Applications of group testing to security decision-making in networks

This paper presents a group testing approach toward a security decision-making problem. We consider a game model for a network of firms where each firm decides to invest some amount, viewed as its action, on its security. The utility functions are then defined in such a way to capture the interdependent structure of the network. We propose and analyze two algorithms for the firms to update their investments based on incomplete information they receive at any given stage of the game. This so-called incomplete information, which is provided by an independent entity, is the outcome of a (security) test performed on a selected group of firms rather than a single firm due to privacy concerns. Our arguments finally lead to a number of fundamental group testing problems which are inherently different from the classical group testing problem and its alternative versions.

[1]  Nicholas Bambos,et al.  Security Decision-Making among Interdependent Organizations , 2008, 2008 21st IEEE Computer Security Foundations Symposium.

[2]  Aron Laszka,et al.  A Survey of Interdependent Security Games Working paper , 2012 .

[3]  Yann Bramoullé,et al.  Public goods in networks , 2007, J. Econ. Theory.

[4]  H. Kunreuther,et al.  Interdependent Security , 2003 .

[5]  Nicolas Christin,et al.  The Price of Uncertainty in Security Games , 2009, WEIS.

[6]  Lawrence A. Gordon,et al.  The economics of information security investment , 2002, TSEC.

[7]  Éva Tardos,et al.  Network games , 2004, STOC '04.

[8]  H. Varian,et al.  On the private provision of public goods , 1986 .

[9]  Pan Hui,et al.  Modeling Internet Security Investments: Tackling Topological Information Uncertainty , 2011, GameSec.

[10]  George Atia,et al.  Noisy group testing: An information theoretic perspective , 2009, 2009 47th Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[11]  Matthew Aldridge,et al.  Group Testing Algorithms: Bounds and Simulations , 2013, IEEE Transactions on Information Theory.

[12]  Peter Damaschke Threshold Group Testing , 2005, Electron. Notes Discret. Math..

[13]  Olgica Milenkovic,et al.  Semiquantitative Group Testing , 2014, IEEE Transactions on Information Theory.

[14]  Leeat Yariv,et al.  Network Games , 2007 .

[15]  Tamer Basar,et al.  Group Testing Game , 2017 .

[16]  Zhengyuan Zhou,et al.  A game-theoretical formulation of influence networks , 2016, 2016 American Control Conference (ACC).

[17]  Morteza Zadimoghaddam,et al.  Sequential group testing with graph constraints , 2012, 2012 IEEE Information Theory Workshop.

[18]  R. Dorfman The Detection of Defective Members of Large Populations , 1943 .

[19]  Matthew Elliott,et al.  A network approach to public goods , 2013, EC.