Interdependent Defense Games with Applications to Internet Security at the Level of Autonomous Systems
1.1. Related Work
1.2. Brief Overview of the Article and the Significance of Our Contributions
2. Interdependent Security Games, and a Generalization
2.1. Generalized IDS Games
3. Interdependent Defense Games
3.1. Conditions on Model Parameters
3.2. There Is No PSNE in Any IDD Game with at Most One (Simultaneous) Attack
3.3. Mixed Strategies in IDD Games
3.3.1. A Characterization of the MSNE: Compact Representation of Attacker’s Mixed Strategies
- the joint PMF decomposes as 10
- for all , the parent-family marginal PMFs agree, and
- the sites and the aggressor achieve the same expected cost and utility, respectively, in as in : for all ,
3.4. MSNE of IDD Games with at Most One Simultaneous Attack and Full Transfer Vulnerability
3.4.1. Characterizing the MSNE of Fully Transfer-Vulnerable Single-Attack IDD Games
- if and only if
- , and
- for all i, and .
- if and only if
- , and
- for all i, and with .
- if and only if
- , and
- there exists a non-singleton, non-empty subset , such that if , and the following holds:
- for all , and ,
- for all , and , and in addition, ; and
- for all , and
3.4.2. Some Remarks on the MSNE of Fully Transfer-Vulnerable Single-Attack IDD Games
Security Investment Characteristics
Relation to Network Structure
On the Attacker’s Equilibrium Strategy
- players for which the attacker’s cost-to-expected-loss is higher are “selected” first in the algorithm;
- if the size of that set is t, and there is a lower bound on , and , then is an upper-bound on the number of players that could potentially be attacked;
- if we have a game with homogeneous parameters, then the probability of an attack will be uniform over that set ; and
- all but one of the players in that set invest in security with some non-zero probability, for almost every parameter setting for IDD games satisfying the conditions of Proposition 5.
4. On the Complexity of Computing an MSNE in Single-Attack IDD Games
4.1. Computing All MSNE of Fully Transfer-Vulnerable Single-Attack IDD Games in Polynomial Time
4.2. Hardness Results on Computing MSNE in General Single-Attack IDD Games
4.3. FPTAS to Compute Approximate MSNE of Tree-Like Single-Attack IDD Games
- to demonstrate that a simple heuristic, best-response-gradient dynamics (BRGD), is practically effective in computing an ϵ-MSNE, up to , in a very large class of IDD games with realistic Internet-scale network graphs in a reasonable amount of time for cases in which the transfer vulnerabilities ’s are low;
- to explore the general structural and computational characteristics of (approximate) MSNE in such IDD games, including their dependence on the underlying network structure of the game (and approximation quality); and
- to evaluate and illustrate the effectiveness of an improved version of the simple heuristics, which uses the concept of smooth best-response dynamics (SBRD) for the attacker, for computing ϵ-MSNE for ϵ values that are an order of magnitude lower (i.e., ).
5.1. Computing an ϵ-MSNE Using BRGD
5.1.1. A Single Internet Game
Players’ Equilibrium Behavior
Relation to Network Structure
5.1.2. Randomly-Generated Internet Games
Behavior of the Players
Relation to Network Structure
5.1.3. Case Study: A Randomly-Generated Instance of an IG at -MSNE
Topological Structure of an Attack to the Internet
5.2. A Heuristic to Compute ϵ-MSNE Based on Smooth Best-Response for the Attacker
|Algorithm 1: Heuristic Based on Hybrid of BRGD and Smooth Best-Response Dynamics (SBRD) to Compute an ϵ-MSNE in Single-Attack IDD Games|
5.3. Evaluation of the Hybrid BRGD-SBRD Heuristic on Internet Games
5.3.1. Comparing Running Time of BRGD and the Proposed Hybrid BRGD-SBRD Heuristic
5.3.2. Attacker and Sites’ Equilibrium Behavior
5.3.3. Network Structure of an Attack
6. Future Work, Open Problems, and a Summary of Our Contributions
6.1. Future Work
6.1.1. Attackers Can Affect Transfer Probabilities
6.1.2. Multiple Attackers with Multiple Attacks
6.1.3. Learning IDD Games
6.1.4. Other Open Problems
- What is the computational complexity of the problem of computing equilibria of single-attack IDD games with arbitrary transfer vulnerability? (e.g., a single, multiple or all MSNE? MSNE with particular properties?)
