JISE

    In this paper, we propose an evolutionary game model to analyze the investment decision making process in the cyber offender-defender interaction and provide a quantified approach for defender to calculate the safety threshold to avoid the occurrence of offender- leading game. Then we use simulation as a workbench to discuss the adjustment of each parameter to the security investment threshold. Our evolutionary game model shows that the cyber offender-defender game can possibly reach one realistic stable point after a long-term evolution, which implicates a tied offender-defender game. We found that an offender-leading game can be avoided by maintaining the security investment above a safety threshold level determined by the system vulnerability among other environmental parameters such as residual risk and potential loss. Hence with an optimal level of security investment, the defender can lead the game effectively to discourage attacking attempts. Both linear and nonlinear simulations share similar trends and our evolutionary game theoretic analysis remains valid in either case.