Add to collection(s) Add to saved
  1. No category
Uploaded by Varun Chandra

Chandra Spring 2022

advertisement 
Game Theory and its Applications
to Infrastructure Security: A
Bibliometric Analysis
By
Varun Chandra
Barrett, the Honors College
Thesis Director
Petar Jevtic
Committee Member
Melanie Gall
Table of Contents
1. Introduction………………………………………………………………………………..1
1.1.
Context and Motivation…...………………………………………………1
1.2.
Research Questions………………………………………………………..3
1.3.
Research Overview and Tools Used………………………………………3
2. Methodology………………………………………………………………………………4
2.1.
Data………………………………………………………………………..4
2.2.
Bibliometric Analysis…….……………………………………………….7
2.3.
Publication Trends………………..……………………………………….8
3. Results and Significance of Findings.…………………………………………………….9
3.1.
Authors Most Similar in Subject Matter.....……………………………….9
3.2.
Most Co-Cited Sources…………………………………………………..14
3.3.
Most Cited Sources………………………………………………………17
3.4.
Publication Trends……………………………………………………….20
4. Conclusion and Considerations for Future Research…………………………………….24
5. References………………………………………………………………………………..25
1
1. Introduction
1.1.
Context and Motivation
Game theory is the study of mathematical models and simulations that often play out like
a game, hence the name. In each game, there are so-called “players.” With regards to
infrastructure security (i.e., securing natural gas pipelines, power plants, roads, airport runways,
water mains, etc.), there are two sets of players: the attackers (or terrorists) and the defenders
(Bier and Tas, 2012). The attackers wish to harm or destroy the infrastructure whereas the
defenders hope to protect it from such attacks.
Mathematicians who are interested in infrastructure security classify game-theoretic
models into five categories: simultaneous attacker-defender (AD) games, sequential DA games,
sequential AD games, sequential DAD games, and simultaneous DD games (Bier and Tas,
2012). Simultaneous AD games involve both players developing their strategies independently
and without knowledge of the other’s strategy and decision. Sequential DA games involve the
defender implementing his/her defense strategy, with the attacker acting only after observing said
defense strategy. Here, the players’ decisions are optimal, meaning that they are done to
maximize the player’s advantage. Sequential AD games involve the attacker acting first and
executing an optimal strategy, with the defender being tasked with observing and responding
appropriately to it. Sequential DAD games are similar to sequential DA games, the exception
being that after the attack, the defender will respond to it. Simultaneous DD games involve
multiple investments into defense systems by multiple defenders. These are often in response to
exogenous threats (i.e., threats that are unrelated to the defenders’ decisions). The defensive
investment may have positive or negative impacts on those of other defenders.
2
Some researchers interested in game theory as it applies to infrastructure security create
and deploy real-life applications of their models. One such researcher, Milind Tambe, along with
his research group, developed an Assistant for Randomized Monitoring Over Routes (ARMOR)
to strategically allocate police checkpoints and canine units using game theory, having been in
use at the Los Angeles International Airport since 2007 (Tambe et al., 2012). Another application
developed by Tambe and his group was IRIS or Intelligent Randomization In Scheduling.
Having been in use since 2009, the application is used by the US Air Marshal Service to place
Air Marshals on aircraft carriers. The Marshals act as the “defenders,” following a specified
flight coverage schedule, while terrorists act as the “attackers” and attempt to hijack the flight.
Similar systems have been used in the port of Boston since 2011 (called PROTECT), and
TRUSTS by the Los Angeles Police Department for use in the LA Metro for fare inspection
(Tambe et al., 2012).