- How is the complexity affected by network structure or restrictions on the aggressors’ available strategies? While we provide FPTAS for approximate MSNE in single-attack IDD games with arbitrary transfer vulnerability values and directed tree graphs over the sites, it is fair to say that there is more work to do in that direction. A particularly interesting question is whether we can establish PPAD-completeness results for arbitrary single-attack IDD games. That would strengthen the hardness (NP-complete) result we present in Section 4.2. The relationship between single-attack IDD games and graphical polymatrix games seems particularly close. Perhaps one may be able to apply existing results on the PPAD-completeness of certain classes of graphical polymatrix games to establish PPAD-completeness in our context. A promising direction is to pursue potential reductions using results such as those of (Cai and Daskalakis , Theorem 1.2) and (Daskalakis et al. , Lemma 6.3) on (graphical) polymatrix games with “strictly competitive games on the edges” and on 3-additive graphical Nash, respectively.
6.2. Summary of Contributions
Conflicts of Interest
|BRGD||best-response gradient dynamics|
|DP||dynamic programming (or program)|
|FPTAS||fully polynomial-time approximation scheme|
|IDD||interdependent security games|
|MSNE||mixed-strategy Nash equilibrium (or equilibria)|
|PSNE||pure-strategy Nash equilibrium (or equilibria)|
|SBRD||smooth best-response dynamics|
|n||number of sites|
|action (pure strategy) of site i: (“invest”) or ("not invest")|
|joint action (pure strategy) for all sites:|
|pure strategy of attacker|
|component of attacker’s pure strategy corresponding to site i (i.e., ):|
|if attacker directly targets site i; otherwise|
|cost to site i of investing in security|
|cost to attacker for directly targeting site i|
|loss to site i should it experience the “bad event”|
|probability that the transfer of the “bad event” will not caught|
|given site i invest in security (i.e., )|
|conditional probability that site i experience the “bad event”|
|given that site i was a direct target (Equation (8))|
|conditional probability that site j experience the “bad event” (Equation (9))|
|as result of a transfer from site i|
|matrix composed of the ’s (Definition 5)|
|ratio of cost to conditional expected loss (Equation (13)):|
|G||directed network graph of sites:|
|set of sites that are parent of site i in G|
|site i’s parent family:|
|set of sites that are children of site i in G|
|site i’s children family:|
|probability that site i is safe from j (Equation (10)):|
|external overall safety of site i (Equation (11)):|
|external overall risk of site i (Equation (11)):|
|cost function of site i (Equation (12)):|
|payoff function of attacker (Equation (16))|
|site i’s individual mixed strategy: probability of investing|
|(i.e., probability assigned to )|
|joint mixed strategy of all sites:|
|P||mixed strategy of attacker|
|probability that attacker directly targets site i:|
|probability of no attack: ; under Assumption 3,|
|compact representation of attacker’s mixed strategy under Assumption 3: ,|
|expected payoff of attacker under Assumption 3 (Equation (44)):|
|external overall risk of site i|
|when the sites in use joint action (Equation (34)):|
Appendix B. Proofs Missing from the Main Body of the Article
Appendix B.1. Proof of Lemma 1
Appendix B.2. Proof of Proposition 1
Appendix B.3. Proof of Proposition 2
- If there is some attack, then for some site , and for all , . In addition, because is consistent with the aggressor’s best response to , we have, using the condition given in Equation (46) above,
- If there is no attack, then . In this case, the site’s best-response conditions imply . From the attacker’s best-response condition we obtain
Appendix B.4. Proof of Proposition 3
Appendix B.5. Proof of Lemma 2
Appendix B.6. Proof of Proposition 4
Appendix B.7. Proof of Proposition 5
- There may not be an attack with probability of no attack equal to one minus the cost-to-conditional expected-loss of all defenders: for all defenders i .
- Every defender has non-zero chance of being attacked directly, and this probability equals the respective defender’s cost-to-conditional expected-loss of defender: for all defenders , .
