Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
SLX-Digitalkonferenz: Zukunftswerkstatt 2024

Mehr Umsatz mit Top-Kontakten

Am 7. Mai erfahren Sie, wie Vertriebsteams Leadgenerierung, Leadnurturing und Leadstrategien effizient steuern können.
Erweiterte Suche
Anmelden
nach oben
Erschienen in:
Introduction Kapitel lesen Erstes Kapitel lesen

2020 | OriginalPaper | Buchkapitel

7. Insurance

verfasst von : Stefan Rass, Stefan Schauer, Sandra König, Quanyan Zhu

Erschienen in: Cyber-Security in Critical Infrastructures

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

Cyber insurance provides users a valuable additional layer of protection to transfer cyber data risks to third-parties. An incentive-compatible cyber insurance policy can reduce the number of successful cyber-attacks by incentivizing the adoption of preventative measures in return for more coverage and the implementation of best practices by pricing premiums based on an insured level of self-protection. This chapter introduces a bi-level game-theoretic model that nests a zero-sum game in a moral-hazard type of principal-agent game to capture complex interactions between a user, an attacker, and the insurer. The game framework provides an integrative view of cyber insurance and enables a systematic design of incentive-compatible and attack-aware insurance policy. The chapter also introduces a new metric of disappointment rate that measures the difference between the actual damage and the expected damage.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Vorheriges Kapitel Risk Management
Nächstes Kapitel Patrolling and Surveillance Games
Literatur
1.
Acemoglu D, Malekian A, Ozdaglar A (2013) Network security and contagion. Technical report, National Bureau of Economic Research
2.
Altman E, Avrachenkov K, Garnaev A (2007) A jamming game in wireless networks with transmission cost. In: Network control and optimization. Springer, pp 1–12
3.
Anderson R, Moore T (2006) The economics of information security. Science 314(5799): 610–613CrossRef
4.
Axelsson S (2000) Intrusion detection systems: a survey and taxonomy. Technical report, Technical report Chalmers University of Technology, Goteborg
5.
Balakrishnan K (1996) Exponential distribution: theory, methods and applications. CRC Press, Boca Raton
6.
Bolot J, Lelarge M (2009) Cyber insurance as an incentivefor internet security. In: Managing information risk and the economics of security. Springer, pp 269–290
7.
8.
Chen J, Touati C, Zhu Q (2017) A dynamic game analysis and design of infrastructure network protection and recovery. ACM SIGMETRICS Perform Eval Rev 45(2):128CrossRef
9.
Christoffersen P, Pelletier D (2004) Backtesting value-at-risk: a duration-based approach. J Financ Economet 2(1):84–108CrossRef
10.
11.
Farhang S, Manshaei MH, Esfahani MN, Zhu Q A dynamic bayesian security game framework for strategic defense mechanism design. In: Decision and Game Theory for Security, pp. 319–328. Springer (2014)
12.
Finkelstein M (2008) Failure rate modelling for reliability and risk. Springer Science & Business Media, LondonMATH
13.
14.
15.
Hölmstrom B (1979) Moral hazard and observability. Bell J Econ 10:74–91CrossRef
16.
17.
Horák K, Zhu Q, Bošanskỳ B (2017) Manipulating adversary?s belief: a dynamic game approach to deception by design for proactive network security. In: International conference on decision and game theory for security. Springer, pp 273–294
18.
Huang L, Chen J, Zhu Q (2017) A large-scale Markov game approach to dynamic protection of interdependent infrastructure networks. In: International conference on decision and game theory for security. Springer, pp 357–376
19.
Jajodia S, Ghosh AK, Swarup V, Wang C, Wang XS (2011) Moving target defense: creating asymmetric uncertainty for cyber threats, vol 54. Springer Science & Business Media, New YorkCrossRef
20.
Jhaveri RH, Patel SJ, Jinwala DC (2012) Dos attacks in mobile ad hoc networks: a survey. In: Advanced computing & communication technologies (ACCT), 2012 second international conference on. IEEE, pp 535–541
21.
Kelly FP, Maulloo AK, Tan DK (1998) Rate control for communication networks: shadow prices, proportional fairness and stability. J Oper Res Soc 49:237–252CrossRef
22.
Kesan J, Majuca R, Yurcik W (2005) Cyberinsurance as a market-based solution to the problem of cybersecurity: a case study. In: Proceedings of WEIS
23.
Lelarge M, Bolot J (2008) A local mean field analysis of security investments in networks. In: Proceedings of the 3rd international workshop on economics of networked systems. ACM, pp 25–30
24.
Manshaei MH, Zhu Q, Alpcan T, Bacşar T, Hubaux JP (2013) Game theory meets network security and privacy. ACM Comput Surv (CSUR) 45(3):25CrossRef
25.
Miao F, Zhu Q, Pajic M, Pappas GJ (2018) A hybrid stochastic game for secure control of cyber-physical systems. Automatica 93:55–63MathSciNetCrossRef
26.
Minkova LD (2010) Insurance risk theory. Lecture notes, TEMPUS Project SEE doctoral studies in mathematical sciences
27.
