FlipLeakage: A game-theoretic approach to protect against stealthy attackers in the presence of information leakage

Sadegh Farhang, Jens Grossklags

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

21 Scopus citations

Abstract

One of the particularly daunting issues in the cybersecurity domain is information leakage of business or consumer data, which is often triggered by multi-stage attacks and advanced persistent threats. While the technical community is working on improved system designs to prevent and mitigate such attacks, a significant residual risk remains that attacks succeed and may not even be detected, i.e., they are stealthy. Our objective is to inform security policy design for the mitigation of stealthy information leakage attacks. Such a policy mechanism advises system owners on the optimal timing to reset defense mechanisms, e.g., changing cryptographic keys or passwords, reinstalling systems, installing new patches, or reassigning security staff. We follow a game-theoretic approach and propose a model titled FlipLeakage. In our proposed model, an attacker will incrementally and stealthily take ownership of a resource (e.g., similar to advanced persistent threats). While her final objective is a complete compromise of the system, she may derive some utility during the preliminary phases of the attack. The defender can take a costly recovery move and has to decide on its optimal timing. Our focus is on the scenario when the defender can only partially eliminate the foothold of the attacker in the system. Further, the defender cannot undo any information leakage that has already taken place during an attack. We derive optimal strategies for the agents in FlipLeakage and present numerical analyses and graphical visualizations.

Original languageEnglish
Title of host publicationDecision and Game Theory for Security - 7th International Conference, GameSec 2016, Proceedings
EditorsEmmanouil Panaousis, Milind Tambe, Tansu Alpcan, William Casey, Quanyan Zhu
PublisherSpringer Verlag
Pages195-214
Number of pages20
ISBN (Print)9783319474120
DOIs
StatePublished - 2016
Externally publishedYes
Event7th International Conference on Decision and Game Theory for Security, GameSec 2016 - New York, United States
Duration: 2 Nov 20164 Nov 2016

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume9996 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference7th International Conference on Decision and Game Theory for Security, GameSec 2016
Country/TerritoryUnited States
CityNew York
Period2/11/164/11/16

Fingerprint

Dive into the research topics of 'FlipLeakage: A game-theoretic approach to protect against stealthy attackers in the presence of information leakage'. Together they form a unique fingerprint.

Cite this