- Every defender invests some but none does fully, and in particular, the probability a defender does not invest equals the respective cost-to-loss ratio to the attacker: for all defenders , .
- There is always an attack: .
- Every defender has non-zero chance of being attacked directly, and this probability equals the respective defender’s cost-to-conditional expected-loss of defender i: for all defenders , .
- No defender invests fully, and the possible investment probabilities are connected by a 1-d line segment in :
- There is always an attack: .
- There exists a non-singleton, non-empty subset , such that , if , and the following holds.
- No defender outside I invests or is attacked directly: and for all .
- Let . No defender in J invests and the probability of that defender being attacked directly is at most the defender’s cost-to-expected-loss ratio: for all , and ; in addition, .
- Every defender in partially invests and has positive probability of being attacked directly equal to the defender’s cost-to-expected-loss ratio: for all , and
Appendix B.8. Proof of Claim 1
Appendix B.9. Proof of Theorem 2
- There are players: two players for each clause and a player for each variable. The clause players and the variable players are indexed from 1 to and to , respectively.
- First, we find and such that . Next, we find such that . For completeness, we find . For each variable player , let , , , , and .The variable players are indifferent from playing the action “invest” or “not invest.”
- Next, using the values of the parameters defined above, we find , , , and such that . Indeed, such value is always possible as we can make α and y to be arbitrarily small so that .For each clause player such that , for all j. To set the remaining parameters, for each clause player , set , , , , and .
- Then, using the same values of the parameters defined for the variable players, we find , , , and such that .For each clause player such that , for all j. To set the remaining parameters, for each clause player , set , , , , and .
- Here, we construct a partial action profile for some of the players. In particular, for each clause player , and . Thus, we are giving a partial action profile of all clause players. For completeness, let .
Appendix C. Pseudocode for Exact Algorithm to Compute All MSNE in Single-Attack Fully-Transfer-Vulnerable IDD Games
|Algorithm A1: Compute All MSNE of a Fully Transfer-Vulnerable Single-Attack IDD Game.|
|Algorithm A2: Subroutine to Compute the Unique MSNE of a Fully Transfer-Vulnerable Single-Attack IDD Game with .|
|Algorithm A3: Subroutine to Compute (a Simple Linear Representation of) All MSNE of a Fully Transfer-Vulnerable Single-Attack IDD Game with .|
|Input: n, , ,|
|Output: The set of All MSNE for this Case|
|foreach to n do|
|Algorithm A4: Subroutine to Compute (a Simple Simplex Representation of) All MSNE of a Fully Transfer-Vulnerable Single-Attack IDD Game with .|
Appendix D. FPTAS for Computing an ϵ-MSNE in IDD Games with Directed-Tree Graphs
Appendix D.1. Directed Stars
Appendix D.1.1. Upstream Pass: Collection of Conditional ϵ-MSNE Computation
Appendix D.1.2. Downstream Pass: Assignment Phase
Appendix D.2. Directed Trees
Appendix E. Multiple Attackers
Appendix E.1. Pure Strategies
Appendix E.2. Mixed Strategies
- For all sites , the parent-family marginals agree, and
- the PMF decomposes as
Appendix E.3. Attackers with Limited Mixed Strategies
Appendix E.4. Brief Remarks on Computing Equilibria in Multi-Attacker Settings
- Bier, V.M.; Azaiez, M.N. Game Theoretic Risk Analysis of Security Threats; Springer: New York, NY, USA, 2009. [Google Scholar]
- Cárceles-Poveda, E.; Tauman, Y. A Strategic Analysis of the War against Transnational Terrorism. Games Eco. Behav. 2011, 7, 49–65. [Google Scholar] [CrossRef]
- Kunreuther, H.; Heal, G. Interdependent Security. J. Risk Uncertain. 2003, 26, 231–249. [Google Scholar] [CrossRef]
- Heal, G.; Kunreuther, H. IDS Models of Airline Security. J. Confl. Resolut. 2005, 49, 201–217. [Google Scholar] [CrossRef]
- O’Connor, A.; Schmitt, E. Terror Attempt Seen as Man Tries to Ignite Device on Jet. The New York Times, 2009. Available online: http://www.nytimes.com/2009/12/26/us/26plane.html (accessed on 31 August 2010).
