survey

Game Theory for Cyber Security and Privacy

Authors:

Nguyen H. Tran,

Choongseon Hong,

Charles A. Kamhoua,

Kevin A. Kwiat,

Sundaraja Sitharama IyengarAuthors Info & Claims

ACM Computing Surveys (CSUR), Volume 50, Issue 2

Article No.: 30, Pages 1 - 37

https://doi.org/10.1145/3057268

Published: 10 May 2017 Publication History

Abstract

In this survey, we review the existing game-theoretic approaches for cyber security and privacy issues, categorizing their application into two classes, security and privacy. To show how game theory is utilized in cyberspace security and privacy, we select research regarding three main applications: cyber-physical security, communication security, and privacy. We present game models, features, and solutions of the selected works and describe their advantages and limitations from design to implementation of the defense mechanisms. We also identify some emerging trends and topics for future research. This survey not only demonstrates how to employ game-theoretic approaches to security and privacy but also encourages researchers to employ game theory to establish a comprehensive understanding of emerging security and privacy problems in cyberspace and potential solutions.

References

[1]

Alfssandro Acquisti and Jens Grossklags. 2005. Privacy and rationality in individual decision making. IEEE Security 8 Privacy 3, 1 (Jan. 2005), 26--33.

Digital Library

[2]

Rosa Karimi Adl, Mina Askari, Ken Barker, and Reihaneh Safavi-Naini. 2012. Privacy consensus in anonymization systems via game theory. In Proceedings of the 26th Annual IFIP WG Working Conference on Data and Applications Security and Privacy, Vol. 7371. 74--89.

Digital Library

[3]

Khajonpong Akkarajitsakul, Ekram Hossain, and Dusit Niyato. 2013. Cooperative packet delivery in hybrid wireless mobile networks: A coalitional game approach. IEEE Trans. Mobile Comput. 12, 5 (May 2013), 840--854.

Digital Library

[4]

Kalliopi Anastasopoulou, Theo Tryfonas, and Spyros Kokolakis. 2013. Strategic interaction analysis of privacy-sensitive end-users of cloud-based mobile apps. In Proceedings of Human Aspects of Information Security, Privacy, and Trust. 209--216.

[5]

Munnujahan Ara, Hugo Reboredo, Samah a. M. Ghanem, and Miguel R. D. Rodrigues. 2012. A zero-sum power allocation game in the parallel Gaussian wiretap channel with an unfriendly jammer. In Proceeding of the IEEE International Conference on Communication Systems (ICCS). 60--64.

[6]

Gilad Asharov, Ran Canetti, and Carmit Hazay. 2011. Towards a game theoretic view of secure computation. In Proceedings of Advances in Cryptology (EUROCRYPT). 426--445.

Digital Library

[7]

Tamer Basar. 1995. H/sup/ control of large scale jump linear systems via averaging and aggregation. In Proceedings of the 1995 34th IEEE Conference on Decision and Control, Vol. 3. 2574--2579.

[8]

Tamer Basar and Pierre Bernhard. 2008. H-infinity Optimal Control and Related Minimax Design Problems: A Dynamic Game Approach. Springer Science 8 Business Media.

[9]

Harkeerat Singh Bedi, Sankardas Roy, and Sajjan Shiva. 2011. Game theory-based defense mechanisms against DDoS attacks on TCP/TCP-friendly flows. In Proceeding of IEEE Symposium on Computational Intelligence in Cyber Security (CICS). 129--136.

[10]

Jeremiah Blocki, Nicolas Christin, Anupam Datta, and Arunesh Sinha. 2012. Audit mechanisms for provable risk management and accountable data governance. In Proceedings of Decision and Game Theory for Security, GameSec. Vol. 7638, LNCS. Springer, 38--59.

[11]

Stephan Bohacek, Joao Hespanha, Junsoo Lee, Chansook Lim, and Katia Obraczka. 2007. Game theoretic stochastic routing for fault tolerance and security in computer networks. IEEE Trans. Parallel Distrib. Syst. 18, 9 (Sep. 2007), 1227--1240.

Digital Library

[12]

S. Buchegger and J.-Y. Le Boudec. 2002. Nodes bearing grudges: Towards routing security, fairness, and robustness in mobile ad hoc networks. In Proceedings of the 10th Euromicro Workshop on Parallel, Distributed and Network-Based Processing.

Digital Library

[13]

Levente Buttyan and Jean-Pierre Hubaux. 2001. Nuglets: A Virtual Currency to Stimulate Cooperation in Self-organized Mobile Ad Hoc Networks. Technical Report.

[14]

Bogdan Carbunar, Mahmudur Rahman, and Niki Pissinou. 2013. A survey of privacy vulnerabilities and defenses in geosocial networks. IEEE Commun. Mag. 51, 11 (Nov. 2013), 114--119.

[15]

Sivadon Chaisiri, Ryan K. L. Ko, and Dusit Niyato. 2015. A joint optimization approach to security-as-a-service allocation and cyber insurance management. In Proceedings of the 2015 IEEE Trustcom/BigDataSE/ISPA. IEEE, 426--433.

Digital Library

[16]

Pin-yu Chen, Shin-Ming Cheng, and Kwang-Cheng Chen. 2012. Smart attacks in smart grid communication networks. IEEE Commun. Mag. 50, 8 (Aug 2012), 24--29.

[17]

Tingting Chen, Liehuang Wu, Fan Wu, and Sheng Zhong. 2011. Stimulating cooperation in vehicular ad hoc networks: A coalitional game theoretic approach. IEEE Trans. Vehic. Technol. 60, 2 (Feb 2011), 566--579.

[18]

Xiangqian Chen, Kia Makki, Kang Yen, and Niki Pissinou. 2009. Sensor network security: A survey. IEEE Commun. Surv. Tutor. 11, 2 (Jun 2009), 52--73.