When it comes to attacks on key utility infrastructure such as nuclear power plants,
natural gas pipelines, and water treatment facilities, hackers can breach their cybersecurity
network protections, and inflict severe damage not only to the infrastructure but potentially to the
public as well. Such an incident occurred in Florida in 2021, during which a hacker breached a
water treatment plant and increased the amount of sodium hydroxide to be present in the water to
a level one hundred times higher than the normal, safe amount (Bergal, 2021). Another similar
example was the 2017 Triton Malware Attack on a petrochemical plant in Saudi Arabia, in which
hackers compromised the plant’s secure network. Luckily, the hackers failed to achieve their goal
to inflict severe damage on the plant, but had they succeeded, such an attack would have led to
an explosion or a release of toxic gas (Giles, 2019). Given the rapidly evolving threats (both
physical and cyber) on critical infrastructure and the associated homeland security concerns, the
3
paradigm shift in the way infrastructure security is ensured and addressed has changed from
relying on trial and error, to increasingly relying on game theory, which helps researchers not
only understand the methods of attack but also the motivations for them (Manshaei et al., 2013).
Therefore, it may be useful for us to discover how the research in this domain has evolved, how
much certain countries and journals have contributed to this research, and how influential
publications in this field have grown in importance over time.
1.2.
Research Questions
This research gathers publicly available literature about game theory in the context of
infrastructure protection, with the aim to answer the questions regarding the evolution of the
aforementioned body of research over time. In particular, this research investigates how much
certain authors and countries have contributed to research in this domain, what the most
significant papers, journals, or references are, how they have grown in importance over the years,
and finally, how authorship of the publications has changed over the years.
1.3.
Research overview and tools used
This research will take specifically the form of bibliometric analysis, a research method
for analyzing a body of research in a specific field, allowing for the discovery of publication
trends and the thematic makeup of those publications (Donthu et al., 2021). While supported by a
plethora of applications, the two main applications to be used are VOSviewer, a tool for
bibliographic analysis, and Scopus, a database from which the body of work will be extracted.
From Scopus, citations to the articles of interest were obtained and used to answer the questions
of how research in different realms of game theory and infrastructure security has evolved, as
well as how the most cited papers and journals have changed in importance over the years.
Bibliometric analysis was performed on the papers using VOSviewer, which provided us with
4
graphical visualizations of the variety of ways the publications relate to each other. Performing a
citation, co-citation, and bibliographic coupling analysis determined the thematic makeup of
published work in the game theory-infrastructure realm and the significance of certain journals
and authors.
2. Methodology
2.1.
Data
Scopus is an abstract and citation database owned by Elsevier.1 It provides access to
thousands of articles from peer-reviewed journals from many different disciplines. ASU’s
subscription to the service allowed the website to be accessed seamlessly and free of charge. In
early September of 2021, a list of 15 query strings was created. These query strings consisted of
words related to game theory and infrastructure security (e.g “game,” “theory,” “infrastructure,”
“security,” “modeling,” etc.) separated by either the AND or OR operator. Once entered into the
search bar, these query strings returned all the documents that fulfill the conditions of the query
string. Scopus also has an option to search based on abstract, title, keywords, or all fields, among
other parameters. Originally, a search based on abstract and title was planned, but it was decided
that searching based on keywords only would be the best course of action due to the excessively
large number of results and the need to pare them down to a manageable workload.
After the results were generated, the results were filtered for only English results. Once the
desired results were acquired, Scopus has an option to export all results to CSV format. Selecting
this option opens a menu in which certain metrics can be included as columns in the CSV to be
generated. The criteria selected for the purposes of this project are shown in Figure 1.
The most important criteria of interest to this research were author, year, source title,
affiliations (which provide information on the country of publication), author and index
1
For more information about Scopus, visit https://www.elsevier.com/solutions/scopus.
5
keywords, and references. A table, shown in Table 1, was created to document the number of
results returned, the highest of which was generated by the string game AND theory AND
infrastructure, having 568 results.
Figure 1: The criteria selection menu in Scopus.