- Gkonis, K.; Psaraftis, H. Container transportation as an interdependent security problem. J. Transp. Secur. 2010, 3, 197–211. [Google Scholar] [CrossRef]
- Johnson, B.; Grossklags, J.; Christin, N.; Chuang, J. Uncertainty in Interdependent Security Games. In Proceedings of the First International Conference on Decision and Game Theory for Security, GameSec’10, Berlin, Germany, 22–23 November 2010; Springer: Berlin/Heidelberg, Germany, 2010; pp. 234–244. [Google Scholar]
- Fultz, N.; Grossklags, J. Blue versus Red: Towards a Model of Distributed Security Attacks. In Financial Cryptography and Data Security; Dingledine, R., Golle, P., Eds.; Springer: Berlin/Heidelberg, Germany, 2009; pp. 167–183. [Google Scholar]
- Roy, S.; Ellis, C.; Shiva, S.; Dasgupta, D.; Shandilya, V.; Wu, Q. A Survey of Game Theory as Applied to Network Security. In Proceedings of the 2010 43rd Hawaii International Conference on System Sciences, HICSS ’10, Honolulu, HI, USA, 5–8 January 2010; IEEE Computer Society: Washington, DC, USA, 2010; pp. 1–10. [Google Scholar]
- Syverson, P.F.; Systems, A.C. A Different Look at Secure Distributed Computation. In Proceedings of the CSFW-10, Rockport, MA, USA, 10–12 June 1997; IEEE Computer Society Press: Washington, DC, USA, 1997; pp. 109–115. [Google Scholar]
- Lye, K.W.; Wing, J. Game Strategies in Network Security. In Proceedings of the Workshop on Foundations of Computer Security, Cape Breton, NS, Canada, 24–26 June 2002; pp. 1–2.
- Jain, M.; Korzhyky, D.; Vanek, O.; Conitzery, V.; Pechoucek, M.; Tambe, M. A Double Oracle Algorithm for Zero-Sum Security Games on Graphs. In Proceedings of the AAMAS, Taipei, Taiwan, 2–6 May 2011.
- Kiekintveld, C.; Jain, M.; Tsai, J.; Pita, J.; Ordóñez, F.; Tambe, M. Computing Optimal Randomized Resource Allocations for Massive Security Games. In Proceedings of the AAMAS, Budapest, Hungary, 10–15 May 2009; pp. 689–696.
- Korzhyk, D.; Conitzer, V.; Parr, R. Complexity of Computing Optimal Stackelberg Strategies in Security Resource Allocation Games. In Proceedings of the AAAI, Atlanta, GA, USA, 11–15 July 2010.
- Korzhyk, D.; Conitzer, V.; Parr, R. Security Games with Multiple Attacker Resources. In Proceedings of the IJCAI, Catalonia, Spain, 16–22 July 2011; pp. 273–279.
- Korzhyk, D.; Conitzer, V.; Parr, R. Solving Stackelberg Games with Uncertain Observability. In Proceedings of the AAMAS, Taipei, Taiwan, 2–6 May 2011; pp. 1013–1020.
- Smith, A.; Vorobeychik, Y.; Letchford, J. MultiDefender Security Games on Networks. SIGMETRICS Perform. Eval. Rev. 2014, 41, 4–7. [Google Scholar] [CrossRef]
- Lou, J.; Vorobeychik, Y. Equilibrium Analysis of Multi-Defender Security Games. In Proceedings of the International Joint Conference on Artificial Intelligence, Buenos Aires, Argentina, 25–31 July 2015.
- Laszka, A.; Lou, J.; Vorobeychik, Y. Multi-Defender Strategic Filtering Against Spear-Phishing Attacks. In Proceedings of the AAAI, Phoenix, AZ, USA, 12–17 February 2016.
- Liu, P. Incentive-Based Modeling and Inference of Attacker Intent, Objectives, and Strategies. In Proceedings of the 10th ACM Computer and Communications Security Conference (CCS’03), Washington, DC, USA, 27–30 October 2003; pp. 179–189.