Digital Library

[19]

Keywhan Chung, Charles A. Kamhoua, Kevin A. Kwiat, Zbigniew T. Kalbarczyk, and Ravishankar K. Iyer. 2016. Game theory with learning for cyber security monitoring. In Proceedings of the 2016 IEEE 17th International Symposium on High Assurance Systems Engineering (HASE). IEEE, 1--8.

Digital Library

[20]

CSIS. 2014. Significant Cyber Incidents Since 2006. Technical Report. Retrieved from http://csis.org/files/publication/131010.

[21]

Tomáš Denemark and Jessica Fridrich. 2014. Detection of content adaptive LSB matching (a game theory approach). In Proceeding of IS8T/SPIE Electronic Imaging. International Society for Optics and Photonics.

[22]

Brahim Djebaili, Christophe Kiennert, Jean Leneutre, and Lin Chen. 2014. Data integrity and availability verification game in untrusted cloud storage. In Proceedings of the Conference on Decision and Game Theory for Security (GameSec). 287--306.

[23]

Junqi Duan, Deyun Gao, Dong Yang, Chuan Foh, and Hsiao-Hwa Chen. 2014. An energy-aware trust derivation scheme with game theoretic approach in wireless sensor networks for IoT applications. IEEE Internet Things J. 1, 1 (may 2014), 58--69.

[24]

Rania El-Badry and Mohamed Younis. 2012. Providing location anonymity in a multi-base station wireless sensor network. In Proceedings of IEEE International Conference on Communications (ICC). 157--161.

[25]

AbdelRahman Eldosouky, Walid Saad, Charles Kamhoua, and Kevin Kwiat. 2015. Contract-theoretic resource allocation for critical infrastructure protection. In Proceedings of the 2015 IEEE Global Communications Conference (GLOBECOM’15). IEEE, 1--6.

[26]

Mark Felegyhazi, J.-P. Hubaux, and Levente Buttyan. 2006. Nash equilibria of packet forwarding strategies in wireless ad hoc networks. IEEE Trans. Mobile Comput. 5, 5 (May 2006), 463--476.

Digital Library

[27]

Axel Franzen and Sonja Pointner. 2012. Anonymity in the dictator game revisited. J. Econ. Behav. Organiz. 81, 1 (Jan 2012), 74--81.

[28]

Julien Freudiger, Mohammad Hossein Manshaei, Jean-Pierre Hubaux, and David C. Parkes. 2009. On non-cooperative location privacy: A game-theoretic analysis. In Proceedings of the 16th ACM Conference on Computer and Communications Security. 324--337.

Digital Library

[29]

Georg Fuchsbauer, Jonathan Katz, and David Naccache. 2010. Efficient rational secret sharing in standard communication networks. In Proceeding of the 7th Theory of Cryptography Conference, Vol. 5978 LNCS. 419--436.

Digital Library

[30]

Neal Fultz and Jens Grossklags. 2009. Blue versus red: Towards a model of distributed security attacks. In Proceeding of Financial Cryptography and Data Security. Springer, Berlin, 167--183.

Digital Library

[31]

Evrim Furuncu and Ibrahim Sogukpinar. 2015. Scalable risk assessment method for cloud computing using game theory (CCRAM). Comput. Stand. Interf. 38 (Feb. 2015), 44--50.

Digital Library

[32]

Tirthankar Ghosh, Niki Pissinou, and Kia Makki. 2004. Collaborative trust-based secure routing against colluding malicious nodes in multi-hop ad hoc networks. In Proceeding of the 29th Annual IEEE International Conference on Local Computer Networks. 224--231.

Digital Library

[33]

Ronen Gradwohl, Noam Livne, and Alon Rosen. 2013. Sequential rationality in cryptographic protocols. ACM Trans. Econ. Comput. 1, 1 (Jan. 2013), 1--37.

Digital Library

[34]

Christopher Griffin and Anna Squicciarini. 2012. Toward a game theoretic model of information release in social media with experimental results. In Proceedings of the IEEE Symposium on Security and Privacy Workshops. 113--116.

Digital Library

[35]

Adam Groce and Jonathan Katz. 2012. Fair computation with rational players. In Proceeding of Advances in Cryptology (EUROCRYPT’12), Vol. 7237 LNCS. 81--98.

Digital Library

[36]

Abhishek Gupta, Cedric Langbort, and Tamer Basar. 2010. Optimal control in the presence of an intelligent jammer with limited actions. In Proceeding of the 49th IEEE Conference on Decision and Control (CDC). 1096--1101.

[37]

Mohamed Hamdi and Habtamu Abie. 2014. Game-based adaptive security in the internet of things for ehealth. In Proceeding of IEEE International Conference on Communications. 920--925.

[38]

Yi Han, Tansu Alpcan, Jeffrey Chan, Christopher Leckie, and Benjamin I. P. Rubinstein. 2016. A game theoretical approach to defend against co-resident attacks in cloud computing: Preventing co-residence using semi-supervised learning. IEEE Trans. Inf. Forens. Secur. 11, 3 (Mar. 2016), 556--570.

Digital Library

[39]

Yezekael Hayel and Quanyan Zhu. 2015. Attack-aware cyber insurance for risk sharing in computer networks. In Proceedings of the 6th International Conference, GameSec 2015. 22--34.

[40]

Fei He, Jun Zhuang, Nageswara S. V. Rao, Chris Y. T. Ma, and David K. Y. Yau. 2013. Game-theoretic resilience analysis of cyber-physical systems. In Proceedings of the 2013 IEEE 1st International Conference on Cyber-Physical Systems, Networks, and Applications (CPSNA) (Aug. 2013), 90--95.

[41]

Fei He, Jun Zhuang, and United States. 2012. Game-theoretic analysis of attack and defense in cyber-physical network infrastructures. In Proceedings of the Industrial and Systems Engineering Research Conference.

[42]

Walter Houser. 2015. Could what happened to sony happen to us? IT Prof. 17, 2 (2015), 54--57.

