Abstract
We model the behavioral biases of human decision-making in securing interdependent systems and show that such behavioral decision-making leads to a suboptimal pattern of resource allocation compared to non-behavioral(rational)decision-making. We provide empirical evidence for the existence of such behavioral bias model through a controlled subject study with 145 participants. We then propose three learning techniques for enhancing decision-making in multi-round setups. We illustrate the benefits of our decision-making model through multiple interdependent real-world systems and quantify the level of gain compared to the case in which the defenders are behavioral. We also show the benefit of our learning techniques against different attack models. We identify the effects of different system parameters (e.g., the defenders’ security budget availability and distribution, the degree of interdependency among defenders, and collaborative defense strategies) on the degree of suboptimality of security outcomes due to behavioral decision-making.
| Original language | English |
|---|---|
| DOIs | |
| Publication status | Published - 11 Jun 2021 |
| Event | ASIA CCS '21: ACM Asia Conference on Computer and Communications Security - , Hong Kong Duration: 7 Jun 2021 → 11 Jun 2021 |
Conference
| Conference | ASIA CCS '21: ACM Asia Conference on Computer and Communications Security |
|---|---|
| Country/Territory | Hong Kong |
| Period | 7/06/21 → 11/06/21 |