Skip to main content

Research Repository

Advanced Search

A Game Theoretical Method for Cost-Benefit Analysis of Malware Dissemination Prevention

Spyridopoulos, Theodoros; Maraslis, Konstantinos; Mylonas, Alexios; Tryfonas, Theo; Oikonomou, George

A Game Theoretical Method for Cost-Benefit Analysis of Malware Dissemination Prevention Thumbnail


Konstantinos Maraslis

Alexios Mylonas

Theo Tryfonas

George Oikonomou


Copyright © Taylor & Francis Group, LLC. Literature in malware proliferation focuses on modeling and analyzing its spread dynamics. Epidemiology models, which are inspired by the characteristics of biological disease spread in human populations, have been used against this threat to analyze the way malware spreads in a network. This work presents a modified version of the commonly used epidemiology models Susceptible Infected Recovered (SIR) and Susceptible Infected Susceptible (SIS), which incorporates the ability to capture the relationships between nodes within a network, along with their effect on malware dissemination process. Drawing upon a model that illustrates the network’s behavior based on the attacker’s and the defender’s choices, we use game theory to compute optimal strategies for the defender to minimize the effect of malware spread, at the same time minimizing the security cost. We consider three defense mechanisms: patch, removal, and patch and removal, which correspond to the defender’s strategy and use probabilistically with a certain rate. The attacker chooses the type of attack according to its effectiveness and cost. Through the interaction between the two opponents we infer the optimal strategy for both players, known as Nash Equilibrium, evaluating the related payoffs. Hence, our model provides a cost-benefit risk management framework for managing malware spread in computer networks.


Spyridopoulos, T., Maraslis, K., Mylonas, A., Tryfonas, T., & Oikonomou, G. (2015). A Game Theoretical Method for Cost-Benefit Analysis of Malware Dissemination Prevention. Information Security Journal: A Global Perspective, 24(4-6), 164-176.

Journal Article Type Article
Acceptance Date Sep 6, 2015
Publication Date Dec 31, 2015
Deposit Date Mar 16, 2016
Publicly Available Date Mar 23, 2016
Journal Information Security Journal
Print ISSN 1939-3555
Electronic ISSN 1939-3547
Publisher Taylor & Francis
Peer Reviewed Peer Reviewed
Volume 24
Issue 4-6
Pages 164-176
Keywords epidemiology models, game theory, malware proliferation, network security, SIR, SIS
Public URL
Publisher URL
Additional Information Additional Information : This is an Accepted Manuscript of an article published by Taylor & Francis in Information Security Journal: A Global Perspective on 09 October 2015, available online:


You might also like

Downloadable Citations