@inproceedings{aa3230a0aec64069a83509141cdbc153,
title = "Are security experts useful? Bayesian Nash equilibria for network security games with limited information",
abstract = "A common assumption in security research is that more individual expertise unambiguously leads to a more secure overall network. We present a game-theoretic model in which this common assumption does not hold. Our findings indicate that expert users can be not only invaluable contributors, but also free-riders, defectors, and narcissistic opportunists. A direct application is that user education needs to highlight the cooperative nature of security, and foster the community sense, in particular, of higher skilled computer users. As a technical contribution, this paper represents, to our knowledge, the first formal study to quantitatively assess the impact of different degrees of information security expertise on the overall security of a network.",
keywords = "Bounded Rationality, Game Theory, Limited Information, Security Economics",
author = "Benjamin Johnson and Jens Grossklags and Nicolas Christin and John Chuang",
year = "2010",
doi = "10.1007/978-3-642-15497-3_36",
language = "English",
isbn = "3642154964",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer Verlag",
pages = "588--606",
booktitle = "Computer Security, ESORICS 2010 - 15th European Symposium on Research in Computer Security, Proceedings",
note = "15th European Symposium on Research in Computer Security, ESORICS 2010 ; Conference date: 20-09-2010 Through 22-09-2010",
}