Cryptology ePrint Archive: Report 2012/502

Are We Compromised? Modelling Security Assessment Games

Viet Pham and Carlos Cid

Abstract: Security assessments are an integral part of organisations' strategies for protecting their digital assets and critical IT infrastructure. In this paper we propose a game-theoretic modelling of a particular form of security assessment -- one which addresses the question ``are we compromised?''. We do so by extending the recently proposed game ``FlipIt'', which itself can be used to model the interaction between defenders and attackers under the Advanced Persistent Threat (APT) scenario. Our extension gives players the option to ``test'' the state of the game before making a move. This allows one to study the scenario in which organisations have the option to perform periodic security assessments of such nature, and the benefits they may bring.

Category / Keywords: advanced persistent threat, security assessment, game theory, FlipIt, strategic security plan, penetration testing

Publication Info: An extended abstract of this work will appear in the proceedings of GameSec 2012. This is the full version

Date: received 30 Aug 2012

Contact author: viet pham 2010 at live rhul ac uk

Available formats: PDF | BibTeX Citation

Version: 20120903:130306 (All versions of this report)

Discussion forum: Show discussion | Start new discussion