Digital Library

[43]

IDC and NUS. 2014. The Link between Pirated Software and Cybersecurity Breaches. Technical Report. Retrieved from http://news.microsoft.com/download/presskits/dcu/docs/idc.

[44]

Anil Jade, Sanjay Kumar Madria, and Mark Linderman. 2009. Incentive based routing protocol for mobile peer to peer networks. In Proceeding of the 10th International Conference on Mobile Data Management: Systems, Services and Middleware. 285--292.

Digital Library

[45]

Maha Jebalia, Asma Ben Letaifa, Mohamed Hamdi, and Sami Tabbane. 2014. A revocation game model for secure cloud storage. In Proceeding of IEEE International Conference on High Performance Computing 8 Simulation (HPCS). 1016--1017.

[46]

Zhu Ji, Wei Yu, and K. J. Ray Liu. 2006. Cooperation enforcement in autonomous MANETs under noise and imperfect observation. In Proceeding of the 3rd Annual IEEE Communications Society on Sensor and Ad Hoc Communications and Networks. 460--468.

[47]

Zhu Ji, Wei Yu, and K. J. Ray Liu. 2010. A belief evaluation framework in autonomous MANETs under noisy and imperfect observation: Vulnerability analysis and cooperation enforcement. IEEE Trans. Mobile Comput. 9, 9 (Sep. 2010), 1242--1254.

Digital Library

[48]

Xinyu Jin, Niki Pissinou, Sitthapon Pumpichet, Charles A. Kamhoua, and Kevin A. Kwiat. 2013. Modeling cooperative, selfish and malicious behaviors for trajectory privacy preservation using bayesian game theory. In Proceeding of the 38th Annual IEEE Conference on Local Computer Networks. Sydney, 835--842.

[49]

Benjamin Johnson, Rainer Bohme, and Jens Grossklags. 2011. Security games with market insurance. In Proceedings of 2nd International Conference on Decision and Game Theory for Security. 117--130.

Digital Library

[50]

Benjamin Johnson, Pascal Schöttle, and Rainer Böhme. 2012. Where to hide the bits? In Proceedings of the Decision and Game Theory for Security, GameSec, Vol. 7638 LNCS. 1--17.

[51]

Daniel Kahneman. 2003. Maps of bounded rationality: Psychology for behavioral economics. Am. Econ. Rev. 93, 5 (Nov. 2003), 1449--1475.

[52]

M. Kaliappan and B. Paramasivan. 2015. Enhancing secure routing in mobile ad hoc networks using a dynamic bayesian signalling game model. Comput. Electr. Eng. 41, 1 (Jan. 2015), 301--313.

Digital Library

[53]

Charles Kamhoua, Andrew Martin, Deepak K. Tosh, Kevin A. Kwiat, Chad Heitzenrater, and Shamik Sengupta. 2015. Cyber-threats information sharing in cloud computing: A game theoretic approach. In Proceedings of the 2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing. IEEE, 382--389.

Digital Library

[54]

Charles A. Kamhoua, A. Ruan, A. Martin, and K. A. Kwiat. 2015. On the feasibility of an open-implementation cloud infrastructure: A game theoretic analysis. In Proceedings of the 2015 IEEE/ACM 8th International Conference on Utility and Cloud Computing (UCC). 217--226.

[55]

Charles A. Kamhoua, Patrick Hurley, Kevin A. Kwiat, and Joon S. Park. 2012a. Resilient voting mechanisms for mission survivability in cyberspace: Combining replication and diversity. Int. J. Netw. Secur. Appl. 4, 4 (Jul. 2012), 1--20.

[56]

Charles A. Kamhoua, Kevin Kwiat, and Joon S. Park. 2012b. A game theoretic approach for modeling optimal data sharing on online social networks. In Proceedings of the 9th International Conference on Electrical Engineering, Computing Science and Automatic Control (CCE). 1--6.

[57]

Charles A. Kamhoua, Kevin A. Kwiat, Mainak Chatterjee, Joon S. Park, and Patrick Hurley. 2013. Survivability in cyberspace using diverse replicas a game theoretic approach. J. Inf. Warfare 12, 2 (Jul. 2013), 27--40.

[58]

Charles A. Kamhoua, Kevin A. Kwiat, and Joon S. Park. 2012c. Surviving in cyberspace: A game theoretic approach. J. Commun. 7, 6 (Jun. 2012), 436--450.

[59]

Charles A. Kamhoua, Luke Kwiat, Kevin A. Kwiat, Joon S. Park, Ming Zhao, and Manuel Rodriguez. 2014. Game theoretic modeling of security and interdependency in a public cloud. In Proceedings of the IEEE 7th International Conference on Cloud Computing. 514--521.

Digital Library

[60]

Charles A. Kamhoua and Niki Pissinou. 2010. Mitigating selfish misbehavior in multi-hop networks using stochastic game theory. In Proceedings of the IEEE Local Computer Network Conference. 232--235.

Digital Library

[61]

Charles A. Kamhoua, Niki Pissinou, Alan Busovaca, and Kia Makki. 2010. Belief-free equilibrium of packet forwarding game in ad hoc networks under imperfect monitoring. In Proceedings of the International Performance Computing and Communications Conference. 315--324.

[62]

Charles A. Kamhoua, Niki Pissinou, and Kia Makki. 2011. Game theoretic modeling and evolution of trust in autonomous multi-hop networks: Application to network security and privacy. In Proceedings of the IEEE International Conference on Communications (ICC). 1--6.

[63]

Charles A. Kamhoua, Niki Pissinou, Kia Makki, Kevin Kwiat, and S. Sitharama Iyengar. 2012. Game theoretic analysis of users and providers behavior in network under scarce resources. In Proceeding of the International Conference on Computing, Networking and Communications (ICNC). 1149--1155.

[64]

Charles A. Kamhoua, Niki Pissinou, and S. Kami Makki. 2010. Game theoretic analysis of cooperation in autonomous multi hop networks: The consequences of unequal traffic load. In Proceedings of the IEEE Globecom Workshops. 1973--1978.

