学术文献库

In this paper, we propose a game-theoretical framework to investigate advanced persistent threat problems with two types of insider threats: malicious and inadvertent. Within this framework, a unified three-player game is established and Nash equilibria are obtained in response to different insiders. By analyzing Nash equilibria, we provide quantitative solutions to the advanced persistent threat problems with insider threats. Furthermore, optimal defense strategy and defender's cost comparisons between two insider threats have been performed. The findings suggest that the defender should employ more active defense strategies against inadvertent insider threats than against malicious insider threats, despite the fact that malicious insider threats cost the defender more. Our theoretical analysis is validated by numerical results, including an additional examination of the conditions of the risky strategies adopted by different insiders. This may help the defender in determining monitoring intensities and defensive strategies.