Simulation and Game-Theoretic Analysis of an Attacker-Defender Game

  • Alan Nochenson
  • C. F. Larry Heimann
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7638)


This paper uses agent-based simulation to determine appropriate strategies for attackers and defenders in a simple network security game, using a method which is generalizable to many other security games. In this game, both sides are modeled as strategic entities. The attacker is trying to maximize the amount of damage he causes, and the defender is trying to minimize her loss subject to cost constraints. Through simulation, we derive Nash equilibrium strategies for each side under a variety of cost conditions in order to better inform network administrators about attacker behaviors and possible mitigations.


security game theory agent-based modeling and simulation 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Allais, M.: Le comportement de l’homme rationnel devant le risque: Critique des postulats et axiomes de l’école Américaine. Econometrica 21, 503–546 (1953)MathSciNetzbMATHCrossRefGoogle Scholar
  2. 2.
    Anderson, R., Moore, T.: The economics of information security. Science 314(5799), 610–613 (2006)CrossRefGoogle Scholar
  3. 3.
    Ariely, D.: Predictably Irrational: The Hidden Forces That Shape Our Decisions. HarperCollins (February 2008)Google Scholar
  4. 4.
    Baldwin, A., Beres, Y., Duggan, G.B., Mont, M.C., Johnson, H., Middup, C., Shiu, S.: Economic methods and decision making by security professionals. In: The Tenth Workshop on Economics and Information Security, WEIS 2011 (2011)Google Scholar
  5. 5.
    Chia, P.H., Chuang, J.: Colonel Blotto in the Phishing War. In: Baras, J.S., Katz, J., Altman, E. (eds.) GameSec 2011. LNCS, vol. 7037, pp. 201–218. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  6. 6.
    Chia, P.H.: Colonel Blotto in web security. In: The Eleventh Workshop on Economics and Information Security, WEIS Rump Session (2012)Google Scholar
  7. 7.
    Fultz, N., Grossklags, J.: Blue versus Red: Towards a Model of Distributed Security Attacks. In: Dingledine, R., Golle, P. (eds.) FC 2009. LNCS, vol. 5628, pp. 167–183. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  8. 8.
    Grossklags, J., Christin, N., Chuang, J.: Security and insurance management in networks with heterogeneous agents. In: Proceedings of the 9th ACM Conference on Electronic Commerce, EC 2008, pp. 160–169. ACM, New York (2008)CrossRefGoogle Scholar
  9. 9.
    Grossklags, J., Johnson, B.: Uncertainty in the weakest-link security game. In: Proceedings of the First ICST International Conference on Game Theory for Networks, GameNets 2009, pp. 673–682. IEEE Press, Piscataway (2009)CrossRefGoogle Scholar
  10. 10.
    Hausken, K.: Protecting complex infrastructures against multiple strategic attackers. Intern. J. Syst. Sci. 42(1), 11–29 (2011)MathSciNetzbMATHCrossRefGoogle Scholar
  11. 11.
    Heal, G., Kunreuther, H.: You only die once: Managing discrete interdependent risks. In: Columbia Business School and Wharton Risk Management and Decision Processes (2002)Google Scholar
  12. 12.
    Heimann, C.F.L., Nochenson, A.: The effects of loss profiles in interdependent network security. In: The World Congress on Internet Security, WorldCIS (2012)Google Scholar
  13. 13.
    Heimann, C.F.L., Nochenson, A.: Identifying Tipping Points in a Decision-Theoretic Model of Network Security. ArXiv e-prints (March 2012)Google Scholar
  14. 14.
    Johnson, B., Böhme, R., Grossklags, J.: Security Games with Market Insurance. In: Baras, J.S., Katz, J., Altman, E. (eds.) GameSec 2011. LNCS, vol. 7037, pp. 117–130. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  15. 15.
    Johnson, B., Grossklags, J., Christin, N., Chuang, J.: Uncertainty in Interdependent Security Games. In: Alpcan, T., Buttyán, L., Baras, J.S. (eds.) GameSec 2010. LNCS, vol. 6442, pp. 234–244. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  16. 16.
    Kahneman, D., Tversky, A.: Prospect theory: An analysis of decision under risk. Econometrica 47(2), 263–291 (1979)zbMATHCrossRefGoogle Scholar
  17. 17.
    Kunreuther, H., Heal, G.: Interdependent security. Journal of Risk and Uncertainty 26, 231–249 (2003)zbMATHCrossRefGoogle Scholar
  18. 18.
    Macal, C.M., North, M.J.: Tutorial on agent-based modeling and simulation. In: 2005 Winter Simulation Conference (2005)Google Scholar
  19. 19.
    Naraine, R.: Adobe warns of flash player zero-day attack (2011),
  20. 20.
    Nochenson, A., Heimann, C.F.L.: Optimal security investments in networks of varying size and topology. In: International Workshop on Socio-Technical Aspects in Security and Trust (2012)Google Scholar
  21. 21.
    Pratt, J.W.: Risk Aversion in the Small and in the Large. Econometrica 32 (1964)Google Scholar
  22. 22.
    Stocco, G.F., Cybenko, G.: Exploiting Adversary’s Risk Profiles in Imperfect Information Security Games. In: Baras, J.S., Katz, J., Altman, E. (eds.) GameSec 2011. LNCS, vol. 7037, pp. 22–33. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  23. 23.
    Varian, H.R.: System reliability and free riding. In: Economics of Information Security, Kluwer 2004, pp. 1–15. Kluwer Academic Publishers (2004)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Alan Nochenson
    • 1
  • C. F. Larry Heimann
    • 2
  1. 1.College of Information Sciences and TechnologyPenn State UniversityUSA
  2. 2.Information Systems DepartmentCarnegie Mellon UniversityUSA

Personalised recommendations