Dynamic Systems Approach to Analyzing Event Risks and Behavioral Risks with Game Theory

Author

Boehmer, Wolfgang

Author_Institution

Tech. Univ. Darmstadt, Darmstadt, Germany

fYear

2011

fDate

9-11 Oct. 2011

Firstpage

1231

Lastpage

1238

Abstract

In the development of individual security concepts, risk-based information security management systems (ISMS)according to ISO 27001 have established themselves in addition to policies in the field of IT infrastructures. Particularly in the field of critical infrastructures, however, it has been shown that despite functioning security concepts, the Stuxnet virus was able to spread through industrial systems (infection). Nevertheless - the existing security concepts are not useless, but rarely take effect in behavioral risk. In this paper, we use the Trust/Investor game of the Game Theory to analyze the infection path. In general, the infection path is one game in a complex multi layer game. As a result, based on a Nash equilibrium, a cooperative solution is proposed to arm the existing IT security concepts against such infections.

Keywords

computer viruses; game theory; information systems; risk analysis; ISMS; IT infrastructures; Nash equilibrium; Stuxnet virus; behavioral risks; dynamic systems approach; event risks analysis; game theory; risk based information security management systems; Game theory; Games; Power generation; Random variables; SCADA systems; Security; Software; Event risks; behavioral risks; hybrid risks; trust/investor game;

fLanguage

English

Publisher

ieee

Conference_Titel

Privacy, Security, Risk and Trust (PASSAT) and 2011 IEEE Third Inernational Conference on Social Computing (SocialCom), 2011 IEEE Third International Conference on

Conference_Location

Boston, MA

Print_ISBN

978-1-4577-1931-8

Type

conf

DOI

10.1109/PASSAT/SocialCom.2011.228

Filename

6113287