Regulatory mechanism of vulnerability disclosure behavior considering security crowd-testing: An evolutionary game analysis

Abstract: The security crowd-testing regulatory mechanism is a vital means to promote collaborative vulnerability disclosure. However, existing regulatory mechanisms have not considered multi-agent responsibility boundaries and stakeholders’ conflicts of interest, leading to their dysfunction. Distinguishing from previous research on the motivations and constraints of ethical hacks’ vulnerability disclosure behaviors from a legal perspective, this paper constructs an evolutionary game model of SRCs, security researchers… Show more