6
Table 1: The table used to track the number of results returned by the query string
Query String
Number of Results Returned
game AND theory AND infrastructure AND security
131
game AND theory AND infrastructure
568
Game AND theory AND infrastructure AND protection
35
Mathematical AND modeling AND infrastructure AND security AND
game AND theory
0
critical AND infrastructure AND game AND theory
64
mathematical AND modeling AND infrastructure AND security
20
mathematical AND modeling AND infrastructure AND protection
14
risk AND modeling AND infrastructure AND security
108
threat AND assessment AND infrastructure AND security
159
threat AND assessment AND infrastructure AND security AND model
AND game AND theory
2
game AND theory AND terrorism
164
Game AND theory AND cybersecurity AND infrastructure
6
Game AND theory AND cyber AND security AND infrastructure
32
Game AND theory AND cybersecurity
104
Game AND theory AND cyber AND security
348
For big-picture analysis, the CSVs for each query string were combined via copy-paste into one
large CSV file, shown in Figure 3. The duplicate titles were removed, removing over 400 entries
from the CSV, resulting in a total of 1,244 publications. This file represents the selected body of
literature and was the basis of all graphical visualizations of trends created from this point
onward.
7
Figure 2: A screenshot of the combined CSV. For the sake of image quality, this image was
cropped to only show a sliver of the entire CSV, as it has columns that span from A to GC and
encompasses 1,244 rows.
2.2.
Bibliometric Analysis
Bibliometric analysis is a research method used by scholars to analyze trends in the
popularity and relevance of journals and articles and to explore the thematic and intellectual
makeup of a body of research by way of analyzing collaboration patterns and citation patterns
(Donthu et al., 2021). VOSviewer2 is a tool for bibliometric analysis and is one of many tools
that provide visualizations of how the publications relate to each other. These visualizations
appear as massive webs, with nodes representing the authors, countries, or publication outlets
(i.e., journals), and lines connecting them representing relationships between them. The nodes
are organized into clusters of closely-related publications. Specifics of these relations will be
explained further in this section. Relatedness can also appear as heatmaps, which show brightly
colored spots instead of clusters of nodes. The brighter the spots, the more clustering there is
(Van Eck and Waltman, 2018).
While the process for bibliometric analysis varies among authors and publications, the
2
For more information about VOSviewer, visit https://www.VOSviewer.com/. VOSviewer was chosen because of
its compatibility with Scopus. Other related tools required subscriptions to Web of Science, which ASU does not
have.
8
three most commonly used techniques are bibliographic coupling, co-citation analysis, and
citation analysis (Donthu et al., 2021). Bibliographic coupling indicates the level of overlap
between two nodes, wherein a node represents a publication. The nodes are said to be
bibliographically coupled if they both cite an external source, therefore sharing a reference. The
strength of this relationship is represented by a positive number called the link strength, and the
higher the link strength, the stronger the relationship between the nodes is, and the more overlap
there is between their references. The co-citation metric represents the frequency at which two
publications are cited together, i.e., they appear together in the reference list of another
publication. A higher link strength corresponds to a higher frequency in which the two
publications appear in the reference lists of other documents. Finally, the citations metric
represents the number of times a publication is cited. A link between two nodes means that one
publication cites the other. The link strength is proportional to the frequency by which one
document cites the other. For each bibliographic map, both the regular network and the heatmap
(density map) were generated.
2.3
Publication Trends
In keeping with our research questions, the contributions from authors and countries,
trends in the number of publications per year, trends in the importance of selected publications,
and trends in the authorship of publications (i.e., how the number of authors of a publication
changed over time) were analyzed and depicted visually. Information from the VOSviewer maps
and Scopus was obtained to create tables and graphs.
9
Figure 3: Flowchart outlining the high-level overview of the methodology
3. Results and Significance of Findings
3.1
Authors Most Similar in Subject Matter
A bibliographic coupling by the author was performed in order to obtain a preliminary
idea of the authors to consider when searching for significant authors. The resulting map is
shown in Figures 4a and 4b. Figure 4b shows the relative homogeneity of the body of research in
this area and suggests that while there may be many clusters, the publications are more alike than
different. These clusters are formed based on link strength, or in this case, how frequently they
cite the same external source. Smaller clusters indicate more isolated, compartmentalized bodies
of work. One such cluster, for example, represented by a gray node is dominated by Chen Q.
(Qianbin Chen), having published 3 documents and with a link strength of 144. His research
focuses attention on ad hoc networks and mobile networks. One paper studies how such
networks relate to vehicle and infrastructure communication (Chen et al., 2014).
