BishtRef
Articles Journals Publishers Authors Subjects Most Cited New Papers Year Stats Open Access
journal article Open Access Sep 26, 2018

Sustainability of Information Security Investment in Online Social Networks: An Evolutionary Game-Theoretic Approach

Guang Zhu ORCID Hu Liu ORCID Mining Feng
Mathematics Vol. 6 No. 10 pp. 177 · MDPI AG
View at Publisher Save 10.3390/math6100177
Abstract
With the rapid development of information technologies, security violations in online social networks (OSN) have emerged as a critical issue. Traditional technical and organizational approaches do not consider economic factors, which are increasingly important to sustain information security investment. In this paper, we develop an evolutionary game model to study the sustainability of information security investment in OSN, and propose a quantitative approach to analyze and optimize security investment. Additionally, we examine a contract with an incentive mechanism to eliminate free riding, which helps sustain the security investment. Numerical examples are provided for illustration and simulation purposes, leading to several countermeasures and suggestions. Our analytical results show that the optimal strategy of information security investment not only is correlated with profit growth coefficients and investment costs, but is also influenced significantly by the profits from free riding. If the profit growth coefficients are prohibitively small, both OSN service providers and online platforms will not choose to sustain investment based on small profits. As profit growth coefficients increase, there is a higher probability that game players will invest. Another major finding is that the (Invest, Invest) profile is much less sensitive to the change of profit growth coefficients and the convergent speed of this scenario is faster than the other profiles. The government agency can use the proposed model to determine a proper incentive or penalty to help both parties reach the optimal strategies and thus improve OSN security.
Topics

No keywords indexed for this article. Browse by subject →

References
38
[1]
Shen "Can Dynamic Knowledge-Sharing Activities Be Mirrored from the Static Online Social Network in Yahoo! Answers and How to Improve Its Quality of Service?" IEEE Trans. Syst. Man Cybern. Syst. (2017) 10.1109/tsmc.2016.2580606
[2]
Cezar "Outsourcing Information Security: Contracting Issues and Security Implications" Manag. Sci. (2014) 10.1287/mnsc.2013.1763
[3]
Zhang "Exploiting multimedia services in mobile social networks from security and privacy perspectives" IEEE Commun. Mag. (2014) 10.1109/mcom.2014.6766086
[4]
Hsu "The Role of Extra-Role Behaviors and Social Controls in Information Security Policy Effectiveness" Inf. Syst. Res. (2015) 10.1287/isre.2015.0569
[5]
Hausken "Returns to information security investment: The effect of alternative information security breach functions on optimal investment and sensitivity to vulnerability" Inf. Syst. Front. (2006) 10.1007/s10796-006-9011-6
[6]
Cavusoglu "Decision-Theoretic and Game-Theoretic Approaches to IT Security Investment" J. Manag. Inf. Syst. (2008) 10.2753/mis0742-1222250211
[7]
A game-theoretic analysis of information sharing and security investment for complementary firms

Xing Gao, Weijun Zhong, Shaohui Mei

Journal of the Operational Research Society 2014 10.1057/jors.2013.133
[8]
Liu "Security and Privacy Issues in Wireless Sensor Networks for Healthcare Applications" J. Med. Syst. (2012) 10.1007/s10916-010-9449-4
[9]
Li "Mandatory Content Access Control for Privacy Protection in Information Centric Networks" IEEE Trans. Dependable Secure Comput. (2017) 10.1109/tdsc.2015.2494049
[10]
Meland "Mitigating Risk with Cyberinsurance" IEEE Secur. Priv. (2015) 10.1109/msp.2015.137
[11]
Fielder "Decision support approaches for cyber security investment" Decis. Support Syst. (2016) 10.1016/j.dss.2016.02.012
[12]
Han "A Game Theoretic Model for the Optimal Location of Integrated Air Defense System Missile Batteries" INFORMS J. Comput. (2016) 10.1287/ijoc.2016.0690
[13]
Losses from Horizontal Merger: The Effects of an Exogenous Change in Industry Structure on Cournot-Nash Equilibrium

Stephen W. Salant, Sheldon Switzer, Robert J. Reynolds

The Quarterly Journal of Economics 1983 10.2307/1885620
[14]
Myerson "Refinements of the Nash equilibrium concept" Int. J. Game Theory (1978) 10.1007/bf01753236
[15]
Chen "Organizations’ Information Security Policy Compliance: Stick or Carrot Approach?" J. Manag. Inf. Syst. (2012) 10.2753/mis0742-1222290305
[16]
Zhuang "Impacts of Subsidized Security on Stability and Total Social Costs of Equilibrium Solutions in an N-Player Game with Errors" Eng. Econ. (2010) 10.1080/00137911003775107
[17]
Olsder "Eigenvalues of dynamic max-min systems" Discret. Event Dyn. Syst. (1991) 10.1007/bf01805562
[18]
OLSDER "Differential Game-Theoretic Thoughts on Option Pricing and Transaction Costs" Int. Game Theory Rev. (2000) 10.1142/s0219198900000135
[19]
Deng "Evidence Combination from an Evolutionary Game Theory Perspective" IEEE Trans. Cybern. (2016) 10.1109/tcyb.2015.2462352
[20]
Gokhale "Evolutionary Multiplayer Games" Dyn. Games Appl. (2014) 10.1007/s13235-014-0106-2
[21]
Evolutionary stable strategies and game dynamics

