"Many advanced technical tools are available to prevent attacks on national infrastructure. Nevertheless, while traditional analyses of security problems have succeeded in producing good technical solutions, they have often ignored the human factor integral to these problems. Human attackers (who may be individuals or state-level attackers) expend substantial effort to breach security because they have the incentive for doing so. People involved in implementing security follow individual incentives, which need not align with global security concerns; consequently, desired security solutions are often implemented poorly, or not at all. This complex interplay between individual incentives and global (organizational and/or national) goals can be modeled and analyzed using game theoretic techniques. By analyzing not only what is possible, but also what is motivated, a holistic approach to security problems can be developed, informing policy and providing tools to policy makers. We study game theoretic models that unify several current incentive-based approaches to security, and develop simulation-based and mathematical optimization methods for analyzing such models that exploit the high-performance computing capabilities at Sandia."
Office of Scientific and Technical Information, Department of Energy: http://www.osti.gov/