Miura-Ko R, Yolken B, Mitchell J, Bambos N (2008) Security decision-making among interdependent organizations. In: Computer security foundations symposium, CSF’08. IEEE 21st. IEEE, pp 66–80
28.
Pal R, Golubchik L, Psounis K, Hui P (2014) Will cyber-insurance improve network security? a market analysis. In: INFOCOM, 2014 proceedings IEEE. IEEE, pp 235–243
29.
Pawlick J, Zhu Q (2015) Deception by design: evidence-based signaling games for network defense. arXiv preprint arXiv:1503.05458
30.
31.
32.
Pawlick J, Colbert E, Zhu Q (2017) A game-theoretic taxonomy and survey of defensive deception for cybersecurity and privacy. arXiv preprint arXiv:1712.05441
33.
Pawlick J, Colbert E, Zhu Q (2018) Modeling and analysis of leaky deception using signaling games with evidence. IEEE Trans Inf Forensics Sec 14(7):1871–1886CrossRef
34.
Peltzman S (1975) The effects of automobile safety regulation. J Polit Econ 83:677–725CrossRef
35.
Raiyn J et al (2014) A survey of cyber attack detection strategies. Int J Secur Appl 8(1):247–256
36.
37.
Rass S, Alshawish A, Abid MA, Schauer S, Zhu Q, De Meer H (2017) Physical intrusion games-optimizing surveillance by simulation and game theory. IEEE Access 5:8394–8407CrossRef
38.
39.
Tague P, Poovendran R (2008) Modeling node capture attacks in wireless sensor networks. In: Communication, control, and computing, 2008 46th annual allerton conference on. IEEE, pp 1221–1224
40.
Wachter J, Rass S, König S, Schauer S (2018) Disappointment-aversion in security games. In: International conference on decision and game theory for security. Springer, pp 314–325
41.
Wang W, Zhu Q (2017) On the detection of adversarial attacks against deep neural networks. In: Proceedings of the 2017 workshop on automated decision making for active cyber defense. ACM, pp 27–30
42.
Wenner F (2002) Determination of risk aversion and moment-preferences: a comparison of econometric models. Ph.D. thesis, Universität St.Gallen
43.
Xu Z, Zhu Q (2015) A cyber-physical game framework for secure and resilient multi-agent autonomous systems. In: Decision and control (CDC), 2015 IEEE 54th annual conference on. IEEE, pp 5156–5161
44.
45.
Xu Z, Zhu Q (2017) A game-theoretic approach to secure control of communication-based train control systems under jamming attacks. In: Proceedings of the 1st international workshop on safe control of connected and autonomous vehicles. ACM, pp 27–34. http://​dl.​acm.​org/​citation.​cfm?​id=​3055381
46.
Xu Z, Zhu Q (2017) Secure and practical output feedback control for cloud-enabled cyber-physical systems. In: Communications and network security (CNS), 2017 IEEE conference on. IEEE, pp 416–420
47.
Yuan Y, Zhu Q, Sun F, Wang Q, Basar T (2013) Resilient control of cyber-physical systems against denial-of-service attacks. In: Resilient control systems (ISRCS), 2013 6th international symposium on. IEEE, pp 54–59
48.
Zhang R, Zhu Q (2015) Secure and resilient distributed machine learning under adversarial environments. In: 2015 18th international conference on information fusion (fusion). IEEE, pp 644–651
49.
Zhang R, Zhu Q (2017) A game-theoretic defense against data poisoning attacks in distributed support vector machines. In: Decision and control (CDC), 2017 IEEE 56th annual conference on. IEEE, pp 4582–4587
50.
Zhang T, Zhu Q (2017) Strategic defense against deceptive civilian GPS spoofing of unmanned aerial vehicles. In: International conference on decision and game theory for security. Springer, pp 213–233
51.
Zhang R, Zhu Q (2018) A game-theoretic approach to design secure and resilient distributed support vector machines. IEEE Trans Neural Netw Learn Syst 29:5512–5527MathSciNetCrossRef
52.
Zhang R, Zhu Q (2019) Flipin: a game-theoretic cyber insurance framework for incentive-compatible cyber risk management of internet of things. IEEE Trans Inf Forensics Secur 15:2026–2041CrossRef
53.
Zhang R, Zhu Q, Hayel Y (2017) A bi-level game approach to attack-aware cyber insurance of computer networks. IEEE J Sel Areas Commun 35(3):779–794CrossRef
54.
Zhu Q, Rass S (2018) On multi-phase and multi-stage game-theoretic modeling of advanced persistent threats. IEEE Access 6:13958–13971CrossRef
55.
Zhu Q, Fung C, Boutaba R, Başar T (2012) Guidex: a game-theoretic incentive-based mechanism for intrusion detection networks. Sel Areas Commun IEEE J 30(11):2220–2230CrossRef
56.
Zhu Q, Clark A, Poovendran R, Basar T (2013) Deployment and exploitation of deceptive honeybots in social networks. In: Decision and control (CDC), 2013 IEEE 52nd annual conference on. IEEE, pp 212–219
57.
Zhuang J, Bier VM, Alagoz O (2010) Modeling secrecy and deception in a multiple-period attacker–defender signaling game. Eur J Oper Res 203(2):409–418MathSciNetCrossRef
Metadaten
Titel
Insurance
verfasst von
Stefan Rass
Stefan Schauer
Sandra König
Quanyan Zhu
Copyright-Jahr
2020
Buch
Cyber-Security in Critical Infrastructures

Print ISBN: 978-3-030-46907-8

Electronic ISBN: 978-3-030-46908-5

Copyright-Jahr: 2020

DOI
https://doi.org/10.1007/978-3-030-46908-5_7

Premium Partner

    Bildnachweise