The focus of this review is the long and broad history of attacker-defender games as a foundation for the narrower and shorter history of cyber security. The purpose is to illustrate the role of game theory in cyber security and which areas have received attention and to indicate future research...

A four period game between two firms and two hackers is analyzed. The firms first defend and the hackers thereafter attack and share information. Each hacker seeks financial gain, beneficial information exchange, and reputation gain. The two hackers’ attacks and the firms’ defenses are...

In a two-period game, Player 1 produces zero-day exploits for immediate deployment or stockpiles for future deployment. In Period 2, Player 1 produces zero-day exploits for immediate deployment, supplemented by stockpiled zero-day exploits from Period 1. Player 2 defends in both periods. The...