10
In a more heterogeneous research domain, multiple hotspots would appear on this map
rather than one large spot. One can surmise that this may be due to how relatively young this
research domain is.
11
Figures 4a and 4b: Bibliographic coupling by the author, visualized by the network map and
heatmap respectively
As can be seen from Figure 4a, Zhu Q. (Quanyan Zhu), represented by the purple node,
stands out as the author with the most bibliographic couplings, due to the size of the
corresponding node compared to all other nodes. He has contributed 35 documents and has a link
strength of 12,470. One of his papers, “Adaptive Strategic Cyber Defense for Advanced
Persistent Threats in Critical Infrastructure Networks,” investigates the connection between
game theory, specifically Bayesian games, and protecting critical infrastructure, both physical
and cyber (Zhu and Huang, 2018). He and Chen J. (Juntao Chen, with 14 documents and a link
strength of 3,751), another author, belong in the same cluster, as both of their corresponding
nodes are purple. Chen J. and Zhu Q. share authorship of 11 documents and publications
regarding game-theoretic approaches to protecting critical infrastructure (especially on the topic
of Smart Grid networks) from not only physical attacks but also cyber-attacks, such as data
12
injection attacks, for example. They, along with Touati C. (Corinne Touati), have written a paper
called “A Dynamic Game Approach to Strategic Design of Secure and Resilient Infrastructure
Network,” another paper that links game theory to both physical infrastructure security and
cybersecurity (Zhu et al., 2020).
Another prominent author represented in Figure 4a by the yellow node with a link
strength of 6,733 and 16 documents, was Kamhoua C.A. (Charles A. Kamhoua), who has written
papers in the areas of game theory, cyber security, and the internet of things. His corresponding
node is located directly adjacent to Kwiat K.A (Kevin A. Kwiat), who, like Kamhoua, has
published papers relating game theory to cybersecurity and the internet of things. One of their
most cited papers, titled “Game-theoretic modeling of security and interdependency in a public
cloud,” investigates the relationship between game theory and public cloud platform security by
utilizing a mathematical framework (Kamhoua et al., 2014). The link between their nodes has the
highest link strength of 613, and together, they share the authorship of 31 documents in total.
Interestingly, when hovering over his corresponding node in VOSviewer, it was discovered to
branch out to other nodes that were located mostly within the same cluster, one notable exception
being Zhu Q. This seemed to corroborate the earlier findings and suggested that his, and Kwiat’s
research was more narrow in focus, concentrating on game theory as it relates to cyber security
rather than critical infrastructure protection.
Similarly, another key author, Panaousis E. (Emmanouil Panaousis), with 13 associated
documents, was found to be bibliographically coupled with authors that mostly belonged to the
same cluster, (with one exception again being Zhu Q.), suggesting that this author’s area of
research is concentrated in one specific discipline His strongest bibliographic coupling, with link
strength 613, is with Rass S. (Stefan Rass), who has published 7 papers in this research body,
13
that are mainly focused on cyber and mobile networks. Their most cited paper, with 6 citations,
is titled “Cut-The-Rope: A Game of Stealthy Intrusion,” and it focuses on advanced persistent
threats (APTs) which are stealthy attackers that penetrate computer networks and remain
undetected for long periods of time. They employ a game-theoretic model, with the APTs
representing the “attackers” or “terrorists,” to devise a strategy to “cut the rope” or to minimize
the attacker’s odds of reaching a critical area (Panaousis et al., 2019).
Vorobeychik Y. (Yevgeniy Vorobeychik), represented by a blue node in Figure 4a,
published 8 documents and had a total link strength of 3,095, linked Zhu Q. to another influential
author, Tambe M. (Milind Tambe). It was determined that publications authored (or partly
authored) by Tambe and Vorobeychik tended to reflect the applications of game theory to both
cybersecurity and critical infrastructure security. One such paper of which Tambe and
Vorobeychik, among other authors, share authorship was titled “Security games with surveillance
cost and optimal timing of attack execution.” This publication focuses primarily on Stackelberg
games, a specific category of game in game theory, and their applications to critical
infrastructure security (Vorobeychik et al., 2013). This paper is their most cited work, with 44
citations.
