Mitigating covert compromises: A game-theoretic model of targeted and non-targeted covert attacks

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 8289 LNCS, Issue , 2013, Pages 319-332

  Laszka, Aron ^a,b   Johnson, Benjamin ^c   Grossklags, Jens ^a  

^a PENNSYLVANIA STATE UNIVERSITY   (United States)

^b BUDAPEST UNIVERSITY OF TECHNOLOGY AND ECONOMICS   (Hungary)

^c UNIVERSITY OF CALIFORNIA   (United States)

Author keywords

Computer Security; Covert Compromise; Game Theory; Non Targeted Attacks; Targeted Attacks

Indexed keywords

COMPUTING RESOURCE; COVERT COMPROMISE; GAME-THEORETIC MODEL; INCOMPLETE INFORMATION; MITIGATION STRATEGY; NON-TARGETED; OPTIMAL MITIGATION; TARGETED ATTACKS;

AUTHENTICATION; INTERNET; NETWORK SECURITY; SECURITY OF DATA; SECURITY SYSTEMS;

GAME THEORY;

EID: 84893093420     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-642-45046-4_26     Document Type: Conference Paper

References (19)

1. Bencsath, B., Pek, G., Buttyán, L., Felegyhazi, M.: The cousins of Stuxnet: Duqu, Flame, and Gauss. Future Internet 4(4), 971-1003 (2012)
2. Blackwell, D.: The noisy duel, one bullet each, arbitrary accuracy. Technical report, The RAND Corporation, D-442 (1949)
3. Bowers, K., van Dijk, M., Griffin, R., Juels, A., Oprea, A., Rivest, R., Triandopoulos, N.: Defending against the unknown enemy: Applying FLIPIT to system security. In: Grossklags, J., Walrand, J. (eds.) GameSec 2012. LNCS, vol. 7638, pp. 248-263. Springer, Heidelberg (2012)
4. Casey, E.: Determining intent - Opportunistic vs. targeted attacks. Computer Fraud & Security 2003(4), 8-11 (2003)
5. ESET Press Center. ESET and Sucuri uncover Linux/Cdorked.A: The most sophisticated Apache backdoor (2013), http://www.eset.com/int/about/press/ articles/article/eset-and-sucuri-uncover-linuxcdorkeda-apache-webserver- backdoor-the-most-sophisticated-ever-affecting-thousands-of-web-sites/
6. Grossklags, J., Christin, N., Chuang, J.: Secure or insure? A game-theoretic analysis of information security games. In: Proc. of the 17th International World Wide Web Conference (WWW), pp. 209-218 (2008)
7. Herley, C.: The plight of the targeted attacker in a world of scale. In: 9th Workshop on the Economics of Information Security, WEIS (2010)
8. Johnson, B., Böhme, R., Grossklags, J.: Security games with market insurance. In: Baras, J.S., Katz, J., Altman, E. (eds.) GameSec 2011. LNCS, vol. 7037, pp. 117-130. Springer, Heidelberg (2011)
9. Johnson, B., Grossklags, J., Christin, N., Chuang, J.: Are security experts useful? Bayesian nash equilibria for network security games with limited information. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 588-606. Springer, Heidelberg (2010)
10. Kaspersky Lab. Gauss (2012), http://www.kaspersky.com/gauss
11. Laszka, A., Felegyhazi, M., Buttyán, L.: A survey of interdependent security games. Technical Report CRYSYS-TR-2012-11-15, CrySyS Lab, Budapest University of Technology and Economics (November 2012)
12. Laszka, A., Horvath, G., Felegyhazi, M., Buttyan, L.: FlipThem: Modeling targeted attacks with FlipIt for multiple resources. Technical report, Budapest University of Technology and Economics (2013)
13. Laszka, A., Johnson, B., Grossklags, J.: Mitigation of targeted and non-targeted covert attacks as a timing game. In: Proc. of GameSec 2013 (2013)
14. Laszka, A., Johnson, B., Schöttle, P., Grossklags, J., Böhme, R.: Managing the weakest link: A game-theoretic approach for the mitigation of insider threats. In: Crampton, J., Jajodia, S., Mayes, K. (eds.) ESORICS 2013. LNCS, vol. 8134, pp. 273-290. Springer, Heidelberg (2013)
15. Nochenson, A., Grossklags, J.: A behavioral investigation of the FlipIt game. In: 12th Workshop on the Economics of Information Security, WEIS (2013)
16. Pham, V., Cid, C.: Are we compromised? Modelling security assessment games. In: Grossklags, J., Walrand, J. (eds.) GameSec 2012. LNCS, vol. 7638, pp. 234-247. Springer, Heidelberg (2012)
17. Radzik, T.: Results and problems in games of timing. In: Statistics, Probability and Game Theory: Papers in Honor of David Blackwell. Lecture Notes-Monograph Series, Statistics, vol. 30, pp. 269-292 (1996)
18. Reitter, D., Grossklags, J., Nochenson, A.: Risk-seeking in a continuous game of timing. In: Proc. of the 13th International Conference on Cognitive Modeling (ICCM), pp. 397-403 (2013)
19. van Dijk, M., Juels, A., Oprea, A., Rivest, R.: FlipIt: The game of "stealthy takeover". Journal of Cryptology 26, 655-713 (2013)