Game Theory Meets Network Security: A Tutorial at ACM CCS

The increasingly pervasive connectivity of today's information systems brings up new challenges to security. Traditional security has accomplished a long way toward protecting well-defined goals such as confidentiality, integrity, availability, and authenticity. However, with the growing sophistication of the attacks and the complexity of the system, the protection using traditional methods could be cost-prohibitive. A new perspective and a new theoretical foundation are needed to understand security from a strategic and decision-making perspective. Game theory provides a natural framework to capture the adversarial and defensive interactions between an attacker and a defender. It provides a quantitative assessment of security, prediction of security outcomes, and a mechanism design tool that can enable security-by-design and reverse the attacker's advantage. This tutorial provides an overview of diverse methodologies from game theory that includes games of incomplete information, dynamic games, mechanism design theory to offer a modern theoretic underpinning of a science of cybersecurity. The tutorial will also discuss open problems and research challenges that the CCS community can address and contribute with an objective to build a multidisciplinary bridge between cybersecurity, economics, game and decision theory

Open Data, Grey Data, and Stewardship: Universities at the Privacy Frontier

As universities recognize the inherent value in the data they collect and hold, they encounter unforeseen challenges in stewarding those data in ways that balance accountability, transparency, and protection of privacy, academic freedom, and intellectual property. Two parallel developments in academic data collection are converging: (1) open access requirements, whereby researchers must provide access to their data as a condition of obtaining grant funding or publishing results in journals; and (2) the vast accumulation of 'grey data' about individuals in their daily activities of research, teaching, learning, services, and administration. The boundaries between research and grey data are blurring, making it more difficult to assess the risks and responsibilities associated with any data collection. Many sets of data, both research and grey, fall outside privacy regulations such as HIPAA, FERPA, and PII. Universities are exploiting these data for research, learning analytics, faculty evaluation, strategic decisions, and other sensitive matters. Commercial entities are besieging universities with requests for access to data or for partnerships to mine them. The privacy frontier facing research universities spans open access practices, uses and misuses of data, public records requests, cyber risk, and curating data for privacy protection. This paper explores the competing values inherent in data stewardship and makes recommendations for practice, drawing on the pioneering work of the University of California in privacy and information security, data governance, and cyber risk.Comment: Final published version, Sept 30, 201

SARGOS: Securing Offshore Infrastructures Through a Global Alert and Graded Response System

International audienceThe purpose of the project SARGOS is to develop a global alert and graded response system to answer the recent but strong need for securing critical civilian offshore infrastructures, vulnerable to piracy or terrorist actions from the sea. The challenge of protecting these infrastructures against malevolent intrusions requires to develop innovative strategies so as to ensure in a coordinate way the whole processing line: automatic surveillance, robust detection, continuous adjustment of the reaction plan and graded implementation of the relevant set of reactions. The system handles : Automatic and robust detection and classification of small size maritime targets in rough sea; Detection of suspicious behaviors in a security zone around the platform; Formalization and modeling of graded internal and external reactions, adapted to the dangerousness of the detected intrusion and taking into account security rules in force on the platform, geopolitical environment and legal aspects; Activation of progressive and reversible reactions, according to an intelligent situation analysis process. Reactions can go from a simple alert up to bringing non lethal reaction means into play. The project will materialize with the implementation of all the processing line in a single platform that will be used to carry out experimentations and to validate the overcoming of critical issues and the appropriateness of the proposed concept with regards to users' needs. SARGOS has been selected by the French Nationa

Multi-Layer Cyber-Physical Security and Resilience for Smart Grid

The smart grid is a large-scale complex system that integrates communication technologies with the physical layer operation of the energy systems. Security and resilience mechanisms by design are important to provide guarantee operations for the system. This chapter provides a layered perspective of the smart grid security and discusses game and decision theory as a tool to model the interactions among system components and the interaction between attackers and the system. We discuss game-theoretic applications and challenges in the design of cross-layer robust and resilient controller, secure network routing protocol at the data communication and networking layers, and the challenges of the information security at the management layer of the grid. The chapter will discuss the future directions of using game-theoretic tools in addressing multi-layer security issues in the smart grid.Comment: 16 page