[65]

Charles A. Kamhoua, Manuel Rodriguez, and Kevin A. Kwiat. 2014. Testing for hardware trojans: A game-theoretic approach. In Proceedings of the 5th GameSec (Lecture Notes in Computer Science), Vol. 8840. Cham, 360--369.

[66]

Charles A. Kamhoua, Hong Zhao, Manuel Rodriguez, and Kevin A. Kwiat. 2016. A game-theoretic approach for testing for hardware trojans. IEEE Trans. Multi-Scale Comput. Syst. 2, 3 (Jul. 2016), 199--210.

[67]

Rajgopal Kannan and S. Sitharama Iyengar. 2004. Game-theoretic models for reliable path-length and energy-constrained routing with data aggregation in wireless sensor networks. IEEE J. Select. Areas Commun. 22, 6 (2004), 1141--1150.

Digital Library

[68]

Rajgopal Kannan, Srivatsan Srinivasagopalan, and S. Sitharama Iyengar. 2003. Strategic path reliability in information networks. In Proceedings of the 14th International Conference on Game Theory.

[69]

Murat Kantarcioglu and Wei Jiang. 2013. Incentive compatible privacy-preserving data analysis. IEEE Trans. Knowl. Data Eng. 25, 6 (Jun. 2013), 1323--1335.

Digital Library

[70]

Murat Kantarcioglu and Robert Nix. 2010. Incentive compatible distributed data mining. In Proceedings of the 2010 IEEE 2nd International Conference on Proceeding of Social Computing (SocialCom). 735--742.

Digital Library

[71]

Jonathan Katz. 2008. Bridging game theory and cryptography: Recent results and future directions. In Proceedings of the Theory of Cryptography Conference (TCC), Vol. 4948. 251--272.

Digital Library

[72]

Ad Ker, Patrick Bas, and Rainer Böhme. 2013. Moving steganography and steganalysis from the laboratory into the real world. In Proceedings of the 1st ACM Workshop on Information Hiding and Multimedia Security. 45--58.

Digital Library

[73]

Tanmay Khirwadkar, Kien C. Nguyen, David M. Nicol, and Tamer Basar. 2010. Methodologies for evaluating game theoretic defense against DDoS attacks. In Proceedings of the 2010 Winter Simulation Conference. 697--707.

Digital Library

[74]

Joshua A. Kroll, Ian C. Davey, and Edward W. Felten. 2013. The economics of bitcoin mining, or bitcoin in the presence of adversaries. In Proceedings of the Workshop on the Economics of Information Security. 1--21.

[75]

Sathish Alampalayam Kumar, Tyler Vealey, and Harshit Srivastava. 2016. Security in internet of things: Challenges, solutions and future directions. In Proceedings of the 2016 49th Hawaii International Conference on System Sciences (HICSS). IEEE, 5772--5781.

Digital Library

[76]

Kevin Kwiat, Alan Taylor, William Zwicker, Daniel Hill, Sean Wetzonis, and Shangping Ren. 2010. Analysis of binary voting algorithms for use in fault-tolerant and secure computing. In Proceedings of the International Conference on Computer Engineering and Systems. 269--273.

[77]

Luke Kwiat, Charles A. Kamhoua, Kevin A. Kwiat, Jian Tang, and Andrew Martin. 2015a. Security-aware virtual machine allocation in the cloud: A game theoretic approach. In Proceedings of IEEE Cloud Computing.

Digital Library

[78]

Luke Kwiat, Charles A. Kamhoua, Kevin A. Kwiat, Jian Tang, and Andrew Martin. 2015b. Security-aware virtual machine allocation in the cloud: A game theoretic approach. In Proceedings of the 2015 IEEE 8th International Conference on Cloud Computing. IEEE, 556--563.

Digital Library

[79]

Yuzhe Li, Ling Shi, Peng Cheng, Jiming Chen, and Daniel E. Quevedo. 2013. Jamming attack on cyber-physical systems: A game-theoretic approach. In Proceedings of the IEEE International Conference on Cyber Technology in Automation, Control and Intelligent Systems. 252--257.

[80]

Xiaohui Liang, Xu Li, Tom H. Luan, Rongxing Lu, Xiaodong Lin, and Xuemin Shen. 2012. Morality-driven data forwarding with privacy preservation in mobile social networks. IEEE Tran. Vehic. Technol. 61, 7 (Sep. 2012), 3209--3222.

[81]

Jingqiang Lin, Peng Liu, and Jiwu Jing. 2012. Using signaling games to model the multi-step attack-defense scenarios on confidentiality. In Proceedings of Decision and Game Theory for Security (GameSec), Vol. 7638 LNCS. 118--137.

[82]

Xinxin Liu, Kaikai Liu, Linke Guo, Xiaolin Li, and Yuguang Fang. 2013b. A game-theoretic approach for achieving k-anonymity in location based services. In Proceedings of IEEE INFOCOM. 2985--2993.

[83]

Yuling Liu, Dengguo Feng, Yifeng Lian, Kai Chen, and Yingjun Zhang. 2013a. Optimal defense strategies for DDoS defender using bayesian game model. In Proceedings of Information Security Practice and Experience. 44--59.

[84]

Chris Y. T. Ma, Nageswara S. V. Rao, and David K. Y. Yau. 2011. A game theoretic study of attack and defense in cyber-physical systems. In Proceeding of 2011 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS). 708--713.

[85]

Chris Y. T. Ma, David K. Y. Yau, Xin Lou, and Nageswara S. V. Rao. 2013b. Markov game analysis for attack-defense of power networks under possible misinformation. IEEE Trans. Power Syst. 28, 2 (May 2013), 1676--1686.

[86]

Chris Y. T. Ma, David K. Y. Yau, and Nageswara S. V. Rao. 2013a. Scalable solutions of markov games for smart-grid infrastructure protection. IEEE Trans. Smart Grid 4, 1 (Mar. 2013), 47--55.

