201 research outputs found
On the Role of Risk Perceptions in Cyber Insurance Contracts
Risk perceptions are essential in cyber insurance contracts. With the recent
surge of information, human risk perceptions are exposed to the influences from
both beneficial knowledge and fake news. In this paper, we study the role of
the risk perceptions of the insurer and the user in cyber insurance contracts.
We formulate the cyber insurance problem into a principal-agent problem where
the insurer designs the contract containing a premium payment and a coverage
plan. The risk perceptions of the insurer and the user are captured by coherent
risk measures. Our framework extends the cyber insurance problem containing a
risk-neutral insurer and a possibly risk-averse user, which is often considered
in the literature. The explicit characterizations of both the insurer's and the
user's risk perceptions allow us to show that cyber insurance has the potential
to incentivize the user to invest more on system protection. This possibility
to increase cyber security relies on the facts that the insurer is more
risk-averse than the user (in a minimization setting) and that the insurer's
risk perception is more sensitive to the changes in the user's actions than the
user himself. We investigate the properties of feasible contracts in a case
study on the insurance of a computer system against ransomware.Comment: 6 pages, 3 figure
Cyber Insurance for Cyber Resilience
Cyber insurance is a complementary mechanism to further reduce the financial
impact on the systems after their effort in defending against cyber attacks and
implementing resilience mechanism to maintain the system-level operator even
though the attacker is already in the system. This chapter presents a review of
the quantitative cyber insurance design framework that takes into account the
incentives as well as the perceptual aspects of multiple parties. The design
framework builds on the correlation between state-of-the-art attacker vectors
and defense mechanisms. In particular, we propose the notion of residual risks
to characterize the goal of cyber insurance design. By elaborating the
insurer's observations necessary for the modeling of the cyber insurance
contract, we make comparison between the design strategies of the insurer under
scenarios with different monitoring rules. These distinct but practical
scenarios give rise to the concept of the intensity of the moral hazard issue.
Using the modern techniques in quantifying the risk preferences of individuals,
we link the economic impacts of perception manipulation with moral hazard. With
the joint design of cyber insurance design and risk perceptions, cyber
resilience can be enhanced under mild assumptions on the monitoring of
insurees' actions. Finally, we discuss possible extensions on the cyber
insurance design framework to more sophisticated settings and the regulations
to strengthen the cyber insurance markets
Communication-Efficient Distributed Machine Learning over Strategic Networks: A Two-Layer Game Approach
This paper considers a game-theoretic framework for distributed learning
problems over networks where communications between nodes are costly. In the
proposed game, players decide both the learning parameters and the network
structure for communications. The Nash equilibrium characterizes the tradeoff
between the local performance and the global agreement of the learned
classifiers. We introduce a two-layer algorithm to find the equilibrium. The
algorithm features a joint learning process that integrates the iterative
learning at each node and the network formation. We show that our game is
equivalent to a generalized potential game in the setting of symmetric
networks. We study the convergence of the proposed algorithm, analyze the
network structures determined by our game, and show the improvement of the
social welfare in comparison with the distributed learning over non-strategic
networks. In the case study, we deal with streaming data and use telemonitoring
of Parkinson's disease to corroborate the results.Comment: 20 pages, 9 figure
- …