Abstract
Recent high-profile targeted attacks showed that even the most secure and secluded networks can be compromised by motivated and resourceful attackers, and that such a system compromise may not be immediately detected by the system owner. Researchers at RSA proposed the FlipIt game to study the impact of such stealthy takeovers. In the basic FlipIt game, an attacker and a defender fight over a single resource; in practice, however, systems typically consist of multiple resources that can be targeted. In this paper, we present FlipThem, a generalization of FlipIt to multiple resources. To formulate the players’ goals and study their best strategies, we introduce two control models: in the AND model, the attacker has to compromise all resources in order to take over the entire system, while in the OR model, she has to compromise only one. Our analytical and numerical results provide practical recommendations for defenders.
Access provided by Autonomous University of Puebla. Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
References
Bowers, K.D., van Dijk, M., Griffin, R., Juels, A., Oprea, A., Rivest, R.L., Triandopoulos, N.: Defending against the unknown enemy: Applying flipIt to system security. In: Grossklags, J., Walrand, J. (eds.) GameSec 2012. LNCS, vol. 7638, pp. 248–263. Springer, Heidelberg (2012)
cnet.com: Comodo hack may reshape browser security (April 4, (2011), http://news.cnet.com/8301-31921_3-20050255-281.html
van Dijk, M., Juels, A., Oprea, A., Rivest, R.L.: FlipIt: The game of “stealthy takeover”. Cryptology ePrint Archive, Report 2012/103 (2012)
Falliere, N., Murchu, L.O., Chien, E.: W32.Stuxnet Dossier (February 2011), http://www.symantec.com/connect/blogs/w32stuxnet-dossier
Finkle, J., Shalal-Esa, A.: Hackers breached U.S. defense contractors (May 27, 2011), http://www.reuters.com/article/2011/05/27/us-usa-defense-hackers-idUSTRE74Q6VY20110527
Grossklags, J., Reitter, D.: How task familiarity and cognitive predispositions impact behavior in a security game of timing. In: Proceedings of the 27th IEEE Computer Security Foundations Symposium, CSF (2014)
Kaspersky Lab: Flame…the latest cyber-attack (May 2012), http://www.kaspersky.com/flame
Kaspersky Lab: The MiniDuke Mystery: PDF 0-day Government Spy Assembler 0x29A Micro Backdoor (February 2013), http://www.securelist.com/en/blog/208194129/The_MiniDuke_Mystery_PDF_0_day_Government_Spy_Assembler_0x29A_Micro_Backdoor
Laszka, A., Felegyhazi, M., Buttyán, L.: A survey of interdependent security games. Tech. Rep. CRYSYS-TR-2012-11-15, CrySyS Lab, Budapest University of Technology and Economics (November 2012)
Laszka, A., Horvath, G., Felegyhazi, M., Buttyán, L.: FlipThem: Modeling targeted attacks with FlipIt for multiple resources (extended version), http://www.crysys.hu/%7Elaszka/papers/laszka2014flipthem.pdf
Laszka, A., Johnson, B., Grossklags, J.: Mitigating covert compromises: A game-theoretic model of targeted and non-targeted covert attacks. In: Proceedings of the 9th Conference on Web and Internet Economics (WINE), pp. 319–332 (2013)
Laszka, A., Johnson, B., Grossklags, J.: Mitigation of targeted and non-targeted covert attacks as a timing game. In: Das, S.K., Nita-Rotaru, C., Kantarcioglu, M. (eds.) GameSec 2013. LNCS, vol. 8252, pp. 175–191. Springer, Heidelberg (2013)
Mandiant: APT1: Exposing one of China’s cyber espionage units (February 18, 2013), http://www.mandiant.com/apt1
Menn, J.: Key Internet operator VeriSign hit by hackers (February 2, 2012), http://www.reuters.com/article/2012/02/02/us-hacking-verisign-idUSTRE8110Z820120202
Nochenson, A., Grossklags, J.: A behavioral investigation of the FlipIt game. In: Proceedings of the 12th Workshop on the Economics of Information Security, WEIS (2013)
Pham, V., Cid, C.: Are we compromised? Modelling security assessment games. In: Grossklags, J., Walrand, J. (eds.) GameSec 2012. LNCS, vol. 7638, pp. 234–247. Springer, Heidelberg (2012)
Reitter, D., Grossklags, J., Nochenson, A.: Risk-seeking in a continuous game of timing. In: Proceedings of the 13th International Conference on Cognitive Modeling (ICCM), pp. 397–403 (2013)
Rivner, U.: Anatomy of an attack (April 2011), http://blogs.rsa.com/anatomy-of-an-attack/
Symantec Security Response: W32.Duqu: The Precursor to the Next Stuxnet (October 18, 2011), http://www.symantec.com/connect/w32_duqu_precursor_next_stuxnet
Varian, H.: System reliability and free riding. In: Economics of Information Security, pp. 1–15. Springer (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Laszka, A., Horvath, G., Felegyhazi, M., Buttyán, L. (2014). FlipThem: Modeling Targeted Attacks with FlipIt for Multiple Resources. In: Poovendran, R., Saad, W. (eds) Decision and Game Theory for Security. GameSec 2014. Lecture Notes in Computer Science, vol 8840. Springer, Cham. https://doi.org/10.1007/978-3-319-12601-2_10
Download citation
DOI: https://doi.org/10.1007/978-3-319-12601-2_10
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-12600-5
Online ISBN: 978-3-319-12601-2
eBook Packages: Computer ScienceComputer Science (R0)