Paper 2012/502

Are We Compromised? Modelling Security Assessment Games

Viet Pham and Carlos Cid

Abstract

Security assessments are an integral part of organisations' strategies for protecting their digital assets and critical IT infrastructure. In this paper we propose a game-theoretic modelling of a particular form of security assessment -- one which addresses the question ``are we compromised?''. We do so by extending the recently proposed game ``FlipIt'', which itself can be used to model the interaction between defenders and attackers under the Advanced Persistent Threat (APT) scenario. Our extension gives players the option to ``test'' the state of the game before making a move. This allows one to study the scenario in which organisations have the option to perform periodic security assessments of such nature, and the benefits they may bring.

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. An extended abstract of this work will appear in the proceedings of GameSec 2012. This is the full version
Keywords
advanced persistent threatsecurity assessmentgame theoryFlipItstrategic security planpenetration testing
Contact author(s)
viet pham 2010 @ live rhul ac uk
History
2012-09-03: received
Short URL
https://ia.cr/2012/502
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2012/502,
      author = {Viet Pham and Carlos Cid},
      title = {Are We Compromised? Modelling Security Assessment Games},
      howpublished = {Cryptology {ePrint} Archive, Paper 2012/502},
      year = {2012},
      url = {https://eprint.iacr.org/2012/502}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.