- Cremonini, M.; Nizovtsev, D. Understanding and Influencing Attackers’ Decisions: Implications for Security Investment Strategies. In Proceedings of the Fifth Workshop on the Economics of Information Security (WEIS 2006), Cambridge, UK, 26–28 June 2006.
- Merlevede, J.S.A.; Holvoet, T. Game Theory and Security: Recent History and Future Directions. In Decision and Game Theory for Security, Proceedings of the 6th International Conference, GameSec 2015, London, UK, 4–5 November 2015; Khouzani, M., Panaousis, E., Theodorakopoulos, G., Eds.; Springer International Publishing: Cham, Switzerland, 2015; pp. 334–345. [Google Scholar]
- Agiwal, S.; Mohtadi, H. Risk Mitigating Strategies in the Food Supply Chain. In Proceedings of the American Agricultural Economics Assocation (Annual Meeting), Orlando, FL, USA, 27–29 July 2008.
- Dvijotham, K.; Chertkov, M.; Van Hentenryck, P.; Vuffray, M.; Misra, S. Graphical models for optimal power flow. Constraints 2016, 1–26. [Google Scholar] [CrossRef]
- Kearns, M.; Ortiz, L.E. Algorithms for Interdependent Security Games. In Proceedings of the Neural Information Processing Systems (NIPS), Whistler, BC, Canada, 11–13 December 2003.
- Gottlob, G.; Greco, G.; Scarcello, F. Pure Nash equilibria: Hard and easy games. J. Artif. Intell. Res. 2005, 24, 357–406. [Google Scholar]
- Gilboa, I.; Zemel, E. Nash and correlated equilibria: Some complexity considerations. Games Econ. Behav. 1989, 1, 80–93. [Google Scholar] [CrossRef]
- Chen, X.; Deng, X.; Teng, S.H. Settling the complexity of computing two-player Nash equilibria. J. ACM 2009, 56, 1–57. [Google Scholar] [CrossRef]
- Daskalakis, C.; Goldberg, P.W.; Papadimitriou, C.H. The Complexity of Computing a Nash Equilibrium. SIAM J. Comput. 2009, 39, 195–259. [Google Scholar] [CrossRef]
- Papadimitriou, C.H. On the Complexity of the Parity Argument and Other Inefficient Proofs of Existence. J. Comput. Syst. Sci. 1994, 48, 498–532. [Google Scholar] [CrossRef]
- Daskalakis, C.; Goldberg, P.W.; Papadimitriou, C.H. The complexity of computing a Nash equilibrium. Commun. ACM 2009, 52, 89–97. [Google Scholar] [CrossRef][Green Version]
- Conitzer, V.; Sandholm, T. New complexity results about Nash equilibria. Games Econ. Behav. 2008, 63, 621–641. [Google Scholar] [CrossRef]
- Shavitt, Y.; Shir, E. DIMES—Letting the Internet Measure Itself. Available online: http://www.arxiv.org/abs/cs.NI/0506099 (accessed on 25 January 2017).
- Shavitt, Y.; Shir, E. DIMES: Let the Internet Measure Itself. ACM SIGCOMM Comput. Commun. Rev. 2005, 35, 71–74. [Google Scholar] [CrossRef]
- Fudenberg, D.; Levine, D. The Theory of Learning in Games; MIT Press: Cambridge, MA, USA, 1999. [Google Scholar]
- Kearns, M. Graphical Games. In Algorithmic Game Theory; Nisan, N., Roughgarden, T., Éva, T., Vaziran, V.V., Eds.; Cambridge University Press: Cambridge, UK, 2007; pp. 159–180. [Google Scholar]
- Kearns, M.; Littman, M.; Singh, S. Graphical Models for Game Theory. In Proceedings of the Conference on Uncertainty in Artificial Intelligence, Seattle, WA, USA, 2–5 August 2001; pp. 253–260.
- Heal, G.; Kunreuther, H. You Only Die Once: Managing Discrete Interdependent Risks. Technical Report W9885. NBER, 2003. Working Paper. Available online: http://ssrn.com/abstract=430599 (accessed on 25 January 2017).
