Interdependent Defense Games: Modeling Interdependent Security under Deliberate Attacks

We propose interdependent defense (IDD) games, a computational game-theoretic framework to study aspects of the interdependence of risk and security in multi-agent systems under deliberate external attacks. Our model builds upon interdependent security (IDS) games, a model due to Heal and Kunreuther that considers the source of the risk to be the result of a fixed randomizedstrategy. We adapt IDS games to model the attacker’s deliberate behavior. We define the attacker’s pure-strategy space and utility function and derive appropriate cost functions for the defenders. We provide a complete characterization of mixed-strategy Nash equilibria (MSNE), and design a simple polynomial-time algorithm for computing all of them, for an important subclass of IDD games. In addition, we propose a randominstance generator of (general) IDD games based on a version of the real-world Internet-derived Autonomous Systems (AS) graph (with around 27K nodes and 100K edges), and present promising empirical results using a simple learning heuristics to compute (approximate) MSNE in such games.

💡 Research Summary

The paper introduces Interdependent Defense (IDD) games, an extension of the classic Interdependent Security (IDS) framework that explicitly incorporates a strategic attacker rather than treating risk as an exogenous random event. In traditional IDS games, each player decides whether to invest in protection, and the probability of a “bad event” is fixed and independent of any deliberate adversary. The authors argue that many real‑world security scenarios—cyber attacks, terrorism, supply‑chain threats—are driven by attackers who choose targets, and whose success probabilities and contagion effects depend on both the attacker’s actions and the defenders’ security investments.

To capture this, the model adds an attacker with a binary decision vector b ∈ {0,1}ⁿ, where b_i = 1 indicates that defender i is directly targeted. The intrinsic success probability of an attack on i is denoted b p_i, and the conditional probability that an attack propagates from i to a neighbor j is b q_ij. These parameters are multiplied by the attacker’s binary choices, so that direct risk p_i = b_i b p_i and transfer risk q_ij = b_i b q_ij become zero when i is not targeted.

Defenders retain a binary investment decision a_i ∈ {0,1}. A new parameter α_i ∈