This paper presents Elevation of Privilege, a game designed to draw people who are not security practitioners into the craft of threat modeling. The game uses a variety of techniques to do so in an enticing, supportive and non-threatening way. The subject of security tools for software engineering has not generally been studied carefully. This paper shares the objectives and design of the game,...

There has been significant recent interest in game theoretic approaches to security, with much of the recent research focused on utilizing the leader-follower Stackelberg game model; for example, these games are at the heart of major applications such as the ARMOR program deployed for security at the LAX airport since 2007 and the IRIS program in use by the US Federal Air Marshals (FAMS). The f...

Although many of the concepts included in cyber security awareness training are universal, such training often must be tailored to address the policies and requirements of a particular organization. In addition, many forms of training fail because they are rote and do not require users to think about and apply security concepts. A flexible, highly interactive video game, CyberCIEGE, is describe...

The emergence of online games has fundamentally changed security requirements for computer games, which previously were largely concerned with copy protection. In this paper, we examine how new security requirements impact the design of online games by using online Bridge, a simple client-server game, as our case study. We argue that security is emerging as an inherent design issue for online g...

Security is one of the main concerns in current telecommunication networks: the service providers and individual users have to protect themselves against attacks, and to this end a careful analysis of their optimal strategies is of essential importance. Indeed, attackers and defenders are typically agents trying strategically to design the most important damages and the most secure use of the r...

Abstract Based on the discussion of related concepts and technical theories, information security resource allocation influencing factors index system is constructed from four aspects: resources, threat sources, vulnerabilities measures. With further analysis their affecting mechanisms, basic theoretical framework established based evolutionary game. Under this framework, subject relationship i...