Managing the weakest link: A game-theoretic approach for the mitigation of insider threats

Aron Laszka, Benjamin Johnson, Pascal Schöttle, Jens Grossklags, Rainer Böhme

Research output: Chapter in Book/Report/Conference proceedingConference contribution

5 Scopus citations

Abstract

We introduce a two-player stochastic game for modeling secure team selection to add resilience against insider threats. A project manager, Alice, has a secret she wants to protect but must share with a team of individuals selected from within her organization; while an adversary, Eve, wants to learn this secret by bribing one potential team member. Eve does not know which individuals will be chosen by Alice, but both players have information about the bribeability of each potential team member. Specifically, the amount required to successfully bribe each such individual is given by a random variable with a known distribution but an unknown realization. We characterize best-response strategies for both players, and give necessary conditions for determining the game's equilibria. We find that Alice's best strategy involves minimizing the information available to Eve about the team composition. In particular, she should select each potential team member with a non-zero probability, unless she has a perfectly secure strategy. In the special case where the bribeability of each employee is given by a uniformly-distributed random variable, the equilibria can be divided into two outcomes - either Alice is perfectly secure, or her protection is based only on the randomness of her selection.

Original languageEnglish (US)
Title of host publicationComputer Security, ESORICS 2013 - 18th European Symposium on Research in Computer Security, Proceedings
Pages273-290
Number of pages18
DOIs
StatePublished - Oct 4 2013
Event18th European Symposium on Research in Computer Security, ESORICS 2013 - Egham, United Kingdom
Duration: Sep 9 2013Sep 13 2013

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume8134 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other18th European Symposium on Research in Computer Security, ESORICS 2013
Country/TerritoryUnited Kingdom
CityEgham
Period9/9/139/13/13

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint

Dive into the research topics of 'Managing the weakest link: A game-theoretic approach for the mitigation of insider threats'. Together they form a unique fingerprint.

Cite this