Rao N.S.V (Nageswara S.V Rao), having contributed 14 documents, was also determined
to branch within the same cluster, while also sharing common references with Zhu Q., as evident
by the link between them. His research focus was on cyber-physical infrastructures. His most
popular work, with 39 citations, “Defense of Cyber Infrastructures Against Cyber-Physical
Attacks Using Game-Theoretic Models,” discusses game-theoretic models that take both cyber
and physical infrastructures into account, as cyberinfrastructure relies on not just cyber
components, but also physical components (Rao et al., 2016).
14
3.2.
Most Co-Cited Sources
The next step was to perform a co-citation analysis. Two sources are connected if they are
both cited in another document. The results are shown in Figures 5a and 5b.
15
Figures 5a and 5b: Co-citation by source, visualized by the network map and heatmap
respectively
There are 13 clusters that represent the disciplines of computer science and mathematical and
statistical modeling. IEEE Transactions on Smart Grid,3 represented by the large red node on the
right-hand side of Figure 5a, was found to be the most influential source, having a link strength
of 3,803 and 268 co-citations. IEEE Transactions on Smart Grid is an interdisciplinary journal
that encompasses publications relating to the development of the Smart Grid, an electrical grid
with the ability to communicate with automation and IT systems. This ties directly into the main
subject area of interest to us: critical infrastructure. However, given that many of the authors
discovered also published papers in cybersecurity, it is no surprise that this journal has been
co-cited with other references in other clusters.
3
For more information on IEEE Transactions on Smart Grid, visit
https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=5165411.
16
The European Journal of Operations4 and Risk Analysis,5 both green nodes located on the
left of Figure 5a, were determined to be the two most influential references in the green cluster,
with 105 citations. The European Journal of Operations is concerned primarily with, as the title
suggests, operational research, i.e., using analytical, statistical, and stochastic methods to
improve decision-making. Risk Analysis, with 104 citations, is, as the title suggests, concerned
with the subject of using mathematical principles to analyze and mitigate risk.
Interestingly, Econometrica,6 represented by a red node between the red and green
clusters in Figure 5a, with 117 citations, was found to be a journal that linked the red cluster to
the green cluster. This is a journal that encompasses publications regarding a variety of principles
of applied economics. It especially deals in econometrics, the intersection of statistics and
economics.
Residing in the pink cluster in Figure 5a with a link strength of 2,774 and with 115
citations is the journal Automatica.7 This journal’s subject matter is in the area of systems and
control, the discipline of applying mathematical and computational principles for the modeling
and control of systems. It has applications in a variety of fields, but in this case, the field of
interest is cyber security and infrastructure security. Given that it serves as the bridge between
the three largest clusters, it can be inferred that it serves as a broad reference for authors who
published papers relating specifically to mathematical modeling, protecting the smart grid,
energy, and engineering.
When the bibliographic coupling by the author was performed and the heatmap was
generated and analyzed, the picture suggested a relatively homogeneous body of research, with
4
For more information on the European Journal of Operations, visit
https://www.journals.elsevier.com/european-journal-of-operational-research.
5
For more information on Risk Analysis, visit https://onlinelibrary.wiley.com/journal/15396924.
6
For more information on Econometrica, visit https://onlinelibrary.wiley.com/journal/14680262.
7
For more information on Automatica, visit https://www.journals.elsevier.com/automatica.
17
authors who published in the same domain having large overlaps in their reference lists.
However, as can be seen in Figure 7, there are two large clusters, suggesting that the primary
thematic makeup of this body of research is mathematical modeling, systems and control, and
engineering, all incredibly broad fields. Therefore, given the heatmap and the journals of interest,
it can be inferred that current research in this field is highly clustered in two main disciplines:
engineering/computing, and mathematical modeling.
3.3.
