Đang chuẩn bị liên kết để tải về tài liệu:
How Bad are Selfish Investments in Network Security?

Đang chuẩn bị nút TẢI XUỐNG, xin hãy chờ

There are presently two ways that BACnet can be “spoken” over the public network, and these two methods are prescribed in the BACnet standard in Annex H and Annex J (BACnet/IP). For Annex H communication, a BACnet message destined for a remote BACnet network that must traverse a public network is sent by a tunneling mechanism. A device called a “BACnet/Internet Protocol Packet-Assembler-Disassembler” (B/IP PAD) exists on both networks, keeps track of all other B/IP PADs, and inspects the destination network (DNET) field of packets to see if they are destined for a remote network. If so, the B/IP. | 1 How Bad are Selfish Investments in Network Security Libin Jiang Venkat Anantharam and Jean Walrand EECS Department University of California Berkeley ljiang ananth wlr @eecs.berkeley.edu Abstract Internet security does not only depend on the security-related investments of individual users but also on how these users affect each other. In a non-cooperative environment each user chooses a level of investment to minimize his own security risk plus the cost of investment. Not surprisingly this selfish behavior often results in undesirable security degradation of the overall system. In this paper 1 we first characterize the price of anarchy POA of network security under two models an Effective-investment model and a Bad-traffic model. We give insight on how the POA depends on the network topology individual users cost functions and their mutual influence. We also introduce the concept of weighted POA to bound the region of all feasible payoffs. 2 In a repeated game on the other hand users have more incentive to cooperate for their long term interests. We consider the socially best outcome that can be supported by the repeated game and give a ratio between this outcome and the social optimum. 3 Next we compare the benefits of improving security technology or improving incentives and show that improving technology alone may not offset the efficiency loss due to the lack of incentives. 4 Finally we characterize the performance of correlated equilibrium CE in the security game. Although the paper focuses on Internet security many results are generally applicable to games with positive externalities. Index Terms Internet security game theory price of anarchy repeated game correlated equilibrium positive externality I. INTRODUCTION Security in a communication network depends not only on the security investment made by individual users but also on the interdependency among them. If a careless user puts in little effort in protecting his computer system then it is easy for .