- Heal, G.; Kunreuther, H. Modeling Interdependent Risks. Risk Anal. 2007, 27, 621–634. [Google Scholar] [CrossRef] [PubMed]
- Ortiz, L.E. On Sparse Discretization for Graphical Games. CoRR 2014. abs/1411.3320. [Google Scholar]
- Irfan, M.T.; Ortiz, L.E. On influence, stable behavior, and the most influential individuals in networks: A game-theoretic approach. Artif. Intell. 2014, 215, 79–119. [Google Scholar] [CrossRef]
- Koller, D.; Friedman, N. Probabilistic Graphical Models: Principles and Techniques; MIT Press: Cambridge, MA, USA, 2009. [Google Scholar]
- Kakade, S.; Kearns, M.; Langford, J.; Ortiz, L. Correlated Equilibria in Graphical Games. In Proceedings of the 4th ACM conference on Electronic commerce, EC ’03, San Diego, CA, USA, 9–12 June 2003; ACM: New York, NY, USA, 2003; pp. 42–47. [Google Scholar]
- Aumann, R. Subjectivity and Correlation in Randomized Strategies. J. Math. Econ. 1974, 1, 67–96. [Google Scholar] [CrossRef]
- Aumann, R. Correlated Equilibrium as an Expression of Bayesian Rationality. Econometrica 1987, 55, 1–18. [Google Scholar] [CrossRef]
- Jaynes, E.T. Information Theory and Statistical Mechanics. Phys. Rev. 1957, 106, 620–630. [Google Scholar] [CrossRef]
- Kearns, M.; Ortiz, L.E. Algorithms for Interdependent Security Games. In Advances in Neural Information Processing Systems 16; Thrun, S., Saul, L.K., Schölkopf, B., Eds.; MIT Press: Cambridge, MA, USA, 2004; pp. 561–568. [Google Scholar]
- Dyer, M.; Frieze, A.; Kannan, R. A random polynomial time algorithm for approximating the volume of a convex body. JACM 1991, 38, 1–17. [Google Scholar] [CrossRef]
- Elkind, E.; Goldberg, L.A.; Goldberg, P.W. Nash Equilibria in Graphical Games on Trees Revisited. In Proceedings of the 7th ACM Conference on Electronic Commerce, EC ’06, Ann Arbor, MI, USA, 11–15 June 2006; pp. 100–109.
- Cai, Y.; Daskalakis, C. On Minmax Theorems for Multiplayer Games. In Proceedings of the Twenty-second Annual ACM-SIAM Symposium on Discrete Algorithms, SODA ’11, San Francisco, CA, USA, 23–25 January 2011; Society for Industrial and Applied Mathematics: Philadelphia, PA, USA, 2011; pp. 217–234. [Google Scholar]
- Singh, S.P.; Kearns, M.J.; Mansour, Y. Nash Convergence of Gradient Dynamics in General-Sum Games. In Proceedings of the UAI, Stanford, CA, USA, 30 June–3 July 2000; pp. 541–548.
- Kearns, M. Economics, Computer Science, and Policy. Issues Sci. Technol. Available online: http://issues.org/21-2/kearns/ (accessed on 25 January 2017).
- McKelvey, R.D.; Palfrey, T.R. Quantal Response Equilibria for Normal Form Games. Games Econ. Behav. 1995, 10, 6–38. [Google Scholar] [CrossRef]
- Kleinberg, J. Cascading Behavior in Networks: Algorithmic and Economic Issues. In Algorithmic Game Theory; Nisan, N., Roughgarden, T., Éva, Tardos., Vazirani, V.V., Eds.; Cambridge University Press: Cambridge, UK, 2007; pp. 613–632. [Google Scholar]
- Cover, T.M.; Thomas, J.A. Elements of Information Theory, 2nd ed.; Wiley & Sons: New York, NY, USA, 2006. [Google Scholar]
- Boyd, S.; Vandenberghe, L. Convex Optimization; Cambridge University Press: Cambridge, UK, 2006. [Google Scholar]
- Garey, M.R.; Johnson, D.S. Computers and Intractability: A Guide to the Theory of NP-Completeness; W. H. Freeman & Co.: New York, NY, USA, 1979. [Google Scholar]
- Vazirani, V.V. Approximation Algorithms; Springer: New York, NY, USA, 2001. [Google Scholar]
- Bellman, R.E. Dynamic Programming; Dover Publications: Mineola, NY, USA, 2003. [Google Scholar]
- Nash, J. Non-cooperative games. Ann. Math. 1951, 54, 286–295. [Google Scholar] [CrossRef]
- 1.Note that even if full screening were performed, the Christmas Day 2009 episode in Detroit  serves as a reminder that transfer risk still exists.
