TY - JOUR
T1 - Exponential discounting in security games of timing
AU - Merlevede, Jonathan
AU - Johnson, Benjamin
AU - Grossklags, Jens
AU - Holvoet, Tom
N1 - Publisher Copyright:
© 2021 The Author.
PY - 2021
Y1 - 2021
N2 - Strategic game models of defense against stealthy, targeted attacks that cannot be prevented but only mitigated are the subject of a significant body of recent research, often in the context of advanced persistent threats (APTs). In these game models, the timing of attack and defense moves plays a central role. A common assumption, in this literature, is that players are indifferent between costs and gains now and those in the distant future, which conflicts with the widely accepted treatment of intertemporal choice across economic contexts. This article investigates the significance of this assumption by studying changes in optimal player behavior when introducing time discounting. Specifically, we adapt a popular model in the games of timing literature, the FlipIt model, by allowing for exponential discounting of gains and costs over time. We investigate changes of best responses and the location of Nash equilibria through analysis of two well-known classes of player strategies: those where the time between players' moves is constant, and a second class where the time between players' moves is stochastic and exponentially distributed. By introducing time discounting in the framework of games of timing, we increase its level of realism as well as applicability to organizational security management, which is in dire need of sound theoretic work to respond to sophisticated, stealthy attack vectors.
AB - Strategic game models of defense against stealthy, targeted attacks that cannot be prevented but only mitigated are the subject of a significant body of recent research, often in the context of advanced persistent threats (APTs). In these game models, the timing of attack and defense moves plays a central role. A common assumption, in this literature, is that players are indifferent between costs and gains now and those in the distant future, which conflicts with the widely accepted treatment of intertemporal choice across economic contexts. This article investigates the significance of this assumption by studying changes in optimal player behavior when introducing time discounting. Specifically, we adapt a popular model in the games of timing literature, the FlipIt model, by allowing for exponential discounting of gains and costs over time. We investigate changes of best responses and the location of Nash equilibria through analysis of two well-known classes of player strategies: those where the time between players' moves is constant, and a second class where the time between players' moves is stochastic and exponentially distributed. By introducing time discounting in the framework of games of timing, we increase its level of realism as well as applicability to organizational security management, which is in dire need of sound theoretic work to respond to sophisticated, stealthy attack vectors.
KW - APT
KW - discounting
KW - game theory
KW - games of timing
UR - http://www.scopus.com/inward/record.url?scp=85127335169&partnerID=8YFLogxK
U2 - 10.1093/cybsec/tyaa008
DO - 10.1093/cybsec/tyaa008
M3 - Article
AN - SCOPUS:85127335169
SN - 2057-2085
VL - 7
JO - Journal of Cybersecurity
JF - Journal of Cybersecurity
IS - 1
M1 - tyaa008
ER -