Game theory has been successfully used to handle complex resource allocation and patrolling problems in security and sustainability domains. More specifically, real-world applications have been deployed for different domains based on the framework of security games, where the defender (e.g., security agency) has a limited number of resources to protect a set of targets from an adversary (e.g., ...

We introduce a game-theoretic framework to compute optimal and strategic security investments by multiple defenders. Each defender is responsible for the security of multiple assets, with the interdependencies between the assets captured by an interdependency graph. We formulate the problem of computing the optimal defense allocation by a single defender as a convex optimization problem, and es...

We aim to advance the understanding of individual security decision-making, by combining formal and behavioral analysis. We sketch a game-theoretic model of security decision-making that generalizes the “weakest link” game, and describe a controlled laboratory experiment to reveal differences between predicted and observed user behavior. Results of a pilot study yield possible explanations for ...

We develop a game-based protocol semantics, by modeling protocols as concurrent game structures. To be precise, we take protocol specifications from the Cremers–Mauw protocol semantics, and interpret such protocol specifications in concurrent game structures instead of in labeled transition systems. This allows us to define security properties on Cremers–Mauw protocol specifications in logics o...

It has been repeatedly pointed out that security problems in multi-agent systems are a manifestation of improper economic incentives provided for agents through mechanisms that are supposed to provide such incentives. This paper provides initial insight on how economics tools of utility theory and welfare economics may be used to analyze the behaviors of economic agents with respect to security...

We introduce a Security Game with a single static guard that is supported by a number of spatially imperfect alarms. We model this setting with two non–cooperative games modeling two different strategic interactions between a Defender and an Attacker. In the first one the Defender has to respond to an activated alarm given its current position (Alarm–Response Game). In the second one, the Defen...

The Security Protocol Game is a highly visual and interactive game for teaching secure data communication protocols. Students use the game to simulate protocols and explore possible attacks against them. The power of the game lies in the representation of secret and public key cryptography. Specifically, the game provides representations for plain text and encrypted messages, message digests, d...

Hands-on cyber security training is generally accepted as an enjoyable and effective way of developing and practising skills that complement the knowledge gained by traditional education. At the same time, experience from organizing and participating in these events show that there is still room for making a larger impact on the learners, and providing more engaging and beneficial learning. In ...

We introduce a condition, uniform payoff security, for games with separable metric strategy spaces and payoffs bounded and measurable in players’ strategies. We show that if any such metric game G is uniformly payoff secure, then its mixed extension G is payoff secure. We also establish that if a uniformly payoff secure metric game G has compact strategy spaces, and if its mixed extension G has...

The Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) has been widely used as a technique that will allow a machine to distinguish between input from a human and that of another machine. The security of current CAPTCHA methods is not sufficient to protect against advanced modern malware. This paper focuses on applying gamification, the use of game elements in ...