- 2.Throughout this article, we often used “attacker(s)” and “aggressor(s)” interchangeably as a way to remind the reader that our model handles a variety of interdependent security settings beyond airline or Internet infrastructure security.
- 3.We note that the original IDS games were also fully transfer-vulnerable and assumed one-hop transfers.
- 4.Or as Heal and Kunreuther  put it, “You Only Die Once.”
- 5.By we mean the power set of which equals .
- 6.A similar extension was also proposed independently by Heal and Kunreuther .
- 7.By “strategic” here we mean that the action of an individual entity may depend on those of others in the population.
- 8.We should note that the terms “” are actually strategically irrelevant, and could have been removed. That doing so is sound will become clear when we define the best-response correspondence of the attacker (Equation (17)). We decided to keep those terms to explicitly express the notion that the attacker does not care about the cost for investments that any player may incur.
- 9.Note that , because the term is not a function of .
- 10.In other words, is a Gibbs distribution with respect to the undirected “moralized” graph that results from adding an (undirected) edge among every pair of parents of every node to the original directed graph of the game and ignoring the directions of the edges in the original game graph. We refer the reader to Koller and Friedman  for a textbook introduction to concepts from probabilistic graphical models.
- 11.Note that this does not mean that the expected loss caused by a player that does not invest but is attacked, , is the same for all players.
- 12.Distinct ’s for the set of defenders at which the sum goes over one is sufficient to guarantee unique MSNE.
- 13.We note that proving that computing an MSNE in IDD games is PPAD-complete would be more appropriate, since there always exists an MSNE in IDD games, but we will leave that question for future work.
- 14.Recall the probability of no attack .
- 15.While some results presented here are for a single instance of the Internet game for each ϵ, the results are typical of multiple instances. Our observations are robust to the experimental randomness in both the Internet game parameters and the initialization of BRGD. For the sake of simplicity of presentation, we discuss results based on a single instance of the Internet game, and in some cases based on a single BRGD run. Note that, for each ϵ value we considered, the Internet game parameters remain constant within different BRGD runs. BRGD always converged within 2000 iterations (except 6 runs for ).
- 16Throughout the proof, to simplify notation, we drop the ‘*’ superscript used in the main text to denote MSNE.
- 17Note that , thus consistent with the notation. Note also that, when clear from context, singleton sets are denoted without the set bracket.
- 18By defining the cost functions of each player i this way, i.e., based on the definition of the attack function given, we are implicitly subscribing to the “you only die once” principle , because even if multiple attacks on any site i are successful, the loss induced by the attack is the same as if a single attack were successful. Variations of this model that would make depend on the number of successful attacks that are possible, but not pursued here. Also, in the case of multiple attackers, one may consider a function of , and more specifically, the number of attacks on site i.
|Model Parameters||Fixed: Random:|
© 2017 by the authors; licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).
Share and Cite
Chan, H.; Ceyko, M.; Ortiz, L. Interdependent Defense Games with Applications to Internet Security at the Level of Autonomous Systems. Games 2017, 8, 13. https://doi.org/10.3390/g8010013
Chan H, Ceyko M, Ortiz L. Interdependent Defense Games with Applications to Internet Security at the Level of Autonomous Systems. Games. 2017; 8(1):13. https://doi.org/10.3390/g8010013Chicago/Turabian Style
Chan, Hau, Michael Ceyko, and Luis Ortiz. 2017. "Interdependent Defense Games with Applications to Internet Security at the Level of Autonomous Systems" Games 8, no. 1: 13. https://doi.org/10.3390/g8010013