Abstract
We consider a strategic game in which a defender wants to maintain control over a resource that is subject to both targeted and non-targeted covert attacks. Because the attacks are covert, the defender must choose to secure the resource in real time without knowing who controls it. Each move by the defender to secure the resource has a one-time cost and these defending moves are not covert, so that a targeted attacker may time her attacks based on the defender’s moves. The time between when a targeted attack starts and when it succeeds is given by an exponentially distributed random variable with a known rate. Non-targeted attackers are modeled together as a single attacker whose attacks arrive following a Poisson process. We find that in this regime, the optimal moving strategy for the defender is a periodic strategy, so that the time intervals between consecutive moves are constant.
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
Keywords
References
Bowers, K.D., van Dijk, M., Griffin, R., Juels, A., Oprea, A., Rivest, R.L., Triandopoulos, N.: Defending against the unknown enemy: Applying FlipIt to system security. In: Grossklags, J., Walrand, J. (eds.) GameSec 2012. LNCS, vol. 7638, pp. 248–263. Springer, Heidelberg (2012)
Casey, E.: Determining intent - opportunistic vs targeted attacks. Computer Fraud & Security 2003(4), 8–11 (2003)
Grossklags, J., Christin, N., Chuang, J.: Secure or insure? A game-theoretic analysis of information security games. In: Proceedings of the 17th International World Wide Web Conference (WWW), pp. 209–218 (2008)
Herley, C.: The plight of the targeted attacker in a world of scale. In: Proceedings of the 9th Workshop on the Economics of Information Security (WEIS) (2010)
Johnson, B., Böhme, R., Grossklags, J.: Security games with market insurance. In: Baras, J.S., Katz, J., Altman, E. (eds.) GameSec 2011. LNCS, vol. 7037, pp. 117–130. Springer, Heidelberg (2011)
Laszka, A., Felegyhazi, M., Buttyán, L.: A survey of interdependent security games. Technical Report CRYSYS-TR-2012-11-15, CrySyS Lab, Budapest University of Technology and Economics (November 2012)
Laszka, A., Horvath, G., Felegyhazi, M., Buttyan, L.: FlipThem: Modeling targeted attacks with FlipIt for multiple resources. Technical report, Budapest University of Technology and Economics (2013)
Nochenson, A., Grossklags, J.: A behavioral investigation of the FlipIt game. In: Proceedings of the 12th Workshop on the Economics of Information Security (WEIS) (2013)
Pham, V., Cid, C.: Are we compromised? Modelling security assessment games. In: Grossklags, J., Walrand, J. (eds.) GameSec 2012. LNCS, vol. 7638, pp. 234–247. Springer, Heidelberg (2012)
Radzik, T.: Results and problems in games of timing. Lecture Notes-Monograph Series, Statistics, Probability and Game Theory: Papers in Honor of David Blackwell 30, 269–292 (1996)
Radzik, T., Orlowski, K.: A mixed game of timing: Investigation of strategies. Zastosowania Matematyki 17(3), 409–430 (1982)
Reitter, D., Grossklags, J., Nochenson, A.: Risk-seeking in a continuous game of timing. In: Proceedings of the 13th International Conference on Cognitive Modeling (ICCM), pp. 397–403 (2013)
van Dijk, M., Juels, A., Oprea, A., Rivest, R.: FlipIt: The game of “stealthy takeover”. Journal of Cryptology 26, 655–713 (2013)
Zhadan, V.: Noisy duels with arbitrary accuracy functions. Issledovanye Operacity 5, 156–177 (1976)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer International Publishing Switzerland
About this paper
Cite this paper
Laszka, A., Johnson, B., Grossklags, J. (2013). Mitigation of Targeted and Non-targeted Covert Attacks as a Timing Game. In: Das, S.K., Nita-Rotaru, C., Kantarcioglu, M. (eds) Decision and Game Theory for Security. GameSec 2013. Lecture Notes in Computer Science, vol 8252. Springer, Cham. https://doi.org/10.1007/978-3-319-02786-9_11
Download citation
DOI: https://doi.org/10.1007/978-3-319-02786-9_11
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-02785-2
Online ISBN: 978-3-319-02786-9
eBook Packages: Computer ScienceComputer Science (R0)