Vision and Fusion Laboratory (IES)

Game theoretic methods for information security

Project Description

Whether a system is secure or is not secure does always depend on the capabilities of the attacker. An attacker will always attack the weakest spot of a system, according to what is perceived to be the weakest spot by the attacker. So if one wants to develop secure software, one has to hire the very best security architect, few good programmers, as their worst effort will introduce the weakest spot. Then hire as many testers as you can, as their improvement is the sum of all of their efforts.

Another important point is the economics of the attackers. If a large enough fraction of car owners would install an stolen car recovery system, then the stolen car economy completely breaches down, improving general wealth fare for every car owner. The tool for analysis of this kind of problems is game theory and its applications to economics. As solving games is intrinsically hard (in fact almost always NP-hard) we are also looking into machine learning approximation methods. Another important factor are real world data and their interpretation,so statistical data analysis also plays an important role.