[87]

Zhanshan Sam Ma and Axel W. Krings. 2011. Dynamic hybrid fault modeling and extended evolutionary game theory for reliability, survivability and fault tolerance analyses. IEEE Trans. Reliabil. 60, 1 (Mar. 2011), 180--196.

[88]

George J. Mailath and Larry Samuelson. 2006. Repeated Games and Reputations: Long-Run Relationships.

[89]

Sonia Martinez. 2011. Stackelberg-game analysis of correlated attacks in cyber-physical systems. In Proceedings of the 2011 American Control Conference. 4063--4068.

[90]

Richard D. McKelvey and Thomas R. Palfrey. 2015. Erratum to: Quantal response equilibria for extensive form games (Exp Econ,). (2015).

[91]

Yilin Mo, Tiffany Hyun-Jin Kim, Kenneth Brancik, Dona Dickinson, Heejo Lee, Adrian Perrig, and Bruno Sinopoli. 2012. Cyber physical security of a smart grid infrastructure. Proceedings IEEE 100 100, 1 (Jan 2012), 195--209.

[92]

Noman Mohammed, Benjamin C. M. Fung, and Mourad Debbabi. 2011. Anonymity meets game theory: Secure data integration with malicious participants. Int. J. Very Large Data Bases 20, 4 (Aug. 2011), 567--588.

Digital Library

[93]

Maryam Mohi, Ali Movaghar, and Pooya Moradian Zadeh. 2009. A bayesian game approach for preventing DoS attacks in wireless sensor networks. In Proceedings of the 2009 WRI International Conference on Communications and Mobile Computing. 507--511.

Digital Library

[94]

Roger B. Myerson. 1991. Game Theory: Analysis of conict.

[95]

Satoshi Nakamoto. 2008. Bitcoin: A peer-to-peer electronic cash system. Consulted 1, 2012 (Oct 2008), 28--37.

[96]

Robert Nix and Murat Kantarcioglu. 2012. Contractual agreement design for enforcing honesty in cloud outsourcing. In Proceedings of Decision and Game Theory for Security, Vol. 7638 LNCS. 296--308.

[97]

Robert Nix and Murat Kantarciouglu. 2012. Incentive compatible privacy-preserving distributed classification. IEEE Transactions on Dependable and Secure Computing 9, 4 (May 2012), 451--462.

Digital Library

[98]

Dusit Niyato, Xiao Lu, Ping Wang, Dong In Kim, and Zhu Han. 2016. Economics of internet of things: An information market approach. IEEE Wireless Communications 23, 4 (Aug 2016), 136--145.

Digital Library

[99]

Mehrdad Nojoumian and Douglas R. Stinson. 2012. Socio-rational secret sharing as a new direction in rational cryptography. In Proceedings of Conference on Decision and Game Theory for Security, (GameSec), Vol. 7638 LNCS. 1--37.

[100]

Martin J. Osborne and Ariel Rubinstein. 1994. A Course in Game Theory. MIT press.

[101]

Ranjan Pal, Leana Golubchik, and Konstantinos Psounis. 2011. Aegis a novel cyber-insurance model. In Proceeding of the Second International Conference, GameSec. 131--150.

Digital Library

[102]

Ranjan Pal, Leana Golubchik, Konstantinos Psounis, and Pan Hui. 2014. Will cyber-insurance improve network security? A market analysis. In Proceedings of IEEE INFOCOM 2014. 235--243.

[103]

Ranjan Pal and Pan Hui. 2012. CyberInsurance for cybersecurity a topological take on modulating insurance premiums. ACM SIGMETRICS Performance Evaluation Review 40, 3 (Jan 2012), 86--88.

Digital Library

[104]

Emmanouil Panaousis and Tansu Alpcan. 2014. Secure message delivery games for device-to-device communications. In Proceedings of the Conference on Decision and Game Theory for Security (GameSec). 195--215.

[105]

Emmanouil Panaousis, Eirini Karapistoli, Hadeer Elsemary, Tansu Alpcan, M.H.R. Khuzani, and Anastasios A Economides. 2017. Game theoretic path selection to support security in device-to-device communications. Ad Hoc Networks 56 (2017), 28--42.

Digital Library

[106]

Joon S. Park, Sookyung Kim, Charles A. Kamhoua, and Ke A. Kwiat. 2012a. Optimal state management of data sharing in online social network (OSN) services. In Proceeding of Trust, Security and Privacy in Computing and Communications (TrustCom). 648--655.

Digital Library

[107]

Joon S. Park, Sookyung Kim, Charles A. Kamhoua, and Kevin A. Kwiat. 2012b. Towards trusted data management in online social network (OSN) services. In Proceedings of the IEEE World Congress on Internet Security (WorldCIS’12). 202--203.

[108]

Joon S. Park, Kevin A. Kwiat, Charles A. Kamhoua, Jonathan White, and Sookyung Kim. 2014. Trusted online social network (OSN) services with optimal data management. Computers and Security 42, 1 (May 2014), 116--136.

[109]

Viet Pham, M.H.R. Khouzani, and Carlos Cid. 2014. Optimal contracts for outsourced computation. In Proceedings of Conference on Decison and Game Theory for Security, GameSec. 79--98.

[110]

Sören Preibusch and Joseph Bonneau. 2010. The password game: Negative externalities from weak password practices. In Proceedings of Conference on Decison and Game Theory for Security, GameSec, Vol. 6442 LNCS. 192--207.

Digital Library

[111]

Antonino Rullo, Daniele Midi, Edoardo Serra, and Elisa Bertino. 2016. Strategic security resource allocation for internet of things. In Proceedings of the 2016 IEEE 36th International Conference on Distributed Computing Systems (ICDCS). IEEE, 737--738.

[112]

Walid Saad, Zhu Han, Tamer Basar, Merouane Debbah, and Are Hjorungnes. 2009. Physical layer security: Coalitional games for distributed cooperation. In Proceeding of the 7th International Symposium on Modeling and Optimization in Mobile, Ad Hoc, and Wireless Networks. 1--8.