Most Cited Sources
A citation analysis of the sources allowed for the determination of the pattern of citations
in this body of research, the results of which are shown in Figures 6a and 6b. Two striking
findings arose from this stage. First of all, the clusters and the total link strength were much
smaller than those in the co-citation mapping. Second of all, while the most influential source
matched that of the co-citation analysis (IEEE Transactions on Smart Grid, with 15 documents
and a link strength of 37), another prominent source that was not mentioned in the previous stage
arose with a link strength of 32. This was found to be Lecture Notes in Computer Science
(including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in
Bioinformatics),8 with 66 publications. Seminal sources from the co-citation analysis remained
influential within their own clusters (e.g., Risk Analysis, and the European Journal of
Operational Research).
8
For more information on Lecture Notes in Computer Science, visit https://www.springer.com/series/558.
18
Figures 6a and 6b: Citation by source, visualized by the network map and heatmap respectively
19
It is important to note that while the Lecture Notes in Computer Science node is not as influential
as the IEEE transactions node, it appears larger because it has more documents associated with
it.
Lecture Notes in Computer Science is a series of books that includes the aforementioned
subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics. This set of
publications is committed to publishing and documenting new developments in computer science
and information technology. Its repeated appearance as the top-contributing reference for many
query strings suggests that the field of game theory and critical infrastructure security has been
heavily syncretized with computer science, and has transcended the realm of math and statistics,
thus highlighting a key phase of evolution in the research in this domain. One reason that this
reference did not feature as prominently in the co-citation network could be that it is a series of
books that are composed primarily of conference proceedings, rather than a journal composed of
a myriad of articles. Therefore, authors may prefer to cite the specific conference proceeding
relevant to their research, rather than the entire series.
While there is a link between Lecture Notes in Computer Science and IEEE Transactions
on Smart Grid (indicating that publications within these journals cite each other), there is no link
between Lecture Notes in Computer Science or IEEE Transactions on Smart Grid and European
Journal of Operational Research. There is a link, however, between the European Journal of
Operational Research and Risk Analysis, and between Risk Analysis and IEEE Transactions on
Smart Grid.
Another influential source that appeared in this mapping was Reliability Engineering and
System Safety.9 This journal deals primarily with the safety and reliability of key elements of
9
For more information on Reliability Engineering and System Safety, visit
https://www.journals.elsevier.com/reliability-engineering-and-system-safety.
20
infrastructure such as nuclear power plants, hazardous waste facilities, factories, and
transportation systems, among others. This journal was found to have links to IEEE Transactions
on Smart Grid, Risk Analysis, and the European Journal of Operational Research and Risk
Analysis, but not to Lecture Notes in Computer Science. In fact, the only one of these
publications with a link to Lecture Notes in Computer Science was IEEE Transactions on Smart
Grid.
To summarize our first key finding from this analysis, out of the European Journal of
Operational Research, Risk Analysis, Reliability Engineering and System Safety, and IEEE
Transactions on Smart Grid, IEEE Transactions on Smart Grid is the only journal with a
connection to Lecture Notes in Computer Science. Second of all, the European Journal of
Operational Research connects to Risk Analysis and Reliability Engineering and System Safety.
Once again, this shows that the thematic makeup and intellectual dynamics of this body of
research generally fall within two areas: the engineering/computing component, and the
mathematical/statistical component, and Reliability Engineering and System Safety is the journal
that synthesizes these two disciplines, as it was found earlier to be the bridge between these two
disciplines. As seen in Figure 6b, the European Journal of Operational Research is located in an
isolated cluster, while IEEE Transactions on Smart Grid, Risk Analysis, and Reliability
Engineering and System Safety are located in the large central cluster, albeit in different
locations.
3.4
Publication Trends
After the bibliometric analysis stage came the performance analysis stage, the first step of
which was documenting the change in the number of publications over the years.
21
Figure 7: The number of publications in a given year over time from 2002 onward.
As shown in Figure 7, there was a clear trend upward in the number of papers published. The
peak publishing period occurred from roughly 2017 to 2020. This trend is not surprising given
that game theory and infrastructure security is a relatively young field, as evident from the
absence of any publications prior to 2002, and the low levels of activity from 2002 to 2009.
Given that the bulk of publishing activity happened within the last 5 years, a clear, general
upward trajectory in publishing activity for the foreseeable future is not out of the question.
