Spear-phishing attacks pose a serious threat to sensitive computer systems, since they sidestep technical security mechanisms by exploiting the carelessness of authorized users. A common way mitigate such is use e-mail filters which block e-mails with maliciousness score above chosen threshold. Optimal choice threshold involves tradeoff between risk from delivered malicious emails and cost blocking benign traffic. further complicating factor strategic nature an attacker, who may selectively target users offering best value in terms likelihood success resulting access privileges. Previous work on threshold-selection considered single organization choosing thresholds for all In reality, many organizations are potential targets attacks, their incentives need not be well aligned. We therefore consider problem collection independent self-interested characterize both Stackelberg multi-defender equilibria, corresponding short-term dynamics, as Nash equilibria simultaneous game modeling long-term exhibit polynomial-time algorithm computing (Stackelberg) equilibria. find that while equilibrium exist, always exists, remarkably, unique socially optimal.

Load

Load