Digital Library

[113]

Pascal Schottle, Aron Laszka, Benjamin Johnson, Jens Grossklags, and Rainer Bohme. 2013. A game-theoretic analysis of content-adaptive steganography with independent embedding. In Proceedings of the 21st European Signal Processing Conference (EUSIPCO). Marrakech, 1--5.

[114]

Dan Shen, Genshe Chen, Erik Blasch, and George Tadda. 2007a. Adaptive markov game theoretic data fusion approach for cyber network defense. In Proceeding of IEEE Military Communications Conference (MILCOM). 1--7.

[115]

Dan Shen, Genshe Chen, Jose B. Cruz, Jr., Leonard Haynes, Martin Kruger, and Erik Blasch. 2007b. A markov game theoretic data fusion approach for cyber situational awareness. In Proceeding of SPIE Defense+ Security, Vol. 3. 65710F--65710F.

[116]

Shigen Shen, Risheng Han, Lizheng Guo, Wei Li, and Qiying Cao. 2012. Survivability evaluation towards attacked WSNs based on stochastic game and continuous-time Markov chain. Applied Soft Computing Journal 12 (May 2012), 1467--1476.

Digital Library

[117]

Smitha Shivshankar and Abbas Jamalipour. 2014. An evolutionary game theory based approach for cooperation in VANETs under different network conditions. IEEE Transactions on Vehicular Technology PP, 99 (Jul 2014), 1--8.

[118]

Reza Shokri, George Theodorakopoulos, Carmela Troncoso, Jean-Pierre Hubaux, and Jean-Yves Le Boudec. 2012. Protecting location privacy. In Proceedings of the 2012 ACM Conference on Computer and Communications Security. 617--627.

Digital Library

[119]

Yasser Shoukry, Jose Araujo, Paulo Tabuada, Mani Srivastava, and Karl H. Johansson. 2013. Minimax control for cyber-physical systems under network packet scheduling attacks. In Proceedings of the 2nd ACM International Conference on High Confidence Networked Systems. 93--100.

Digital Library

[120]

Theodoros Spyridopoulos, G. Karanikas, Theodore Tryfonas, and Georgios Oikonomou. 2013. A game theoretic defence framework against DoS/DDoS cyber attacks. Computers 8 Security 38 (Oct 2013), 39--50.

Digital Library

[121]

Vikram Srinivasan, Pavan Nuggehalli, Carla-Fabiana Chiasserini, and Ramesh R. Rao. 2003. Cooperation in wireless ad hoc networks. In Proceedings of INFOCOM, Vol. 2. IEEE, 808--817.

[122]

Vivek Srivastava and Luiz DaSilva. 2006. Equilibria for node participation in Ad Hoc networks - An imperfect monitoring approach. In Proceedings of IEEE International Conference on Communications. 3850--3855.

[123]

Vivek Srivastava, James Neel, A. B. Mackenzie, Rekha Menon, L. A. Dasilva, J. E. Hicks, J. H. Reed, and R. P. Gilles. 2005. Using game theory to analyze wireless ad hoc networks. IEEE Commun. SurvTutor. 7, 4 (Jan 2005), 46--56.

Digital Library

[124]

Surendran Subbaraj and Prakash Sabarimuthu. 2014. EigenTrust-based non-cooperative game model assisting ACO look-ahead secure routing against selfishness. EURASIP J. Wireless Commun. Netw. 78, 1 (May 2014), 1--20.

[125]

Latanya Sweeney. 2002. k-anonymity: A model for protecting privacy. Int. J. Uncert. Fuzz. Knowl.-Based Syst. 10, 5 (Oct. 2002), 557--570.

Digital Library

[126]

Symantec. 2014. Internet Security Threats Report. Technical Report. Symantec. Retrieved from http://www.symantec.com/threatreport/.

[127]

Sapon Tanachaiwiwat, Pinalkumar Dave, Rohan Bhindwale, and Ahmed Helmy. 2004. Location-centric isolation of misbehavior and trust routing in energy-constrained sensor networks. In Proceeding of IEEE International Conference on Performance, Computing, and Communications. 463--469.

[128]

Deepak Tosh, Shamik Sengupta, Charles A. Kamhoua, Kevin Kwiat, and Andrew Martin. 2015a. An evolutionary game-theoretic framework for cyber-threat information sharing. In Proceeding of IEEE International Conference on Communications.

[129]

Deepak Tosh, Shamik Sengupta, Charles A. Kamhoua, and Kevin A. Kwiat. 2017. Establishing evolutionary game models for CYBer security information EXchange (CYBEX). J. Comput. System Sci. (Accepted Oct. 2017).

[130]

Deepak K. Tosh, Matthew Molloy, Shamik Sengupta, Charles A. Kamhoua, and Kevin A. Kwiat. 2015. Cyber-investment and cyber-information exchange decision modeling. In Proceedings of the 2015 IEEE 7th International Symposium on Cyberspace Safety and Security. IEEE, 1219--1224.

Digital Library

[131]

Deepak K. Tosh, Shamik Sengupta, Sankar Mukhopadhyay, Charles A. Kamhoua, and Kevin A. Kwiat. 2015b. Game theoretic modeling to enforce security information sharing among firms. In Proceedings of the 2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing. IEEE, 7--12.

Digital Library

[132]

Marie Vasek and Tyler Moore. 2014. Game-theoretic analysis of DDoS attacks against bitcoin mining pools. In Financial Cryptography and Data Security. 72--86.

[133]

Walid Saad, Anibal Sanjab, Yunpeng Wang, Charles A. Kamhoua, and Kevin Kwiat. 2017. Hardware trojan detection game: A prospect-theoretic approach. IEEE Trans. Vehic. Technol. (2017).

[134]

John Ross Wallrabenstein and Chris Clifton. 2013. For rational multiparty computation. In Proceeding of Decison and Game Theory for Security (GameSec). 226--245.