The next step was to determine the countries that contributed the most to research in this
area as another area of research. To obtain the number of publications contributed by countries,
VOSviewer was used to bibliographically couple the documents by country. VOSViewer obtains
this information from the “Affiliations” criteria in Scopus, in which the country of publication is
listed. After listing the countries and the corresponding number of documents in columns, a chart
22
was created with countries on the x-axis and the number of publications on the y-axis.
Figure 8: Analysis of contributions by country.
As evident from Figure 8 above, the United States by far has contributed the most publications to
this research domain, with China, and the United Kingdom appearing in second and third place
respectively.
The next stage was to document the performance of certain publications and journals. Of
particular interest to us were the journals found to be influential in the earlier science mapping
stage. First of all, the change in performance of Lecture Notes in Computer Science was tracked.
It first appeared in 2008, contributing only 1 publication, followed by 7 publications in 2012, 3
in 2013, 6 in 2014, 9 in 2015, 8 in 2016, 16 in 2017, 21 in 2018, 17 in 2019, and 8 in 2020.
Reliability Engineering and System Safety began with 1 article in 2009, 1 article in 2010, 5 in
2015, 1 article in 2019, and 6 in 2020. The European Journal of Operational Research
contributed its first publication in 2012, followed by 2 in 2014, 3 in 2015, 2 in 2017, and 5 in
2019. Risk Analysis began its contributions with 7 articles in 2016, 1 in 2019, and 3 in 2020. The
23
remaining publications came from a slew of proceedings and IEEE transactions.
The next stage was documenting the growth of the most cited papers by creating a
histogram for each one. One such example is shown in Figure 9.
Figure 9: A histogram documenting the number of times a paper of interest was cited over the
years. In this case, the paper in question is titled “A Game theory approach to measuring the
performance reliability of transport networks.”
Our findings from this step showed that all papers followed the general trend of peaking in
importance during the mid-late 2010s, with some patterns being more erratic than others.
The final task was to analyze trends in the authorship of the publications. The maximum
number of authors of a given document was found to be 16 authors. There were 70 documents
with 1 author, 290 documents with 2 authors, 334 documents with 3 authors, 253 with 4 authors,
159 with 5 authors, 94 with 6 authors, 14 with 7 authors, 17 with 8 authors, 6 with 9 authors,
1with 10 authors, 1 with 13 authors, and 1 with 16 authors. Regarding the change in authorship,
24
no clear trend was discovered, as it appeared erratic, not following the clear upward trend seen in
publication numbers over the years.
4. Conclusions and Considerations for Future Research
In the relatively new but burgeoning research domain of game theory and infrastructure
security, analyzing research trends provides insights into how the research has changed in topic
or relevance. Based on our research, it can be concluded that game theory as it relates to
infrastructure security has not yet reached a point in which it has become so large of a domain
that multiple, distinct sub-disciplines within it emerge, as publications that concern themselves
with a specific application of this field remain connected to publications in other disciplines. The
analysis of key journals revealed potential emerging disciplines within this research topic, which
may include statistical or stochastic modeling, computer science, cybersecurity, econometrics,
and civil engineering. Therefore, it remains to be seen how this research domain will
differentiate into well-defined, discrete sub-disciplines in the future.
One consideration for further future research is to delve deeper into the actual content of
these papers and examine the research domain more closely via natural language processing.
This would help us answer the questions as to what types of games are discussed in this
application of game theory (co-operative or non-cooperative, etc.), what types of infrastructure
are discussed most often, and what types are overlooked and have yet to be fully researched, for
instance. It would also allow us to perform an in-depth textual analysis and develop a coding
protocol to sort and organize the papers by discipline. As this project was mainly concerned with
references, citations, and keywords, we would be presented with the opportunity to peruse the
actual contents of the papers, rather than perform a surface-level analysis.
25
References:
[1] Bergal, J. (2021, March 10), Florida hack exposes danger to water systems. The Pew
Charitable
Trusts.
