A game theoretical method for cost-benefit analysis of malware dissemination prevention

Spyridopoulos, T., Maraslis, K., Mylonas, A., Tryfonas, T. and Oikonomou, G. (2015) A game theoretical method for cost-benefit analysis of malware dissemination prevention. Information Security Journal: A Global Perspective, 24 (4-6). pp. 164-176. ISSN 1939-3555 Available from: http://eprints.uwe.ac.uk/28312

PDF - Accepted Version
Available under License All Rights Reserved.


Publisher's URL: http://dx.doi.org/10.1080/19393555.2015.1092186


Literature in malware proliferation focuses on modeling and analysing its spread dynamics. Epidemiology models, which are inspired by the characteristics of biological disease spread in human populations, have been used against this threat to analyze the way malware spreads in a network. This work presents a modified version of the commonly used epidemiology models Susceptible Infected Recovered (SIR) and Susceptible Infected Susceptible (SIS), which incorporates the ability to capture the relationships between nodes within a network, along with their effect on malware dissemination process. Drawing upon a model that illustrates the network’s behavior based on the attacker’s and the defender’s choices, we use game theory to compute optimal strategies for the defender to minimize the effect of malware spread, at the same time minimizing the security cost. We consider three defense mechanisms: patch, removal, and patch and removal, which correspond to the defender’s strategy and use probabilistically with a certain rate. The attacker chooses the type of attack according to its effectiveness and cost. Through the interaction between the two opponents we infer the optimal strategy for both players, known as Nash Equilibrium, evaluating the related payoffs. Hence, our model provides a cost-benefit risk management framework for managing malware spread in computer networks.

Item Type:Article
Additional Information:This is an Accepted Manuscript of an article published by Taylor & Francis in Information Security Journal: A Global Perspective on 09 October 2015, available online: http://www.tandfonline.com/10.1080/19393555.2015.1092186
Uncontrolled Keywords:epidemiology models, game theory, malware proliferation, network security, SIR, SIS
Faculty/Department:Faculty of Environment and Technology > Department of Computer Science and Creative Technologies
ID Code:28312
Deposited By: T. Spyridopoulos
Deposited On:16 Mar 2016 14:16
Last Modified:10 Oct 2016 08:52

Request a change to this item

Total Document Downloads in Past 12 Months

Document Downloads

Total Document Downloads

More statistics for this item...