Mitigating covert compromises: A game-theoretic model of targeted and non-targeted covert attacks

Aron Laszka, Benjamin Johnson, Jens Grossklags

Research output: Chapter in Book/Report/Conference proceedingConference contribution

17 Scopus citations

Abstract

Attackers of computing resources increasingly aim to keep security compromises hidden from defenders in order to extract more value over a longer period of time. These covert attacks come in multiple varieties, which can be categorized into two main types: targeted and non-targeted attacks. Targeted attacks include, for example, cyberespionage, while non-targeted attacks include botnet recruitment. We are concerned with the subclass of these attacks for which detection is too costly or technically infeasible given the capabilities of a typical organization. As a result, defenders have to mitigate potential damages under a regime of incomplete information. A primary mitigation strategy is to reset potentially compromised resources to a known safe state, for example, by reinstalling computer systems, and changing passwords or cryptographic private keys. In a game-theoretic framework, we study the economically optimal mitigation strategies in the presence of targeted and non-targeted covert attacks. Our work has practical implications for the definition of security policies, in particular, for password and key renewal schedules.

Original languageEnglish (US)
Title of host publicationWeb and Internet Economics - 9th International Conference, WINE 2013, Proceedings
Pages319-332
Number of pages14
DOIs
StatePublished - Dec 1 2013
Event9th International Conference on Web and Internet Economics, WINE 2013 - Cambridge, MA, United States
Duration: Dec 11 2013Dec 14 2013

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume8289 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other9th International Conference on Web and Internet Economics, WINE 2013
CountryUnited States
CityCambridge, MA
Period12/11/1312/14/13

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint Dive into the research topics of 'Mitigating covert compromises: A game-theoretic model of targeted and non-targeted covert attacks'. Together they form a unique fingerprint.

  • Cite this

    Laszka, A., Johnson, B., & Grossklags, J. (2013). Mitigating covert compromises: A game-theoretic model of targeted and non-targeted covert attacks. In Web and Internet Economics - 9th International Conference, WINE 2013, Proceedings (pp. 319-332). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 8289 LNCS). https://doi.org/10.1007/978-3-642-45046-4_26