Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

A Quantal Response Analysis of Defender-Attacker Sequential Security Games

Md Reya Shad Azim, Mustafa Abdallah

TL;DR

This work extends defender-attacker security games by incorporating bounded rationality through a quantal response equilibrium (QRE). It proves existence of a QRE in a two-site sequential security model and analyzes how the defender’s quantal bias (parameter $\lambda_d$) and site losses (parameter $A$) shape optimal investments, while introducing the Price of Quantal Anarchy (PoQA) to measure inefficiency relative to fully rational play. The authors present analytical results on how $\lambda_d$ and $A$ influence the defender’s likelihood of selecting the best investment and bound PoQA, complemented by numerical simulations that illustrate these effects under various loss configurations. The findings have practical implications for security planning under bounded rationality and motivate extensions to richer networks and attacker behaviors.

Abstract

We explore a scenario involving two sites and a sequential game between a defender and an attacker, where the defender is responsible for securing the sites while the attacker aims to attack them. Each site holds a loss value for the defender when compromised, along with a probability of successful attack. The defender can reduce these probabilities through security investments at each site. The attacker's objective is to target the site that maximizes the expected loss for the defender, taking into account the defender's security investments. While previous studies have examined security investments in such scenarios, our work investigates the impact of bounded rationality exhibited by the defender, as identified in behavioral economics. Specifically, we consider quantal behavioral bias, where humans make errors in selecting efficient (pure) strategies. We demonstrate the existence of a quantal response equilibrium in our sequential game and analyze how this bias affects the defender's choice of optimal security investments. Additionally, we quantify the inefficiency of equilibrium investments under quantal decision-making compared to an optimal solution devoid of behavioral biases. We provide numerical simulations to validate our main findings.

A Quantal Response Analysis of Defender-Attacker Sequential Security Games

TL;DR

This work extends defender-attacker security games by incorporating bounded rationality through a quantal response equilibrium (QRE). It proves existence of a QRE in a two-site sequential security model and analyzes how the defender’s quantal bias (parameter ) and site losses (parameter ) shape optimal investments, while introducing the Price of Quantal Anarchy (PoQA) to measure inefficiency relative to fully rational play. The authors present analytical results on how and influence the defender’s likelihood of selecting the best investment and bound PoQA, complemented by numerical simulations that illustrate these effects under various loss configurations. The findings have practical implications for security planning under bounded rationality and motivate extensions to richer networks and attacker behaviors.

Abstract

We explore a scenario involving two sites and a sequential game between a defender and an attacker, where the defender is responsible for securing the sites while the attacker aims to attack them. Each site holds a loss value for the defender when compromised, along with a probability of successful attack. The defender can reduce these probabilities through security investments at each site. The attacker's objective is to target the site that maximizes the expected loss for the defender, taking into account the defender's security investments. While previous studies have examined security investments in such scenarios, our work investigates the impact of bounded rationality exhibited by the defender, as identified in behavioral economics. Specifically, we consider quantal behavioral bias, where humans make errors in selecting efficient (pure) strategies. We demonstrate the existence of a quantal response equilibrium in our sequential game and analyze how this bias affects the defender's choice of optimal security investments. Additionally, we quantify the inefficiency of equilibrium investments under quantal decision-making compared to an optimal solution devoid of behavioral biases. We provide numerical simulations to validate our main findings.
Paper Structure (18 sections, 6 theorems, 31 equations, 5 figures, 1 table)

This paper contains 18 sections, 6 theorems, 31 equations, 5 figures, 1 table.

Table of Contents

  1. Introduction
  2. The Defender-Attacker Sequential Game
  3. Defender-Attacker Sequential Game Setup
  4. Uniqueness of defender’s optimal investment strategy
  5. Quantal Response Equilibrium
  6. Quantal Response Modeling
  7. Existence of a QRE
  8. Main Properties of QRE
  9. Effect of Behavioral Level $\lambda$
  10. Effect of Loss on QRE
  11. Measuring Inefficiency of QRE: The Price of Quantal Response
  12. Bounds on the PoQA
  13. Numerical Simulations
  14. Experimental Setup
  15. Effect of Behavioral Level (Quantal Bias Parameter)
  16. ...and 3 more sections

Key Result

Proposition 1

The defender's optimal allocation to site $1$ to minimize $L(\mathbf{r})$ in eq: Non_Behavioral_defender_expected_loss is unique, and denoted by $r^*$.

Figures (5)

  • Figure 1: A sequential game setup where the defender invests $r$ on site-1 and $R-r$ in site-2 (solid green arrows). The attacker attacks either site-1 or site-2 (dashed red arrows) after observing defender's investments on the two sites.
  • Figure 2: Illustration of the defender's optimal resource allocation that minimizes the maximum expected loss.
  • Figure 3: Effect of behavioral level $\lambda$ on the defender's QRE probability of choosing the optimal strategy. In this case, we use defense strategy space C where the loss $A=1$.
  • Figure 4: QRE probabilities of defender's optimal strategy under different losses and strategy spaces. Left and right subplots use defense strategy spaces A and B, respectively.
  • Figure 5: The inefficiency (PoQA) of behavioral defender with different behavioral levels and different losses. We show the $\log (PoQA)$ for better readability.

Theorems & Definitions (12)

  • Proposition 1
  • proof
  • Corollary 1
  • proof
  • Proposition 2
  • proof
  • Proposition 3
  • proof
  • Proposition 4
  • proof
  • ...and 2 more