The invention proposes a game theoretic recommendation system, method and computer program for recommending a defense strategy, security alert dissemination and/or evaluation in a network subject to malicious attacks. While the number of security vulnerabilities on networked systems are rapidly increasing, the time and resources allocated to counter potential attacks remain limited. The proposed system, method and computer program can support its users, e.g. system administrators, by recommending optimized resource allocation strategies tailored to their specific networks. Hence, it can both formalize and improve security vulnerability dissemination and evaluation processes. The resource allocation strategy is obtained by solving a security game between potential attackers and defenders, which takes vulnerabilities and local preferences as input parameters. In preferred embodiments, zero sum and fuzzy security game methods are formulated. Results indicate that the game theoretic formulation exhibits a certain degree of robustness with respect to input parameters. This is desirable considering that both users and experts may express their preferences and vulnerability levels with limited precision. The invention can be implemented as a platform-independent web application for increased flexibility.
展开▼
