روش نظریه بازی به منظور پیکر بندی نرم افزار تشخیص با خطا های تصمیم گیری

The modern computer and communication networks that firms rely on have become more complex due to their dynamic, distributed and heterogeneous features; it is therefore increasingly important to characterize the interaction between a firm and a user to ensure information security. Recently, a game-theory approach has been widely employed to investigate this issue, including the optimal configurations of the detection software. However, for both the firm and the user, inaccuracies may persist in the gap between strategic decisions and actual actions, due to the effects of irrationality and the error-prone nature of the devices that carry their commands. This paper analyzes the effects of decision errors on the optimal strategies of both the firm and the user and, in particular, on the optimal configurations of the detection software. We finally demonstrate that decision errors can promote several pure equilibrium strategies and that fine-tuning these configurations quickly becomes difficult. Furthermore, we find that decision errors can drastically influence the optimal configurations and expected costs for a firm.

An increase in the electronic collaboration between various organizations and economic entities has led to sophisticated computer and communication networks. Cyber-attacks frequently take advantage of the propagation of vulnerabilities among these networks. Consequently, information security has recently become a crucial and challenging issue. Detection software (i.e., an intrusion detection system, IDS) can enhance the security level of a firm by monitoring events in network systems, analyzing security problems and alerting security experts [1]. Due to inaccuracies in the IDS, there exist a false-negative failure probability that the IDS will classify a fraudulent transaction as normal and a false-positive failure probability that the IDS will classify a normal transaction as fraudulent. Consequently, further measures, such as manual investigations, are typically undertaken to detect fraudulent transactions more efficiently [8], [9] and [10]. Earlier contributions regarding information security mainly involved security schemes and technology principles. With the development of information systems, these traditional solutions cannot guarantee a completely secure environment. The economics of information security has developed rapidly in recent years, emphasizing how to address security problems from the perspectives of economic and management theories. In the field of information security economics, game theory has been used as a key research approach. For example, Refs. [8], [9] and [10] give a game-theory analysis of the optimal configurations for security devices, whereas Refs. [12], [14] and [15] provide a game framework to discuss the investment of information security. Furthermore, there have been many game-theory applications in the security literature [4], [5], [6], [7], [16], [17], [18], [19], [20], [21], [22], [23], [27], [28], [29] and [30]. This paper attempts to further discuss the optimal configurations for detection software in the presence of decision errors. Our work is closely related to a seminal study by Cavusoglu and Raghunathan [8], who compare decision and game-theory approaches toward the optimal strategies of firms and users, as well as the optimal configurations of detection software. The study [8], as well as the subsequent research [9] and [10], assumes that the strategic decisions of the firm and the user remain fully consistent with their actual actions, implying that these strategic decisions must be implemented accurately. However, decision errors may be inevitable in practice. Decision errors of both the firm and the user occur because of irrationality and because the channels carrying their commands are error-prone [3] and [24]. In some scenarios, the actual actions of the firm and the user may deviate from their strategic decisions by misjudging their preferences or acting emotionally. Meanwhile, technology devices might lead to errors when these decisions reach imperfect implementation systems. Zhuang [31] discusses the effect of decision errors by the agents on the social optimal investment in system security. The work [3] and [24] analyzes the decision errors of a firm and a user in the field of information security. Decision errors are also closely associated with certain theoretical analyses, such as the expected profit [2] and static evaluation in a selective game tree search [11]. In addition to decision errors, observation errors may occur due to bounded rationality, which causes the players to observe the outcomes of their actions imperfectly [3], [22] and [24]. This paper excludes observation errors and focuses on decision errors. In the context of decision errors, two important questions arise in information security. What are the optimal strategies of the firm and the user? What are the optimal configurations of the IDS? In this paper, we answer these two questions by developing a game-theory framework for the interaction between the firm and the user that includes decision errors, analyzing the impact of decision errors on the equilibrium strategies and optimal configurations of the IDS. This paper proceeds as follows: Section 2 provides a game model of the interaction between the firm and the user. Section 3 derives the equilibrium strategies and the optimal configurations. Section 4 concludes this paper.

Decision errors should not be neglected in practice. In this paper, we investigate the effect of decision errors on the optimal strategies and the optimal configurations by developing a game-theory framework between the firm and the user. We find that several pure optimal strategies appear and that the configurations of detection software become complex in the presence of decision errors. We finally discuss the effect of decision errors on the optimal configurations and the firm's expected costs. This paper assumes that both the firm and the user have complete knowledge about decision errors. An interesting but challenging issue may be the configurations of detection software when both the firm and the user have imperfect information about decision errors. Furthermore, assuming that the user changes its strategies continuously based on some evolutionary dynamics [13], one may discuss configurations of detection software by dynamic optimization.