8,017 research outputs found
Game Theory Meets Network Security: A Tutorial at ACM CCS
The increasingly pervasive connectivity of today's information systems brings
up new challenges to security. Traditional security has accomplished a long way
toward protecting well-defined goals such as confidentiality, integrity,
availability, and authenticity. However, with the growing sophistication of the
attacks and the complexity of the system, the protection using traditional
methods could be cost-prohibitive. A new perspective and a new theoretical
foundation are needed to understand security from a strategic and
decision-making perspective. Game theory provides a natural framework to
capture the adversarial and defensive interactions between an attacker and a
defender. It provides a quantitative assessment of security, prediction of
security outcomes, and a mechanism design tool that can enable
security-by-design and reverse the attacker's advantage. This tutorial provides
an overview of diverse methodologies from game theory that includes games of
incomplete information, dynamic games, mechanism design theory to offer a
modern theoretic underpinning of a science of cybersecurity. The tutorial will
also discuss open problems and research challenges that the CCS community can
address and contribute with an objective to build a multidisciplinary bridge
between cybersecurity, economics, game and decision theory
Allocating Limited Resources to Protect a Massive Number of Targets using a Game Theoretic Model
Resource allocation is the process of optimizing the rare resources. In the
area of security, how to allocate limited resources to protect a massive number
of targets is especially challenging. This paper addresses this resource
allocation issue by constructing a game theoretic model. A defender and an
attacker are players and the interaction is formulated as a trade-off between
protecting targets and consuming resources. The action cost which is a
necessary role of consuming resource, is considered in the proposed model.
Additionally, a bounded rational behavior model (Quantal Response, QR), which
simulates a human attacker of the adversarial nature, is introduced to improve
the proposed model. To validate the proposed model, we compare the different
utility functions and resource allocation strategies. The comparison results
suggest that the proposed resource allocation strategy performs better than
others in the perspective of utility and resource effectiveness.Comment: 14 pages, 12 figures, 41 reference
TRIDEnT: Building Decentralized Incentives for Collaborative Security
Sophisticated mass attacks, especially when exploiting zero-day
vulnerabilities, have the potential to cause destructive damage to
organizations and critical infrastructure. To timely detect and contain such
attacks, collaboration among the defenders is critical. By correlating
real-time detection information (alerts) from multiple sources (collaborative
intrusion detection), defenders can detect attacks and take the appropriate
defensive measures in time. However, although the technical tools to facilitate
collaboration exist, real-world adoption of such collaborative security
mechanisms is still underwhelming. This is largely due to a lack of trust and
participation incentives for companies and organizations. This paper proposes
TRIDEnT, a novel collaborative platform that aims to enable and incentivize
parties to exchange network alert data, thus increasing their overall detection
capabilities. TRIDEnT allows parties that may be in a competitive relationship,
to selectively advertise, sell and acquire security alerts in the form of
(near) real-time peer-to-peer streams. To validate the basic principles behind
TRIDEnT, we present an intuitive game-theoretic model of alert sharing, that is
of independent interest, and show that collaboration is bound to take place
infinitely often. Furthermore, to demonstrate the feasibility of our approach,
we instantiate our design in a decentralized manner using Ethereum smart
contracts and provide a fully functional prototype.Comment: 28 page
ARPA Whitepaper
We propose a secure computation solution for blockchain networks. The
correctness of computation is verifiable even under malicious majority
condition using information-theoretic Message Authentication Code (MAC), and
the privacy is preserved using Secret-Sharing. With state-of-the-art multiparty
computation protocol and a layer2 solution, our privacy-preserving computation
guarantees data security on blockchain, cryptographically, while reducing the
heavy-lifting computation job to a few nodes. This breakthrough has several
implications on the future of decentralized networks. First, secure computation
can be used to support Private Smart Contracts, where consensus is reached
without exposing the information in the public contract. Second, it enables
data to be shared and used in trustless network, without disclosing the raw
data during data-at-use, where data ownership and data usage is safely
separated. Last but not least, computation and verification processes are
separated, which can be perceived as computational sharding, this effectively
makes the transaction processing speed linear to the number of participating
nodes. Our objective is to deploy our secure computation network as an layer2
solution to any blockchain system. Smart Contracts\cite{smartcontract} will be
used as bridge to link the blockchain and computation networks. Additionally,
they will be used as verifier to ensure that outsourced computation is
completed correctly. In order to achieve this, we first develop a general MPC
network with advanced features, such as: 1) Secure Computation, 2) Off-chain
Computation, 3) Verifiable Computation, and 4)Support dApps' needs like
privacy-preserving data exchange
On Cyber Risk Management of Blockchain Networks: A Game Theoretic Approach
Open-access blockchains based on proof-of-work protocols have gained
tremendous popularity for their capabilities of providing decentralized
tamper-proof ledgers and platforms for data-driven autonomous organization.
Nevertheless, the proof-of-work based consensus protocols are vulnerable to
cyber-attacks such as double-spending. In this paper, we propose a novel
approach of cyber risk management for blockchain-based service. In particular,
we adopt the cyber-insurance as an economic tool for neutralizing cyber risks
due to attacks in blockchain networks. We consider a blockchain service market,
which is composed of the infrastructure provider, the blockchain provider, the
cyber-insurer, and the users. The blockchain provider purchases from the
infrastructure provider, e.g., a cloud, the computing resources to maintain the
blockchain consensus, and then offers blockchain services to the users. The
blockchain provider strategizes its investment in the infrastructure and the
service price charged to the users, in order to improve the security of the
blockchain and thus optimize its profit. Meanwhile, the blockchain provider
also purchases a cyber-insurance from the cyber-insurer to protect itself from
the potential damage due to the attacks. In return, the cyber-insurer adjusts
the insurance premium according to the perceived risk level of the blockchain
service. Based on the assumption of rationality for the market entities, we
model the interaction among the blockchain provider, the users, and the
cyber-insurer as a two-level Stackelberg game. Namely, the blockchain provider
and the cyber-insurer lead to set their pricing/investment strategies, and then
the users follow to determine their demand of the blockchain service.
Specifically, we consider the scenario of double-spending attacks and provide a
series of analytical results about the Stackelberg equilibrium in the market
game
A Comprehensive Insight into Game Theory in relevance to Cyber Security
The progressively ubiquitous connectivity in the present information systems pose newer challenges tosecurity. The conventional security mechanisms have come a long way in securing the well-definedobjectives of confidentiality, integrity, authenticity and availability. Nevertheless, with the growth in thesystem complexities and attack sophistication, providing security via traditional means can beunaffordable. A novel theoretical perspective and an innovative approach are thus required forunderstanding security from decision-making and strategic viewpoint. One of the analytical tools whichmay assist the researchers in designing security protocols for computer networks is game theory. Thegame-theoretic concept finds extensive applications in security at different levels, including thecyberspace and is generally categorized under security games. It can be utilized as a robust mathematicaltool for modelling and analyzing contemporary security issues. Game theory offers a natural frameworkfor capturing the defensive as well as adversarial interactions between the defenders and the attackers.Furthermore, defenders can attain a deep understanding of the potential attack threats and the strategiesof attackers by equilibrium evaluation of the security games. In this paper, the concept of game theoryhas been presented, followed by game-theoretic applications in cybersecurity including cryptography.Different types of games, particularly those focused on securing the cyberspace, have been analysed andvaried game-theoretic methodologies including mechanism design theories have been outlined foroffering a modern foundation of the science of cybersecurity
- …