Download Now Free registration required
This paper presents a game theoretic and learning approach to security risk management based on a model that captures the diffusion of risk in an organization with multiple technical and business processes. Of particular interest is the way the interdependencies between processes affect the evolution of the organization's risk profile as time progresses, which is first developed as a probabilistic risk framework and then studied within a discrete Markov model. Using zero-sum dynamic Markov games, the authors analyze the interaction between a malicious adversary whose actions increases the risk level of the organization and a defender agent, e.g., security and risk management division of the organization, which aims to mitigate risks.
- Format: PDF
- Size: 293.9 KB