Document Type



Confronted with the increasingly severe information security problems, proper configuration of security technologies is critical to enhance the information systems performance. To solve the integrated linkage control problem based on attack detection, the security model including firewall, intrusion detection system (IDS) and vulnerability scan is analyzed by game theory. The analyses show that more IT portfolio will not bring better benefits, and more fixed vulnerabilities are not the better choice for the firm either. However, reasonable configuration of firewall will always reduce the firm’s expected loss. According to the Nash equilibrium of the model, technical parameters are configured to minimize the firm’s expected loss.