The Australasian Information Security Conference (AISC) 2013

There has been a growing interest in decision and game theoretic approaches to networked system security as evidenced by the increasing number of publications and conferences such as "Conference on Decision and Game Theory for Security (GameSec)." This presentation aims to give an overview on security games and their applications to network and critical infrastructure security based on the recent book "Network Security: A Decision and Game Theoretic Approach." The decision theoretic approach encompasses optimisation, control, and game theory to address resource allocation problems in security contexts. Security games model the interaction between malicious attackers and networked defence systems within a quantitative framework for both analysis and design. Communication constraints, learning schemes, and information limitations play significant roles in this problem domain. The concepts presented will be illustrated with applications of security games to electrical power grid as an example critical infrastructure.