An Incentive Mechanism for Reporting Phishing E-Mails Based on the Tripartite Evolutionary Game Model

Abstract

The human is considered as the important link in the phishing attack, and the e-mail security provider encourages users to report suspicious e-mails. However, evidence suggests that reporting is scarce. Therefore, we study how to motivate users to report phishing e-mails in this paper. To solve the problem, a tripartite evolutionary game model among e-mail security providers, e-mail users, and attackers is constructed. We obtain the desired evolutionary stable strategy through solving the replicator dynamics equations. Moreover, the evolution process to the desired evolutionary stable strategy is derived, which can guide the e-mail security provider to make a reasonable incentive mechanism. Lastly, we experiment with a large real-world e-mail network. The experiment results show that our model is effective and practical.