Using Game Theory to Protect Customers

Our work employs game-theoretic models and other formal mathematical models, together with statistical analysis and extensive empirical analysis of the Internet based on anti-spam/phishing organizations. One of the results of the project is a prototype reputation system for organizations and blocklists.

We’ve launched websites in Asia (joint work with City University of Hong Kong) and the United States, displaying rankings by the number of spam messages and phishing websites of Autonomous Systems (groups of IP addresses) of medical and other organizations in the United States and six countries (Hong Kong, Mainland China, Macau, Taiwan, Singapore, and Malaysia) in Asia.

These websites encourage organizations to improve their security, thereby prohibiting the unethical use of their servers to generate spam and to host phishing websites.

Top Five Organizations with Most Spam and Phishing Volume in Asian Countries

(September 2017)

Borda ranking based on CBL, PSBL, APWG, and OpenPhish

1. China Internet Network Information Center, China
2. Alibaba Technology Co. Ltd., China
3. New World Telecommunications Ltd., Hong Kong
4. Chunghwa Telecom Co. Ltd., Taiwan
5. China Mobile Co. Ltd., China

Acknowledgements and Disclaimer

Any opinions, findings, and conclusions, or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation or any of the data sources listed.

National Science Foundation

The Cybersecurity Project is based upon work supported by the NSF under Grant No. 1718600 1228990 and 0831338. SaTC: Core: Small: Information Disclosure and Security Policy Design: A Large-Scale Randomization Experiment in Trans-Pacific Region.

Data Sources

We gratefully acknowledge custom data from CBL, PSBL, APWG, OpenPhish, and Team Cymru.