Blue versus Red: Towards a Model of Distributed Security Attacks

13 years 4 months ago
Blue versus Red: Towards a Model of Distributed Security Attacks
Abstract. This paper analyzes the threat of distributed attacks by developing a two-sided multiplayer model of security in which attackers aim to deny service and defenders strategize to secure their assets. Attackers benefit from the successful compromise of target systems, however, may suffer penalties for increased attack activity. Defenders weigh the likelihood of an attack against the cost of security. We model security decision-making in established (e.g., weakest-link, best-shot) and novel games (e.g., weakest target), and allow defense expenditures in protection and self-insurance technologies. We find that strategic attackers launch attacks only if defenders do not invest in protective measures. Therefore, the threat of protection can be enough to deter an attacker, but as the number of attackers grows, this equilibrium becomes increasingly unstable. Key words: Game Theory, Economics of Security, Distributed Denial of Service Attacks, Botnets
Neal Fultz, Jens Grossklags
Added 26 May 2010
Updated 26 May 2010
Type Conference
Year 2009
Where FC
Authors Neal Fultz, Jens Grossklags
Comments (0)