Peter D. Taylor, Leo B. Jonker

Mathematical Biosciences 1978 10.1016/0025-5564(78)90077-9
[22]
The theory of games and the evolution of animal conflicts

J. Maynard Smith

Journal of Theoretical Biology 1974 10.1016/0022-5193(74)90110-6
[23]
Smith "The Logic of Animal Conflict" Nature (1973) 10.1038/246015a0
[24]
Gordon "The economics of information security investment" ACM Trans. Inf. Syst. Secur. (2002) 10.1145/581271.581274
[25]
Cavusoglu "A model for evaluating IT security investments" Commun. ACM (2004) 10.1145/1005817.1005828
[26]
Du "An attack-and-defence game for security assessment in vehicular ad hoc networks" Peer-to-Peer Netw. Appl. (2014) 10.1007/s12083-012-0127-9
[27]
Gordon "Sharing information on computer systems security: An economic analysis" J. Account. Public Policy (2003) 10.1016/j.jaccpubpol.2003.09.001
[28]
Chen "A Game Theoretical Framework on Intrusion Detection in Heterogeneous Networks" IEEE Trans. Inf. Forensics Secur. (2009) 10.1109/tifs.2009.2019154
[29]
Ghose "The Economic Incentives for Sharing Security Information" Inf. Syst. Res. (2005) 10.1287/isre.1050.0053
[30]
Liu "Knowledge sharing and investment decisions in information security" Decis. Support Syst. (2011) 10.1016/j.dss.2011.05.007
[31]
Mookerjee "When Hackers Talk: Managing Information Security Under Variable Attack Rates and Knowledge Dissemination" Inf. Syst. Res. (2011) 10.1287/isre.1100.0341
[32]
Cavusoglu "Passenger Profiling and Screening for Aviation Security in the Presence of Strategic Attackers" Decis. Anal. (2013) 10.1287/deca.1120.0258
[33]
Chai "Firms’ information security investment decisions: Stock market evidence of investors’ behavior" Decis. Support Syst. (2011) 10.1016/j.dss.2010.08.017
[34]
Smith, J.M. (1982). Evolution and the Theory of Games, Cambridge University Press. 10.1017/cbo9780511806292
[35]
Zhang "Waste cooking oil-to-energy under incomplete information: Identifying policy options through an evolutionary game" Appl. Energy (2017) 10.1016/j.apenergy.2016.10.133
[36]
On economic applications of evolutionary game theory

Daniel Friedman

Journal of Evolutionary Economics 1998 10.1007/s001910050054
[37]
Using game theory to describe strategy selection for environmental risk and carbon emissions reduction in the green supply chain

Rui Zhao, Gareth Neighbour, Jiaojie Han et al.

Journal of Loss Prevention in the Process Industri... 2012 10.1016/j.jlp.2012.05.004
[38]
Tian "A system dynamics model based on evolutionary game theory for green supply chain management diffusion among Chinese manufacturers" J. Clean. Prod. (2014) 10.1016/j.jclepro.2014.05.076
Metrics
13
Citations
38
References
Details
Published
Sep 26, 2018
Vol/Issue
6(10)
Pages
177
License
View
Authors
G
Guang Zhu

School of Management Science and Engineering, Nanjing University of Information Science and Technology, Nanjing 210044, China; China Institute of Manufacturing Development, Nanjing University of Information Science and Technology, Nanjing 210044, China

H
Hu Liu

School of Management Science and Engineering, Nanjing University of Information Science and Technology, Nanjing 210044, China

M
Mining Feng

China Institute of Manufacturing Development, Nanjing University of Information Science and Technology, Nanjing 210044, China

Funding
National Natural Science Foundation of China Award: 71503133
National Social Science Foundation of China Award: 16ZDA054
Cite This Article
Guang Zhu, Hu Liu, Mining Feng (2018). Sustainability of Information Security Investment in Online Social Networks: An Evolutionary Game-Theoretic Approach. Mathematics, 6(10), 177. https://doi.org/10.3390/math6100177
Related

You May Also Like

Mitigating the Multicollinearity Problem and Its Machine Learning Approach: A Review

Jireh Yi-Le Chan, Steven Mun Hong Leow · 2022

463 citations

Numerical Solution of Fractional Differential Equations: A Survey and a Software Tutorial

Roberto Garrappa · 2018

418 citations

Survey on Synthetic Data Generation, Evaluation Methods and GANs

Alvaro Figueira, Bruno Vaz · 2022

344 citations

Roles and Research Trends of Artificial Intelligence in Mathematics Education: A Bibliometric Mapping Analysis and Systematic Review

Gwo-Jen Hwang, Yun-Fang Tu · 2021

271 citations

Auto-Encoders in Deep Learning—A Review with New Perspectives

Shuangshuang Chen, Wei Guo · 2023

265 citations