Digital Library

[135]

John Ross Wallrabenstein and Chris Clifton. 2014. Realizable rational multiparty cryptographic protocols. In Proceedings of Conference on Decison and Game Theory for Security (GameSec), Vol. 2014. 134--154.

[136]

Kun Wang, Miao Du, Dejun Yang, Chunsheng Zhu, Jian Shen, and Yan Zhang. 2016. Game-theory-based active defense for intrusion detection in cyber-physical embedded systems. ACM Trans. Embed. Comput. Syst. 16, 1 (Oct. 2016), 1--21.

Digital Library

[137]

Wenjing Wang, Mainak Chatterjee, and Kevin A. Kwiat. 2009. Coexistence with malicious nodes: A game theoretic approach. In Proceedings of the 2009 International Conference on Game Theory for Networks (GameNets). 277--286.

Digital Library

[138]

Wenbo Wang, Andres Kwasinski, and Zhu Han. 2014. A routing game in cognitive radio networks against routing-toward-primary-user attacks. In Proceeding of IEEE Wireless Communications and Networking Conference (WCNC), Vol. 3. 2510--2515.

[139]

Yufeng Wang, Akihiro Nakao, Athanasios V. Vasilakos, and Jianhua Ma. 2011. P2P soft security: On evolutionary dynamics of P2P incentive mechanism. Comput. Commun. 34, 3 (2011), 241--249.

Digital Library

[140]

Jonathan White, Joon S. Park, Charles A. Kamhoua, and Kevin A. Kwiat. 2013. Game theoretic attack analysis in online social network (OSN) services. In Proceedings of the IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining. Best Paper Award, 1012--1019.

Digital Library

[141]

Jonathan White, Joon S. Park, Charles A. Kamhoua, and Kevin A. Kwiat. 2014. Social network attack simulation with honeytokens. Soc. Netw. Anal. Min. 4, 1 (Jul. 2014), 1--14.

[142]

Qishi Wu, Sajjan Shiva, Sankardas Roy, Charles Ellis, and Vivek Datla. 2010. On modeling and simulation of game theory-based defense mechanisms against DoS and DDoS attacks. In Proceedings of the Spring Simulation Multiconference. 1--8.

Digital Library

[143]

Yong Xiao, Dusit Niyato, Kwang-Cheng Chen, and Zhu Han. 2016. Enhance device-to-device communication with social awareness: A belief-based stable marriage game framework. IEEE Wireless Commun. 23, 4 (Aug 2016), 36--44.

Digital Library

[144]

Guanhua Yan, Ritchie Lee, Alex Kent, and David Wolpert. 2012. Towards a bayesian network game framework for evaluating DDoS attacks and defense. In Proceedings of the 2012 ACM Conference on Computer and Communications Security (CCS’12). 553--566.

Digital Library

[145]

Qing Yang, Kejie Lu, Vincenzo Mancuso, and Chan-Hyun Youn. 2016. Device-to-device communications with social awareness. IEEE Wireless Commun. 23, 4 (Aug. 2016), 10--11.

Digital Library

[146]

Rong Yang, Christopher Kiekintveld, Fernando Ordóñez, Milind Tambe, and Richard John. 2013. Improving resource allocation strategies against human adversaries in security games: An extended study. Artif. Intell. 195 (2013), 440--469.

Digital Library

[147]

Zichao Yang and John C. S. Lui. 2012. Security adoption in heterogeneous networks: The influence of cyber-insurance market. In 11th International IFIP TC 6 Networking Conference. 172--183.

Digital Library

[148]

S. T. Zargar, James Joshi, and David Tipper. 2013. A survey of defense mechanisms against distributed denial of service (DDoS) flooding attacks. IEEE Commun. Surv. Tutor. 15, 4 (Mar. 2013), 2046--2069.

[149]

Zhifang Zhang and Mulan Liu. 2011. Unconditionally secure rational secret sharing in standard communication networks. In Proceedings of Information Security and Cryptology-ICISC, Vol. 6829 LNCS. 355--369.

Digital Library

[150]

H. Vicky Zhao, W. Sabrina Lin, and K. J. Ray Liu. 2012. Cooperation and coalition in multimedia fingerprinting colluder social networks. IEEE Trans. Multimedia 14, 3 (Jun. 2012), 717--733.

Digital Library

[151]

Sheng Zhong, Jiang Chen, and Yang Richard Yang. 2003. Sprite: A simple, cheat-proof, credit-based system for mobile ad-hoc networks. In Proceedings of IEEE INFOCOM, Vol. 3. 1987--1997.

[152]

Jie Zhou and Jiannong Cao. 2012. OSR: Optimal and secure routing protocol in multi-hop wireless networks. In Proceeding of 32nd International Conference on Distributed Computing Systems Workshops. 187--193.

Digital Library

[153]

Quanyan Zhu and Tamer Basar. 2011. Robust and resilient control design for cyber-physical systems with an application to power systems. In Proceedings of IEEE Conference on Decision and Control and European Control Conference. 4066--4071.

[154]

Quanyan Zhu and Tamer Basar. 2012. A dynamic game-theoretic approach to resilient control system design for cascading failures. In Proceedings of the 1st International Conference on High Confidence Networked Systems. 41--46.

Digital Library

[155]

Quanyan Zhu, Ju Bin Song, and Tamer Basar. 2011. Dynamic secure routing game in distributed cognitive radio networks. In Proceeding of IEEE Global Telecommunications Conference (GLOBECOM’11). 1--6.

[156]

Saman Zonouz and Parisa Haghani. 2013. Cyber-physical security metric inference in smart grid critical infrastructures based on system administrators’ responsive behavior. Comput. Secur. 39 (Nov. 2013), 190--200.

