Teoriogrowe modele bezpieczeństwa narodowego – podstawowe zagadnienia i przykłady

The article is a brief introduction to the use of game theory models in studies of national security. It is divided into four parts. The first part discusses basic theoretical issues, i.e. the division of game theory into analytical and behavioural, the concept of the rationality of players, the assumption that the rationality of players is common knowledge, the Nash equilibrium, Pareto efficiency and the classification of games. The second part briefly describes the evolution of game theory analyses in national security. Attention is drawn to the relationship between the development of game theory and military requirements. The third part provides an example of how game theory models can be used in national security studies. Trade relations, which adopt the schema of interactions of the prisoner’s dilemma, are discussed in detail. During the analysis, the general model of the prisoner’s dilemma, the initial game defining the problem under consideration, and its solutions in the form of an iterated game and metagame are presented. The entire discussion concludes with a summary. The analyses indicate the following advantages of the application of game theory models to the study of national security: 1) game theory models significantly simplify the analysed interactions, thus, allowing to penetrate the processes, bringing out features and relations which have hitherto escaped researchers; 2) the application of game theory models does not require researchers to be familiar with complex mathematical formalisms; 3) game theory models enable the identification of social dilemmas, i.e. situations where the short-term interests of an individual are at odds with the long-term interests of society

Developing a usable security approach for user awareness against ransomware

This thesis was submitted for the award of Doctor of Philosophy and was awarded by Brunel University LondonThe main purpose of the research presented in this thesis is to design and develop a game prototype for improving user awareness against ransomware, which has been reported as the most significant cyber security threat to the United Kingdom by the National Cyber Security Centre. Digital transformation is helping individuals, organisations, governments and Industrial control systems to modernise and improve their effectiveness. At the same time, cyber crimes are evolving and targeting essential services. A successful cyber attack can compromise users’ privacy, bring bad publicity and financial damage to organisations and target national security. A literature review was conducted to understand threats to the cyber social system. Literature in this thesis reports attackers exploit humans as the weakest link to execute successful security breaches. Therefore to address this challenge, a significant gap has been identified as an opportunity to contribute to user awareness of the ransomware cyber security threat. The current thesis proposes RansomAware a novel game prototype to improve user awareness. The game is based on Technology Threat Avoidance Theory (TTAT) model. In this thesis two studies are carried out, study 1 empirically validates the elements of TTAT to be embedded in the RansomAware prototype and reports a significant change in users’ motivation to avoid ransomware cyber security threat 55% and avoidance behaviour 29%, whereas study 2 evaluates game usability and report significant results of SUS average score of 87.58 and statistical results of p < 0.01 indicate user’s satisfaction of the RansomAware. Finally, the research provides guidelines on how the proposed RansomAware game can be adopted by practitioners and individuals to improve their awareness against the ransomware cyber security threat

Trees with an On-Line Degree Ramsey Number of Four

On-line Ramsey theory studies a graph-building game between two players. The player called Builder builds edges one at a time, and the player called Painter paints each new edge red or blue after it is built. The graph constructed is called the background graph. Builder's goal is to cause the background graph to contain a monochromatic copy of a given goal graph, and Painter's goal is to prevent this. In the S[subscript k]-game variant of the typical game, the background graph is constrained to have maximum degree no greater than k. The on-line degree Ramsey number [˚over R][subscript Δ](G) of a graph G is the minimum k such that Builder wins an S[subscript k]-game in which G is the goal graph. Butterfield et al. previously determined all graphs G satisfying [˚ over R][subscript Δ](G)≤3. We provide a complete classification of trees T satisfying [˚ over R][subscript Δ](T)=4.National Science Foundation (U.S.) (Grant DMS-0754106)United States. National Security Agency (Grant H98230-06-1-0013

Optimal IS Security Investment: Cyber Terrorism vs. Common Hacking

Proper investment in information systems security can protect national critical information systems. This research compares the optimal investment decision for organizations to protect themselves from common hackers and from cyber terrorists. A two-stage stochastic game model is proposed to model cyber terrorism activities as well as common hacking activities. The results of our specific simulation indicate that an optimal investment exists for games such as cyber crimes, and that the potential maximum loss to organizations from cyber terrorism is about fifty times more than from common hackers. This research can also be generalized to other practical fields such as financial fraud prevention. To the best of our knowledge, our approach is a novel approach that combines economic theory, deterrence theory, and IS security to explore the cyber terrorism problem

Computable Rationality, NUTS, and the Nuclear Leviathan

This paper explores how the Leviathan that projects power through nuclear arms exercises a unique nuclearized sovereignty. In the case of nuclear superpowers, this sovereignty extends to wielding the power to destroy human civilization as we know it across the globe. Nuclearized sovereignty depends on a hybrid form of power encompassing human decision-makers in a hierarchical chain of command, and all of the technical and computerized functions necessary to maintain command and control at every moment of the sovereign's existence: this sovereign power cannot sleep. This article analyzes how the form of rationality that informs this hybrid exercise of power historically developed to be computable. By definition, computable rationality must be able to function without any intelligible grasp of the context or the comprehensive significance of decision-making outcomes. Thus, maintaining nuclearized sovereignty necessarily must be able to execute momentous life and death decisions without the type of sentience we usually associate with ethical individual and collective decisions

Model of cybersecurity means financing with the procedure of additional data obtaining by the protection side

The article describes the model of cybersecurity means financing strategies of the information object with incomplete information about the financial resources of the attacking side. The proposed model is the core of the module of the developed decision support system in the problems of choosing rational investing variants for information protection and cybersecurity of various information objects. The model allows to find financial solutions using the tools of the theory of multistep games with several terminal surfaces. The authors proposed an approach that allows information security management to make a preliminary assessment of strategies for financing the effective cybersecurity systems. The model is distinguished by the assumption that the protection side does not have complete information, both about the financing strategies of the attacking side, and about its financial resources state aimed at overcoming cybersecurity lines of the information object. At the same time, the protection side has the opportunity to obtain additional information by the part of its financial resources. This makes it possible for the protection side to obtain a positive result for itself in the case when it can not be received without this procedure. The solution was found using a mathematical apparatus of a nonlinear multistep quality game with several terminal surfaces with alternate moves. In order to verify the adequacy of the model there was implemented a multivariate computational experiment. The results of this experiment are described in the article. © 2005 - ongoing JATIT & LL

Bad Data Injection Attack and Defense in Electricity Market using Game Theory Study

Applications of cyber technologies improve the quality of monitoring and decision making in smart grid. These cyber technologies are vulnerable to malicious attacks, and compromising them can have serious technical and economical problems. This paper specifies the effect of compromising each measurement on the price of electricity, so that the attacker is able to change the prices in the desired direction (increasing or decreasing). Attacking and defending all measurements are impossible for the attacker and defender, respectively. This situation is modeled as a zero sum game between the attacker and defender. The game defines the proportion of times that the attacker and defender like to attack and defend different measurements, respectively. From the simulation results based on the PJM 5 Bus test system, we can show the effectiveness and properties of the studied game.Comment: To appear in IEEE Transactions on Smart Grid, Special Issue on Cyber, Physical, and System Security for Smart Gri