FlipThem: Modeling Targeted Attacks with FlipIt for Multiple Resources

Abstract: The attack on RSA [12] in early 2011 represented a big surprise for the IT security industry. It showed that major security companies are attractive targets for stealthy attacks because of the important information they possess. The RSA attack induced an interesting discussion in the security industry and the research community alike. In particular, researchers at RSA modeled stealthy takeovers of a resource in their FlipIt game [13]. FlipIt is an attacker-defender game in which the players compete for the con… Show more

“…So far we have extended the full threshold FlipThem game [17] by obtaining the equilibria of the benefit functions constructed from the proportion of time the attacker is in control of the whole system. In order to generalise this further, we return to our partial threshold case in which the attacker gains benefit from controlling only t < n resources.…”

“…A multi-resource example in which we retain one rate per player (as opposed to one rate per resource for each player) is given by the situation in [17] and [19]; each player chooses a rate at which to play all resources. Whilst this allows us to retain a twodimensional system when considering the multiple resource case, unfortunately obtaining explicit best response functions is extremely difficult.…”

“…Such techniques can either be used directly as in [4,30], or using secret sharing to actually compute some data as in Multi-Party Computation [2,8]. To capture this and other such situations, Laszka et al [17] introduce a FlipThem game in which there are multiple resources, each equipped with a button as in FlipIt, and the attacker obtains benefit only by gaining control of every resource in the game. This models the full threshold situation in distributed cryptographic solutions.…”

Multi-rate Threshold FlipThem

“…So far we have extended the full threshold FlipThem game [17] by obtaining the equilibria of the benefit functions constructed from the proportion of time the attacker is in control of the whole system. In order to generalise this further, we return to our partial threshold case in which the attacker gains benefit from controlling only t < n resources.…”

“…A multi-resource example in which we retain one rate per player (as opposed to one rate per resource for each player) is given by the situation in [17] and [19]; each player chooses a rate at which to play all resources. Whilst this allows us to retain a twodimensional system when considering the multiple resource case, unfortunately obtaining explicit best response functions is extremely difficult.…”

“…Such techniques can either be used directly as in [4,30], or using secret sharing to actually compute some data as in Multi-Party Computation [2,8]. To capture this and other such situations, Laszka et al [17] introduce a FlipThem game in which there are multiple resources, each equipped with a button as in FlipIt, and the attacker obtains benefit only by gaining control of every resource in the game. This models the full threshold situation in distributed cryptographic solutions.…”

Multi-rate Threshold FlipThem

“…This was partially considered before in the paper [7], who introduced a variant of FlipIt called FlipThem in which the defender has control of multiple resources. Instead of flipping the state of a single resource from good to bad, the attacker is trying to flip the states of multiple resources.…”

“…Instead of flipping the state of a single resource from good to bad, the attacker is trying to flip the states of multiple resources. In [7] the authors examine the simplest situations in which an attacker "wins" if he has control of all resources, and a defender "wins" if she has control of at least one resource. Thus using the terminology of secret sharing schemes the paper [7] considers only the full threshold situation.…”

Threshold FlipThem: When the Winner Does Not Need to Take All

Proactive Network Defense with Game Theory