Fuzzy Game Theory for Web Security

Web security threat is an intricate and challenging problem. Researchers have been working on the area of web security. However, the security threats related to web applications still exist. Game theoretic models have been applied to tackle diverse network security threats and have been proved to be useful. This paper focuses on using static fuzzy game theory approach to combat web application security threats. In the web security game, the attacker and the security guard can have too many strategies, which will make the problem computationally more complex and time consuming. Hence, fuzzy mathematics can be used to handle the situation. Hence, a Fuzzy game theoretic approach is proposed based on the interactions between the security guard and the ubiquitous attacker. A non-cooperative game is formulated where the attacker tries to access and modify data assets of an organization and the defender tries to protect the resources. The suboptimal Nash equilibrium guarantees that irrespective of the attacker’s strategy the defender’s strategy is optimal.