Signal Game Analysis between Software Vendors and Third-Party Platforms in Collaborative Disclosure of Network Security Vulnerabilities
The global network threat is becoming more and more serious, and network security vulnerability management has become one of the critical areas in the national information security emergency system construction. To guide the third-party sharing platforms regarding network security vulnerability mana...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Wiley
2023-01-01
|
| Series: | Complexity |
| Online Access: | http://dx.doi.org/10.1155/2023/1027215 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1849309059287613440 |
|---|---|
| author | Qiang Xiong Yifei Zhu Zhangying Zeng Xinqi Yang |
| author_facet | Qiang Xiong Yifei Zhu Zhangying Zeng Xinqi Yang |
| author_sort | Qiang Xiong |
| collection | DOAJ |
| description | The global network threat is becoming more and more serious, and network security vulnerability management has become one of the critical areas in the national information security emergency system construction. To guide the third-party sharing platforms regarding network security vulnerability management, this work constructs a signal game model comprising third-party vulnerability sharing platforms and software vendors for vulnerability collaborative disclosures. In addition, we analyze the game strategy selection and its influencing factors. The results show that there are two perfect Bayesian equilibria, including separation equilibrium and mixed equilibrium, due to the incomplete lines of information disclosure. The equilibrium state is mainly based on the compression time of the protection period and the existence ratio of the software vendors who develop the patches in the market. This work puts forward some suggestions in terms of the protection period, reputation loss, and relevant laws and regulations. |
| format | Article |
| id | doaj-art-064f84a8cba748bf88cdf2b6653e8fcf |
| institution | Kabale University |
| issn | 1099-0526 |
| language | English |
| publishDate | 2023-01-01 |
| publisher | Wiley |
| record_format | Article |
| series | Complexity |
| spelling | doaj-art-064f84a8cba748bf88cdf2b6653e8fcf2025-08-20T03:54:16ZengWileyComplexity1099-05262023-01-01202310.1155/2023/1027215Signal Game Analysis between Software Vendors and Third-Party Platforms in Collaborative Disclosure of Network Security VulnerabilitiesQiang Xiong0Yifei Zhu1Zhangying Zeng2Xinqi Yang3School of ManagementSchool of ManagementDepartment of Technology and ScienceSchool of ManagementThe global network threat is becoming more and more serious, and network security vulnerability management has become one of the critical areas in the national information security emergency system construction. To guide the third-party sharing platforms regarding network security vulnerability management, this work constructs a signal game model comprising third-party vulnerability sharing platforms and software vendors for vulnerability collaborative disclosures. In addition, we analyze the game strategy selection and its influencing factors. The results show that there are two perfect Bayesian equilibria, including separation equilibrium and mixed equilibrium, due to the incomplete lines of information disclosure. The equilibrium state is mainly based on the compression time of the protection period and the existence ratio of the software vendors who develop the patches in the market. This work puts forward some suggestions in terms of the protection period, reputation loss, and relevant laws and regulations.http://dx.doi.org/10.1155/2023/1027215 |
| spellingShingle | Qiang Xiong Yifei Zhu Zhangying Zeng Xinqi Yang Signal Game Analysis between Software Vendors and Third-Party Platforms in Collaborative Disclosure of Network Security Vulnerabilities Complexity |
| title | Signal Game Analysis between Software Vendors and Third-Party Platforms in Collaborative Disclosure of Network Security Vulnerabilities |
| title_full | Signal Game Analysis between Software Vendors and Third-Party Platforms in Collaborative Disclosure of Network Security Vulnerabilities |
| title_fullStr | Signal Game Analysis between Software Vendors and Third-Party Platforms in Collaborative Disclosure of Network Security Vulnerabilities |
| title_full_unstemmed | Signal Game Analysis between Software Vendors and Third-Party Platforms in Collaborative Disclosure of Network Security Vulnerabilities |
| title_short | Signal Game Analysis between Software Vendors and Third-Party Platforms in Collaborative Disclosure of Network Security Vulnerabilities |
| title_sort | signal game analysis between software vendors and third party platforms in collaborative disclosure of network security vulnerabilities |
| url | http://dx.doi.org/10.1155/2023/1027215 |
| work_keys_str_mv | AT qiangxiong signalgameanalysisbetweensoftwarevendorsandthirdpartyplatformsincollaborativedisclosureofnetworksecurityvulnerabilities AT yifeizhu signalgameanalysisbetweensoftwarevendorsandthirdpartyplatformsincollaborativedisclosureofnetworksecurityvulnerabilities AT zhangyingzeng signalgameanalysisbetweensoftwarevendorsandthirdpartyplatformsincollaborativedisclosureofnetworksecurityvulnerabilities AT xinqiyang signalgameanalysisbetweensoftwarevendorsandthirdpartyplatformsincollaborativedisclosureofnetworksecurityvulnerabilities |