Attackers of computing resources increasingly aim to keep security compromises hidden from defenders in order to extract more value over a longer period of time. These covert attacks come in multiple varieties, which can be categorized into two main types: targeted and non-targeted attacks. Targeted attacks include, for example, cyberespionage, while non-targeted attacks include botnet recruitment. We are concerned with the subclass of these attacks for which detection is too costly or technically infeasible given the capabilities of a typical organization. As a result, defenders have to mitigate potential damages under a regime of incomplete information. A primary mitigation strategy is to reset potentially compromised resources to a known safe state, for example, by reinstalling computer systems, and changing passwords or cryptographic private keys. In a game-theoretic framework, we study the economically optimal mitigation strategies in the presence of targeted and non-targeted covert attacks. Our work has practical implications for the definition of security policies, in particular, for password and key renewal schedules. © 2013 Springer-Verlag.
CITATION STYLE
Laszka, A., Johnson, B., & Grossklags, J. (2013). Mitigating covert compromises: A game-theoretic model of targeted and non-targeted covert attacks. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 8289 LNCS, pp. 319–332). https://doi.org/10.1007/978-3-642-45046-4_26
Mendeley helps you to discover research relevant for your work.