Ad-hoc security mechanisms are effective in solving the particular problems they are designed for, however, they generally fail to respond appropriately under dynamically changing real world scenarios. We discuss a novel holistic security approach which aims at providing security using a quantitative decision making framework inspired by game theory. We consider the interaction between the atta...

Given the global challenges of security, both in physical and cyber worlds, security agencies must optimize the use of their limited resources. To that end, many security agencies have begun to use "security game" algorithms, which optimally plan defender allocations, using models of adversary behavior that have originated in behavioral game theory. To advance our understanding of adversary beh...

Given the global challenges of security, both in physical and cyber worlds, security agencies must optimize the use of their limited resources. To that end, many security agencies have begun to use "security game" algorithms, which optimally plan defender allocations, using models of adversary behavior that have originated in behavioral game theory. To advance our understanding of adversary beh...

This paper describes a computer simulation game being developed to teach computer security principles. The player of the game constructs computer networks and makes choices affecting the ability of these networks and the game’s virtual users to protect valuable assets from attack by both vandals and well-motivated professionals. The game introduces the player to the need for well formed informa...

Recently, game theory has been shown to be useful for reasoning about real-world security settings where security forces must protect critical assets from potential adversaries. In fact, there have been a number of deployed real-world applications of game theory for security (e.g., ARMOR at Los Angeles International Airport and IRIS for the Federal Air Marshals Service). Here, the objective is ...

Advances in computational game theory have led to several successfully deployed applications in security domains. These gametheoretic approaches and security applications learn game payoff values or adversary behaviors from annotated input data provided by domain experts and practitioners in the field, or collected through experiments with human subjects. Beyond these traditional methods, unman...

Game-playing is an approach to write security proofs that are easy to verify. In this approach, security definitions and intractable problems are written as programs called games and reductionist security proofs are sequences of game transformations. This bias towards programming languages suggests the implementation of a tool based on compiler techniques (syntactic program transformations) to ...

The contents access and sharing in multimedia social networks (MSNs) mainly rely on access control models and mechanisms. Simple adoptions of security policies in the traditional access control model cannot effectively establish a trust relationship among parties. This paper proposed a novel two-party trust architecture (TPTA) to apply in a generic MSN scenario. According to the architecture, s...

Security is a world-wide concern in a diverse set of settings, such as protecting ports, airport and other critical infrastructures, interdicting the illegal flow of drugs, weapons and money, preventing illegal poaching/hunting of endangered species and fish, suppressing crime in urban areas and securing cyberspace. Unfortunately, with limited security resources, not all the potential targets c...

This paper explores the idea that IT security risk assessment can be formalized as an argumentation game in which assessors argue about how the system can be attacked by a threat agent and defended by the assessors. A system architecture plus assumptions about the environment is specified as an ASPIC argumentation theory, and an argument game is defined for exchanging arguments between assessor...