Skip to main content

Advertisement

SpringerLink
Log in
Menu
Find a journal Publish with us
Search
Cart
Book cover

International Conference on Research in Networking

NETWORKING 2012: NETWORKING 2012 pp 172–183Cite as

  1. Home
  2. NETWORKING 2012
  3. Conference paper
Security Adoption in Heterogeneous Networks: the Influence of Cyber-Insurance Market

Security Adoption in Heterogeneous Networks: the Influence of Cyber-Insurance Market

  • Zichao Yang20 &
  • John C. S. Lui20 
  • Conference paper
  • 1117 Accesses

  • 4 Citations

Part of the Lecture Notes in Computer Science book series (LNCCN,volume 7290)

Abstract

Hosts (or nodes) in the Internet often face epidemic risks such as virus and worms attack. Despite the awareness of these risks and the availability of anti-virus software, investment in security protection is still scare, and hence epidemic risk is still prevalent. Deciding whether to invest in security protection is an interdependent process: security investment decision made by one node can affect the security risk of others, and therefore affect their decisions also. The first contribution of this paper is to provide a fundamental understanding on how “network externality” effect with “nodes heterogeneity” may affect security adoption. We characterize it as a Bayesian network game in which nodes only have the local information, e.g., the number of neighbors, as well as minimum common information, e.g., degree distribution of the network. Our second contribution is in analyzing a new form of risk management called cyber-insurance. We investigate how the presence of competitive insurance market can affect the security adoption.

Keywords

  • heterogeneous network
  • security adoption
  • cyber-insurance
  • Bayesian network game

Download conference paper PDF

References

  1. Aldous, D., Bandyopadhyay, A.: Survey of max-type recursive distributional equations. The Annals of Applied Prob. 15(2), 1047–1110 (2005)

    CrossRef  MathSciNet  MATH  Google Scholar 

  2. Anderson, R.: Why information security is hard-an economic perspective. In: IEEE Computer Security Applications Conference 2001, pp. 358–365 (2001)

    Google Scholar 

  3. Anderson, R., Moore, T.: The economics of information security. Science 314(5799), 610 (2006)

    CrossRef  Google Scholar 

  4. Böhme, R., Schwartz, G.: Modeling cyber-insurance: Towards a unifying framework. In: Workshop on the Economics of Information Security. Harvard University, Cambridge (2010)

    Google Scholar 

  5. Bu, T., Towsley, D.: On distinguishing between internet power law topology generators. In: INFOCOM, pp. 638–647. IEEE (2002)

    Google Scholar 

  6. Easley, D., Kleinberg, J.: Networks, crowds, and markets: Reasoning about a highly connected world. Cambridge Univ. Pr. (2010)

    Google Scholar 

  7. Ehrlich, I., Becker, G.S.: Market insurance, self-insurance, and self-protection. The Journal of Political Economy 80(4), 623–648 (1972)

    CrossRef  Google Scholar 

  8. Faloutsos, M., Faloutsos, P., Faloutsos, C.: On power-law relationships of the internet topology. In: ACM SIGCOMM, pp. 251–262 (1999)

    Google Scholar 

  9. Grossklags, J., Christin, N., Chuang, J.: Secure or insecure? a game-theoretic analysis of information security games. In: WWW 2008 (2008)

    Google Scholar 

  10. Heal, G., Kunreuther, H.: The vaccination game. Center for Risk Management and Decision Process Working Paper (2005)

    Google Scholar 

  11. Hillier, B.: The economics of asymmetric information. Palgrave Macmillan (1997)

    Google Scholar 

  12. Jiang, L., Anantharam, V., Walrand, J.: Efficiency of selfish investments in network security. In: Proc. of the 3rd International Workshop on Economics of Networked Systems, pp. 31–36. ACM (2008)

    Google Scholar 

  13. Kesan, J., Majuca, R., Yurcik, W.: Cyberinsurance as a market-based solution to the problem of cybersecurity: a case study. In: Proc. WEIS. Citeseer (2005)

    Google Scholar 

  14. Kunreuther, H., Heal, G.: Interdependent security. Journal of Risk and Uncertainty 26(2), 231–249 (2003)

    CrossRef  MATH  Google Scholar 

  15. Lelarge, M., Bolot, J.: A local mean field analysis of security investments in networks. In: Proc. of the 3rd International Workshop on Economics of Networked Systems, pp. 25–30. ACM (2008)

    Google Scholar 

  16. Lelarge, M., Bolot, J.: Network externalities and the deployment of security features and protocols in the internet. In: ACM SIGMETRICS (2008)

