FlipLeakage: A game-theoretic approach to protect against stealthy attackers in the presence of information leakage

Sadegh Farhang, Jens Grossklags

Research output: Chapter in Book/Report/Conference proceedingConference contribution

11 Citations (Scopus)

Abstract

One of the particularly daunting issues in the cybersecurity domain is information leakage of business or consumer data, which is often triggered by multi-stage attacks and advanced persistent threats. While the technical community is working on improved system designs to prevent and mitigate such attacks, a significant residual risk remains that attacks succeed and may not even be detected, i.e., they are stealthy. Our objective is to inform security policy design for the mitigation of stealthy information leakage attacks. Such a policy mechanism advises system owners on the optimal timing to reset defense mechanisms, e.g., changing cryptographic keys or passwords, reinstalling systems, installing new patches, or reassigning security staff. We follow a game-theoretic approach and propose a model titled FlipLeakage. In our proposed model, an attacker will incrementally and stealthily take ownership of a resource (e.g., similar to advanced persistent threats). While her final objective is a complete compromise of the system, she may derive some utility during the preliminary phases of the attack. The defender can take a costly recovery move and has to decide on its optimal timing. Our focus is on the scenario when the defender can only partially eliminate the foothold of the attacker in the system. Further, the defender cannot undo any information leakage that has already taken place during an attack. We derive optimal strategies for the agents in FlipLeakage and present numerical analyses and graphical visualizations.

Original languageEnglish (US)
Title of host publicationDecision and Game Theory for Security - 7th International Conference, GameSec 2016, Proceedings
EditorsEmmanouil Panaousis, Milind Tambe, Tansu Alpcan, William Casey, Quanyan Zhu
PublisherSpringer Verlag
Pages195-214
Number of pages20
ISBN (Print)9783319474120
DOIs
StatePublished - Jan 1 2016
Event7th International Conference on Decision and Game Theory for Security, GameSec 2016 - New York, United States
Duration: Nov 2 2016Nov 4 2016

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume9996 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other7th International Conference on Decision and Game Theory for Security, GameSec 2016
CountryUnited States
CityNew York
Period11/2/1611/4/16

Fingerprint

Leakage
Attack
Game
Visualization
Systems analysis
Recovery
Timing
Industry
Security Policy
Password
Optimal Strategy
System Design
Patch
Eliminate
Scenarios
Resources
Model

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

Farhang, S., & Grossklags, J. (2016). FlipLeakage: A game-theoretic approach to protect against stealthy attackers in the presence of information leakage. In E. Panaousis, M. Tambe, T. Alpcan, W. Casey, & Q. Zhu (Eds.), Decision and Game Theory for Security - 7th International Conference, GameSec 2016, Proceedings (pp. 195-214). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9996 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-319-47413-7_12
Farhang, Sadegh ; Grossklags, Jens. / FlipLeakage : A game-theoretic approach to protect against stealthy attackers in the presence of information leakage. Decision and Game Theory for Security - 7th International Conference, GameSec 2016, Proceedings. editor / Emmanouil Panaousis ; Milind Tambe ; Tansu Alpcan ; William Casey ; Quanyan Zhu. Springer Verlag, 2016. pp. 195-214 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
@inproceedings{4e409ae642214a0592a616b86d094efd,
title = "FlipLeakage: A game-theoretic approach to protect against stealthy attackers in the presence of information leakage",
abstract = "One of the particularly daunting issues in the cybersecurity domain is information leakage of business or consumer data, which is often triggered by multi-stage attacks and advanced persistent threats. While the technical community is working on improved system designs to prevent and mitigate such attacks, a significant residual risk remains that attacks succeed and may not even be detected, i.e., they are stealthy. Our objective is to inform security policy design for the mitigation of stealthy information leakage attacks. Such a policy mechanism advises system owners on the optimal timing to reset defense mechanisms, e.g., changing cryptographic keys or passwords, reinstalling systems, installing new patches, or reassigning security staff. We follow a game-theoretic approach and propose a model titled FlipLeakage. In our proposed model, an attacker will incrementally and stealthily take ownership of a resource (e.g., similar to advanced persistent threats). While her final objective is a complete compromise of the system, she may derive some utility during the preliminary phases of the attack. The defender can take a costly recovery move and has to decide on its optimal timing. Our focus is on the scenario when the defender can only partially eliminate the foothold of the attacker in the system. Further, the defender cannot undo any information leakage that has already taken place during an attack. We derive optimal strategies for the agents in FlipLeakage and present numerical analyses and graphical visualizations.",
author = "Sadegh Farhang and Jens Grossklags",
year = "2016",
month = "1",
day = "1",
doi = "10.1007/978-3-319-47413-7_12",
language = "English (US)",
isbn = "9783319474120",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer Verlag",
pages = "195--214",
editor = "Emmanouil Panaousis and Milind Tambe and Tansu Alpcan and William Casey and Quanyan Zhu",
booktitle = "Decision and Game Theory for Security - 7th International Conference, GameSec 2016, Proceedings",
address = "Germany",