The changing nature of risk and risk management: the challenge of borders, uncertainty and resilience

No abstract available

The future of Cybersecurity in Italy: Strategic focus area

This volume has been created as a continuation of the previous one, with the aim of outlining a set of focus areas and actions that the Italian Nation research community considers essential. The book touches many aspects of cyber security, ranging from the definition of the infrastructure and controls needed to organize cyberdefence to the actions and technologies to be developed to be better protected, from the identification of the main technologies to be defended to the proposal of a set of horizontal actions for training, awareness raising, and risk management

A Quantitative Research Study on Probability Risk Assessments in Critical Infrastructure and Homeland Security

This dissertation encompassed quantitative research on probabilistic risk assessment (PRA) elements in homeland security and the impact on critical infrastructure and key resources. There are 16 crucial infrastructure sectors in homeland security that represent assets, system networks, virtual and physical environments, roads and bridges, transportation, and air travel. The design included the Bayes theorem, a process used in PRAs when determining potential or probable events, causes, outcomes, and risks. The goal is to mitigate the effects of domestic terrorism and natural and man-made disasters, respond to events related to critical infrastructure that can impact the United States, and help protect and secure natural gas pipelines and electrical grid systems. This study provides data from current risk assessment trends in PRAs that can be applied and designed in elements of homeland security and the criminal justice system to help protect critical infrastructures. The dissertation will highlight the aspects of the U.S. Department of Homeland Security National Infrastructure Protection Plan (NIPP). In addition, this framework was employed to examine the criminal justice triangle, explore crime problems and emergency preparedness solutions to protect critical infrastructures, and analyze data relevant to risk assessment procedures for each critical infrastructure identified. Finally, the study addressed the drivers and gaps in research related to protecting and securing natural gas pipelines and electrical grid systems

Framing the UK’s counter-terrorism policy within the context of a wicked problem

Terrorist attacks can be seen as the ultimate wicked problem. After 9/11, terrorists moved from so-called ‘spectacular’ events to relatively low-intensity attacks against individuals and groups. The emergence of what has become known as the ‘home-grown’ terrorist has added a further dimension to the ‘wicked’ nature of the problem. This paper considers the UK’s CONTEST and PREVENT strategies as a policy response to the threats from terrorism and the impact that the policies themselves can have on the radicalization of individuals. The author highlights some of the limitations of the PREVENT strand of the overall strategy and the constraints that are imposed on government policies by failing to take a holistic perspective on the nature of the problem

Online privacy: towards informational self-determination on the internet : report from Dagstuhl Perspectives Workshop 11061

The Dagstuhl Perspectives Workshop "Online Privacy: Towards Informational Self-Determination on the Internet" (11061) has been held in February 6-11, 2011 at Schloss Dagstuhl. 30 participants from academia, public sector, and industry have identified the current status-of-the-art of and challenges for online privacy as well as derived recommendations for improving online privacy. Whereas the Dagstuhl Manifesto of this workshop concludes the results of the working groups and panel discussions, this article presents the talks of this workshop by their abstracts

European Reference Network for Critical Infrastructure Protection: ERNCIP Handbook 2017 edition Version 1.0

The ERNCIP network has been established to improve the protection of critical infrastructures in the EU. The European Reference Network for Critical Infrastructure Protection (ERNCIP) therefore works in close cooperation with all types of CIP stakeholders, focusing particularly on the technical protective security solutions. This handbook aims to assist the dissemination of the activities and results of ERNCIP. It is intended that the document will be updated and issued by the ERNCIP Office in spring each year. The information provided will be up to date as of the end of the previous calendar year, i.e. in this case as at 31 December 2016. The report summarises the achievements of all the ERNCIP Thematic Groups, providing a convenient way to access information on any specific theme of interest covered by ERNCIP. The report also describes current thematic group activities, to allow subject-matter experts and critical infrastructure operators to identify ongoing areas of research they might be interested in assisting. This report is publicly available via the ERNCIP web site, and is distributed to all ERNCIP Group of EU CIP Experts for onward dissemination within their Member State.JRC.E.2-Technology Innovation in Securit