    Google Scholar 

  17. Lelarge, M., Bolot, J.: Economic incentives to increase security in the internet: The case for insurance. In: INFOCOM, pp. 1494–1502 (2009)

    Google Scholar 

  18. Medvinsky, G., Lai, C., Neuman, B.: Endorsements, licensing, and insurance for distributed system services. In: Proceedings of the 2nd ACM Conference on Computer and Communications Security, pp. 170–175. ACM (1994)

    Google Scholar 

  19. Melnik, S., Hackett, A., Porter, M.A., Mucha, P.J., Gleeson, J.P.: The unreasonable effectiveness of tree-based theory for networks with clustering. Physical Review E 83(3), 036112 (2011)

    CrossRef  MathSciNet  Google Scholar 

  20. Miura-Ko, R., Yolken, B., Bambos, N., Mitchell, J.: Security investment games of interdependent organizations. In: 2008 46th Annual Allerton Conference on Communication, Control, and Computing, pp. 252–260. IEEE (2008)

    Google Scholar 

  21. Moore, D., Shannon, C., et al.: Code-red: a case study on the spread and victims of an internet worm. In: Proceedings of the 2nd ACM SIGCOMM Workshop on Internet Measurment, pp. 273–284. ACM (2002)

    Google Scholar 

  22. Newman, M.: Networks: an introduction. Oxford Univ. Pr. (2010)

    Google Scholar 

  23. Nisan, N.: Algorithmic game theory. Cambridge Univ. Pr. (2007)

    Google Scholar 

  24. Omic, J., Orda, A., Van Mieghem, P.: Protecting against network infections: A game theoretic perspective. In: INFOCOM 2009. IEEE (2009)

    Google Scholar 

  25. Shavell, S.: On moral hazard and insurance. The Quarterly Journal of Economics 93(4), 541 (1979)

    CrossRef  Google Scholar 

  26. Shetty, N., Schwartz, G., Felegyhazi, M., Walrand, J.: Competitive cyber-insurance and internet security. Economics of Information Security and Privacy, 229–247 (2010)

    Google Scholar 

  27. Yang, Z., Lui, J.: Security adoption in heterogeneous networks: the influence of cyber-insurance market (2011), http://www.cse.cuhk.edu.hk/%7ecslui/TR1.pdf

  28. Yang, Z., Lui, J.: Investigating the effect of node heterogeneity and network externality on security adoption. In: Thirteenth ACM Sigmetrics Workshop on Mathematical Performance Modeling and Analysis, MAMA (June 2011)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. The Chinese University of Hong Kong, Hong Kong

    Zichao Yang & John C. S. Lui

Authors
  1. Zichao Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. John C. S. Lui
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Telecommunications Engineering, Czech Technical University in Prague, Technicka 2, 166 27, Prague 6, Czech Republic

    Robert Bestak & Lukas Kencl & 

  2. Bell Labs, Alcatel-Lucent, 600 Mountain Avenue, 07974-0636, Murray Hill, NJ, USA

    Li Erran Li

  3. Instituto IMDEA Networks, Avenida del Mar Mediterraneo 22, 28918, Leganes (Madrid), Spain

    Joerg Widmer

  4. Tsinghua-ChinaCache Joint Laboratory, Tsinghua University, FIT 3-429, Haidian District, 100016, Beijing, China

    Hao Yin

Rights and permissions

Reprints and Permissions

Copyright information

© 2012 IFIP International Federation for Information Processing

About this paper

Cite this paper

Yang, Z., Lui, J.C.S. (2012). Security Adoption in Heterogeneous Networks: the Influence of Cyber-Insurance Market. In: Bestak, R., Kencl, L., Li, L.E., Widmer, J., Yin, H. (eds) NETWORKING 2012. NETWORKING 2012. Lecture Notes in Computer Science, vol 7290. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-30054-7_14

Download citation

  • .RIS
  • .ENW
  • .BIB
  • DOI: https://doi.org/10.1007/978-3-642-30054-7_14

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-30053-0

  • Online ISBN: 978-3-642-30054-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Share this paper

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

Search

Navigation

  • Find a journal
  • Publish with us

Discover content

  • Journals A-Z
  • Books A-Z

Publish with us

  • Publish your research
  • Open access publishing

Products and services

  • Our products
  • Librarians
  • Societies
  • Partners and advertisers

Our imprints

  • Springer
  • Nature Portfolio
  • BMC
  • Palgrave Macmillan
  • Apress
  • Your US state privacy rights
  • Accessibility statement
  • Terms and conditions
  • Privacy policy
  • Help and support

167.114.118.210

Not affiliated

Springer Nature

© 2023 Springer Nature