Multi-dimensional Network Security Game: How do attacker and defender battle on parallel targets?

In this paper, we consider a new network security game wherein an attacker and a defender are battling over "multiple" targets. This type of game is appropriate to model many current network security conflicts such as Internet phishing, mobile malware or network intrusions. In such attacks, the attacker and the defender need to decide how to allocate resources on each target so as to maximize his utility within his resource limit. We model such a multi-dimensional network security game as a constrained non-zero sum game. Two security breaching models, the product-form and the proportion-form, are considered. For each breaching model, we prove the existence of a unique Nash equilibrium (NE) based on Rosen's theorem and propose efficient algorithms to find the NE when the games are strictly concave. Furthermore, we show the existence of multiple NEs in the product-form breaching model when the strict concavity does not hold. Our study sheds light on the strategic behaviors of the attacker and the defender, in particular, on how they allocate resources to the targets which have different weights, and how their utilities as well as strategies are influenced by the resource constraints.