Power Indices and Security Investment Game
ABSTRACT The objective of this proposed work is to better understand the challenge of making network security investment decisions. Game theorists have long investigated related problems stemming from voting and coalition building, and there are two well-known allocation strategies that have resulted from this research – the Shapley-Shubik Value (SSV) and the Banzhaf Power Index (BPI). Our idea is to take these two strategies as a starting point and pit them (as well as variations on these canonical strategies) against each other in a simple network security scenario. Specifically, we have them play the famous “Colonel Blotto” game, in which attacker and defender must decide how to allocate resources across a set of contended assets. |
Given that network security investment decisions must be made in a context of finite resources, we characterize potential tensions between performance and allocation efficiency (i.e., not wasting resources), and then distill insights from our analyses that can be applied to real-world security allocation problems.
Slides found here.
BIO
David Burke is a Principal Scientist at Galois, Inc., where he leads the machine cognition research program, investigating techniques for integrating human decision-making with machine intelligence (and vice versa). Since joining Galois in 2004, his work has included conducting research into logics for reasoning about trust in the design of secure systems, approaches for ensuring robust decision-making in multi-agent systems, and the development of hybrid AI techniques for system security. His recent experience include PI roles on vaious DARPA, AFRL, and DoD-funded projects focused on adaptive human-machine teaming, techniques for reasoning under conditions of extreme uncertainty, and adversarial modeling for cybersecurity. Other research interests include machine ethics, game theory and bio-inspired AI.