Paper 2012/579

Defending Against the Unknown Enemy: Applying FlipIt to System Security

Kevin D. Bowers, Marten van Dijk, Robert Griffin, Ari Juels, Alina Oprea, Ronald L. Rivest, and Nikos Triandopoulos

Abstract

Most cryptographic systems carry the basic assumption that entities are able to preserve the secrecy of their keys. With attacks today showing ever increasing sophistication, however, this tenet is eroding. “Advanced Persistent Threats” (APTs), for instance, leverage zero-day exploits and extensive system knowledge to achieve full compromise of cryptographic keys and other secrets.Such compromise is often silent, with defenders failing to detect the loss of private keys critical to protection of their systems. The growing virulence of today’s threats clearly calls for new models of defenders’ goals and abilities. In this paper, we explore applications of FlipIt, a novel game-theoretic model of system defense introduced recently. In FlipIt, an attacker periodically gains complete control of a system, with the unique feature that system compromises are stealthy, i.e., not immediately detected by the system owner, called the defender. We distill out several lessons from our study of FlipIt and demonstrate their application to several real-world problems, including password reset policies, key rotation, VM refresh and cloud auditing.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Published elsewhere. GameSec 2012, the third Conference on Decision and Game Theory for Security
Keywords
cyber security foundationsgame theory
Contact author(s)
aoprea @ rsa com
History
2012-10-16: received
Short URL
https://ia.cr/2012/579
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2012/579,
      author = {Kevin D.  Bowers and Marten van Dijk and Robert Griffin and Ari Juels and Alina Oprea and Ronald L.  Rivest and Nikos Triandopoulos},
      title = {Defending Against the Unknown Enemy: Applying FlipIt to System Security},
      howpublished = {Cryptology ePrint Archive, Paper 2012/579},
      year = {2012},
      note = {\url{https://eprint.iacr.org/2012/579}},
      url = {https://eprint.iacr.org/2012/579}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.