TY - GEN
T1 - Are security experts useful? Bayesian Nash equilibria for network security games with limited information
AU - Johnson, Benjamin
AU - Grossklags, Jens
AU - Christin, Nicolas
AU - Chuang, John
PY - 2010
Y1 - 2010
N2 - A common assumption in security research is that more individual expertise unambiguously leads to a more secure overall network. We present a game-theoretic model in which this common assumption does not hold. Our findings indicate that expert users can be not only invaluable contributors, but also free-riders, defectors, and narcissistic opportunists. A direct application is that user education needs to highlight the cooperative nature of security, and foster the community sense, in particular, of higher skilled computer users. As a technical contribution, this paper represents, to our knowledge, the first formal study to quantitatively assess the impact of different degrees of information security expertise on the overall security of a network.
AB - A common assumption in security research is that more individual expertise unambiguously leads to a more secure overall network. We present a game-theoretic model in which this common assumption does not hold. Our findings indicate that expert users can be not only invaluable contributors, but also free-riders, defectors, and narcissistic opportunists. A direct application is that user education needs to highlight the cooperative nature of security, and foster the community sense, in particular, of higher skilled computer users. As a technical contribution, this paper represents, to our knowledge, the first formal study to quantitatively assess the impact of different degrees of information security expertise on the overall security of a network.
UR - http://www.scopus.com/inward/record.url?scp=78049362316&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=78049362316&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-15497-3_36
DO - 10.1007/978-3-642-15497-3_36
M3 - Conference contribution
AN - SCOPUS:78049362316
SN - 3642154964
SN - 9783642154966
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 588
EP - 606
BT - Computer Security, ESORICS 2010 - 15th European Symposium on Research in Computer Security, Proceedings
PB - Springer Verlag
T2 - 15th European Symposium on Research in Computer Security, ESORICS 2010
Y2 - 20 September 2010 through 22 September 2010
ER -