Digital Library

Cited By

Li NZhang MLi JAdepu SKang EJin Z(2024)A Game-Theoretical Self-Adaptation Framework for Securing Software-Intensive SystemsACM Transactions on Autonomous and Adaptive Systems10.1145/365294919:2(1-49)Online publication date: 20-Apr-2024
https://dl.acm.org/doi/10.1145/3652949
Zhang YChen DJajodia SPugliese ASubrahmanian VXiong Y(2024)GAIT: A Game-Theoretic Defense Against Intellectual Property TheftIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2023.329922521:4(1967-1980)Online publication date: 1-Jul-2024
https://dl.acm.org/doi/10.1109/TDSC.2023.3299225
Zhao YChen JZhu Q(2024)Integrated Cyber-Physical Resiliency for Power Grids Under IoT-Enabled Dynamic Botnet AttacksIEEE Transactions on Control Systems Technology10.1109/TCST.2024.337899332:5(1755-1769)Online publication date: Sep-2024
https://doi.org/10.1109/TCST.2024.3378993
Show More Cited By

Index Terms

Game Theory for Cyber Security and Privacy
1. Security and privacy

Recommendations

Game theory meets network security and privacy

This survey provides a structured and comprehensive overview of research on security and privacy in computer and communication networks that use game-theoretic approaches. We present a selected set of works to highlight the application of game theory in ...
Privacy consensus in anonymization systems via game theory
DBSec'12: Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy

Privacy protection appears as a fundamental concern when personal data is collected, stored, and published. Several anonymization methods have been proposed to address privacy issues in private datasets. Every anonymization method has at least one ...
The Functionality-Security-Privacy Game
MDAI '09: Proceedings of the 6th International Conference on Modeling Decisions for Artificial Intelligence

Privacy preservation in the information society is in many respects parallel to environment preservation in the physical world. In this way, "green ICT services" are those achieving functionality and security with minimum invasion of the privacy of ...

Comments

Information & Contributors

Information

Published In

cover image ACM Computing Surveys

ACM Computing Surveys Volume 50, Issue 2

March 2018

567 pages

ISSN:0360-0300

EISSN:1557-7341

DOI:10.1145/3071073

Editor:
Sartaj Sahni
Department of Computer and Information Science and Engineering / University of Florida / Gainesville, FL 32611

Issue’s Table of Contents

Copyright © 2017 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 10 May 2017

Accepted: 01 February 2017

Revised: 01 January 2017

Received: 01 August 2015

Published in CSUR Volume 50, Issue 2

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Survey
Research
Refereed

Funding Sources

Ministry of Education
Basic Science Research Program through National Research Foundation of Korea (NRF)
AFOSR DDDAS program
Distribution Unlimited

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

160
Total Citations
View Citations
5,758
Total Downloads

Downloads (Last 12 months)526
Downloads (Last 6 weeks)55

Reflects downloads up to 04 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Li NZhang MLi JAdepu SKang EJin Z(2024)A Game-Theoretical Self-Adaptation Framework for Securing Software-Intensive SystemsACM Transactions on Autonomous and Adaptive Systems10.1145/365294919:2(1-49)Online publication date: 20-Apr-2024
https://dl.acm.org/doi/10.1145/3652949
Zhang YChen DJajodia SPugliese ASubrahmanian VXiong Y(2024)GAIT: A Game-Theoretic Defense Against Intellectual Property TheftIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2023.329922521:4(1967-1980)Online publication date: 1-Jul-2024
https://dl.acm.org/doi/10.1109/TDSC.2023.3299225
Zhao YChen JZhu Q(2024)Integrated Cyber-Physical Resiliency for Power Grids Under IoT-Enabled Dynamic Botnet AttacksIEEE Transactions on Control Systems Technology10.1109/TCST.2024.337899332:5(1755-1769)Online publication date: Sep-2024
https://doi.org/10.1109/TCST.2024.3378993
Fedorchenko EKotenko IGiven BLi Y(2024)Application of the Hypergame Theory to Security Analysis and Decision Support for Security Incident Response2024 XXVII International Conference on Soft Computing and Measurements (SCM)10.1109/SCM62608.2024.10554173(254-257)Online publication date: 22-May-2024
https://doi.org/10.1109/SCM62608.2024.10554173
Verma RKoul SAjaygopal KSingh S(2024)Exploring Game Theoretic Applications in Cyber Security2024 International Conference on Intelligent Systems for Cybersecurity (ISCS)10.1109/ISCS61804.2024.10581244(1-6)Online publication date: 3-May-2024
https://doi.org/10.1109/ISCS61804.2024.10581244
Haighton DLeblanc S(2024)Game Theory Applied to Deception in Network Security2024 International Conference on Computing, Internet of Things and Microwave Systems (ICCIMS)10.1109/ICCIMS61672.2024.10690784(1-5)Online publication date: 29-Jul-2024
https://doi.org/10.1109/ICCIMS61672.2024.10690784
Mann Z(2024)Urgency in Cybersecurity Risk Management: Toward a Solid Theory2024 IEEE 37th Computer Security Foundations Symposium (CSF)10.1109/CSF61375.2024.00051(651-664)Online publication date: 8-Jul-2024
https://doi.org/10.1109/CSF61375.2024.00051
Xiao SHu JZhang L(2024)A multi-step attack path prediction method for oil & gas intelligence pipeline cyber physics system based on CPNEProcess Safety and Environmental Protection10.1016/j.psep.2024.03.106185(1303-1318)Online publication date: May-2024
https://doi.org/10.1016/j.psep.2024.03.106
Aljaradat ASarkar GShukla S(2024)Modelling cybersecurity impacts on digital payment adoption: A game theoretic approachJournal of Economic Criminology10.1016/j.jeconc.2024.1000895(100089)Online publication date: Sep-2024
https://doi.org/10.1016/j.jeconc.2024.100089
Yao PWang XZhang ZYan BYang QWang W(2024)Statistical knowledge and game-theoretic integrated model for cross-layer impact assessment in industrial cyber-physical systemsAdvanced Engineering Informatics10.1016/j.aei.2023.10233859(102338)Online publication date: Jan-2024
https://doi.org/10.1016/j.aei.2023.102338
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents