TY - GEN
T1 - Security investment under cognitive constraints
T2 - 52nd Annual Conference on Information Sciences and Systems, CISS 2018
AU - Chen, Juntao
AU - Zhu, Quanyan
N1 - Publisher Copyright:
© 2018 IEEE.
PY - 2018/5/21
Y1 - 2018/5/21
N2 - With the increasing connectivity enabled by the Internet of Things (IoT), security becomes a critical concern, and the users should invest to secure their IoT applications. Due to the massive devices in the IoT network, users cannot be aware of the security policies taken by all its connected neighbors. Instead, a user makes security decisions based on the cyber risks he perceives by observing a selected number of nodes. To this end, we propose a model which incorporates the limited attention or bounded rationality nature of players in the IoT. Specifically, each individual builds a sparse cognitive network which includes the users to respond to. Based on this simplified cognitive network representation, each user then determines his security investment policy by minimizing his own real-world security cost. The bounded rational decision-makings of players and their cognitive network formations are interdependent, and thus should be addressed in a holistic manner. We propose a Gestalt Nash equilibrium (GNE) solution concept to characterize the decisions of agents. Then, we design a proximal-based iterative algorithm to compute the GNE and show its convergence. With case studies to smart home communities, the designed algorithm can successfully identify the critical users whose decisions need to be taken into account by the other users during the security investment.
AB - With the increasing connectivity enabled by the Internet of Things (IoT), security becomes a critical concern, and the users should invest to secure their IoT applications. Due to the massive devices in the IoT network, users cannot be aware of the security policies taken by all its connected neighbors. Instead, a user makes security decisions based on the cyber risks he perceives by observing a selected number of nodes. To this end, we propose a model which incorporates the limited attention or bounded rationality nature of players in the IoT. Specifically, each individual builds a sparse cognitive network which includes the users to respond to. Based on this simplified cognitive network representation, each user then determines his security investment policy by minimizing his own real-world security cost. The bounded rational decision-makings of players and their cognitive network formations are interdependent, and thus should be addressed in a holistic manner. We propose a Gestalt Nash equilibrium (GNE) solution concept to characterize the decisions of agents. Then, we design a proximal-based iterative algorithm to compute the GNE and show its convergence. With case studies to smart home communities, the designed algorithm can successfully identify the critical users whose decisions need to be taken into account by the other users during the security investment.
KW - Cognitive Network
KW - Gestalt Nash Equilibrium
KW - Internet of Things
KW - Security Investment
UR - http://www.scopus.com/inward/record.url?scp=85048538085&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85048538085&partnerID=8YFLogxK
U2 - 10.1109/CISS.2018.8362263
DO - 10.1109/CISS.2018.8362263
M3 - Conference contribution
AN - SCOPUS:85048538085
T3 - 2018 52nd Annual Conference on Information Sciences and Systems, CISS 2018
SP - 1
EP - 6
BT - 2018 52nd Annual Conference on Information Sciences and Systems, CISS 2018
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 21 March 2018 through 23 March 2018
ER -