Retrieved
April
28,
2022,
from
https://www.pewtrusts.org/en/research-and-analysis/blogs/stateline/2021/03/10/florida-hack-exp
oses-danger-to-water-systems#:~:text=5%2C%20a%20plant%20operator%20for,100%20times%
20higher%20than%20normal.
[2] Bier, V. M., & Tas, S. (2012). Game theory in infrastructure security. Critical Infrastructure
Security, 91–104. https://doi.org/10.2495/978-1-84564-562-5/06
[3] Chai, R., Lv, Y., Yang, B., & Chen, Q. (2014). Cooperative game based Relay Vehicle
Selection Algorithm for Vanets. 2014 14th International Symposium on Communications and
Information Technologies (ISCIT). https://doi.org/10.1109/iscit.2014.7011864
[4] Chen, J., Touati, C., & Zhu, Q. (2019). A dynamic game approach to strategic design of
secure and Resilient Infrastructure Network. IEEE Transactions on Information Forensics and
Security, 15, 462–474. https://doi.org/10.1109/tifs.2019.2924130
[5] Donthu, N., Kumar, S., Mukherjee, D., Pandey, N., & Lim, W. M. (2021). How to conduct a
bibliometric analysis: An overview and guidelines. Journal of Business Research, 133, 285–296.
https://doi.org/10.1016/j.jbusres.2021.04.070
[6] Giles, M. (2019, March 5). Triton is the world's most murderous malware, and it's spreading.
MIT
Technology
Review.
Retrieved
May
2,
2022,
from
https://www.technologyreview.com/2019/03/05/103328/cybersecurity-critical-infrastructure-trito
n-malware/
26
[7] Huang, L., & Zhu, Q. (2019). Adaptive strategic cyber defense for advanced persistent threats
in critical infrastructure networks. ACM SIGMETRICS Performance Evaluation Review, 46(2),
52–56. https://doi.org/10.1145/3305218.3305239
[8] Kamhoua, C. A., Kwiat, L., Kwiat, K. A., Park, J. S., Zhao, M., & Rodriguez, M. (2014).
Game theoretic modeling of security and interdependency in a public cloud. 2014 IEEE 7th
International Conference on Cloud Computing, 514–521. https://doi.org/10.1109/cloud.2014.75
[9] Manshaei, M. H., Zhu, Q., Alpcan, T., Bacşar, T., & Hubaux, J.-P. (2013). Game theory meets
network
security
and
privacy.
ACM
Computing
Surveys,
45(3),
1–39.
https://doi.org/10.1145/2480741.2480742
[10] Rass, S., König, S., & Panaousis, E. (2019). Cut-the-rope: A game of stealthy intrusion.
Lecture Notes in Computer Science, 404–416. https://doi.org/10.1007/978-3-030-32430-8_24
[11] Tambe, M., Jain, M., Pita, J. A., & Jiang, A. X. (2012). Game theory for security: Key
algorithmic principles, deployed systems, Lessons Learned. 2012 50th Annual Allerton
Conference
on
Communication,
Control,
and
Computing
(Allerton).
https://doi.org/10.1109/allerton.2012.6483443
[12] Van Eck, N. J., & Waltman, L. (2018). VOSviewer manual. Leiden: Univeristeit Leiden,
1(1), 1-53.
[13] Vorobeychik, Y., An, B., Brown, M., & Tambe, M. (2013). 12th International Conference on
Autonomous Agents and Multiagent Systems 2013, AAMAS 2013. In 12th International
Conference on Autonomous Agents and multiagent systems 2013 (AAMAS 2013): Saint Paul,
Minnesota, USA, 6-10 May 2013 (pp. 223–230). St. Paul, MN, USA.
27
[14] Rao, N. S., Poole, S. W., Ma, C. Y., He, F., Zhuang, J., & Yau, D. K. (2016). Defense of
cyber infrastructures against cyber‐physical attacks using game‐theoretic models. Risk Analysis,
36(4), 694–710. https://doi.org/10.1111/risa.12362
Related documents
CLASSROOM DISCUSSION POINT 2022
CLASSROOM DISCUSSION POINT 2022
Download
advertisement