}

Farhang, S & Grossklags, J 2016, FlipLeakage: A game-theoretic approach to protect against stealthy attackers in the presence of information leakage. in E Panaousis, M Tambe, T Alpcan, W Casey & Q Zhu (eds), Decision and Game Theory for Security - 7th International Conference, GameSec 2016, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 9996 LNCS, Springer Verlag, pp. 195-214, 7th International Conference on Decision and Game Theory for Security, GameSec 2016, New York, United States, 11/2/16. https://doi.org/10.1007/978-3-319-47413-7_12

FlipLeakage : A game-theoretic approach to protect against stealthy attackers in the presence of information leakage. / Farhang, Sadegh; Grossklags, Jens.

Decision and Game Theory for Security - 7th International Conference, GameSec 2016, Proceedings. ed. / Emmanouil Panaousis; Milind Tambe; Tansu Alpcan; William Casey; Quanyan Zhu. Springer Verlag, 2016. p. 195-214 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 9996 LNCS).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - FlipLeakage

T2 - A game-theoretic approach to protect against stealthy attackers in the presence of information leakage

AU - Farhang, Sadegh

AU - Grossklags, Jens

PY - 2016/1/1

Y1 - 2016/1/1

N2 - One of the particularly daunting issues in the cybersecurity domain is information leakage of business or consumer data, which is often triggered by multi-stage attacks and advanced persistent threats. While the technical community is working on improved system designs to prevent and mitigate such attacks, a significant residual risk remains that attacks succeed and may not even be detected, i.e., they are stealthy. Our objective is to inform security policy design for the mitigation of stealthy information leakage attacks. Such a policy mechanism advises system owners on the optimal timing to reset defense mechanisms, e.g., changing cryptographic keys or passwords, reinstalling systems, installing new patches, or reassigning security staff. We follow a game-theoretic approach and propose a model titled FlipLeakage. In our proposed model, an attacker will incrementally and stealthily take ownership of a resource (e.g., similar to advanced persistent threats). While her final objective is a complete compromise of the system, she may derive some utility during the preliminary phases of the attack. The defender can take a costly recovery move and has to decide on its optimal timing. Our focus is on the scenario when the defender can only partially eliminate the foothold of the attacker in the system. Further, the defender cannot undo any information leakage that has already taken place during an attack. We derive optimal strategies for the agents in FlipLeakage and present numerical analyses and graphical visualizations.

AB - One of the particularly daunting issues in the cybersecurity domain is information leakage of business or consumer data, which is often triggered by multi-stage attacks and advanced persistent threats. While the technical community is working on improved system designs to prevent and mitigate such attacks, a significant residual risk remains that attacks succeed and may not even be detected, i.e., they are stealthy. Our objective is to inform security policy design for the mitigation of stealthy information leakage attacks. Such a policy mechanism advises system owners on the optimal timing to reset defense mechanisms, e.g., changing cryptographic keys or passwords, reinstalling systems, installing new patches, or reassigning security staff. We follow a game-theoretic approach and propose a model titled FlipLeakage. In our proposed model, an attacker will incrementally and stealthily take ownership of a resource (e.g., similar to advanced persistent threats). While her final objective is a complete compromise of the system, she may derive some utility during the preliminary phases of the attack. The defender can take a costly recovery move and has to decide on its optimal timing. Our focus is on the scenario when the defender can only partially eliminate the foothold of the attacker in the system. Further, the defender cannot undo any information leakage that has already taken place during an attack. We derive optimal strategies for the agents in FlipLeakage and present numerical analyses and graphical visualizations.

UR - http://www.scopus.com/inward/record.url?scp=84994798358&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84994798358&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-47413-7_12

DO - 10.1007/978-3-319-47413-7_12

M3 - Conference contribution

AN - SCOPUS:84994798358

SN - 9783319474120

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 195

EP - 214

BT - Decision and Game Theory for Security - 7th International Conference, GameSec 2016, Proceedings

A2 - Panaousis, Emmanouil

A2 - Tambe, Milind

A2 - Alpcan, Tansu

A2 - Casey, William

A2 - Zhu, Quanyan

PB - Springer Verlag

ER -

Farhang S, Grossklags J. FlipLeakage: A game-theoretic approach to protect against stealthy attackers in the presence of information leakage. In Panaousis E, Tambe M, Alpcan T, Casey W, Zhu Q, editors, Decision and Game Theory for Security - 7th International Conference, GameSec 2016, Proceedings. Springer Verlag. 2016. p. 195-214. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/978-3-319-47413-7_12