’Honneur, Commandeur Ordre National du Merite, and Officer Bundes Verdienst Kreuz.