Strategic signaling for utility control in audit games

If you need an accessible version of this item, please email your request to digschol@iu.edu so that they may create one and provide it to you.
Date
2022-07
Language
American English
Embargo Lift Date
Committee Members
Degree
Degree Year
Department
Grantor
Journal Title
Journal ISSN
Volume Title
Found At
Elsevier
Abstract

As an effective method to protect the daily access to sensitive data against malicious attacks, the audit mechanism has been widely deployed in various practical fields. In order to examine security vulnerabilities and prevent the leakage of sensitive data in a timely manner, the database logging system usually employs an online signaling scheme to issue an alert when suspicious access is detected. Defenders can audit alerts to reduce potential damage. This interaction process between a defender and an attacker can be modeled as an audit game. In previous studies, it was found that sending real-time signals in the audit game to warn visitors can improve the benefits of the defender. However, the previous approaches usually assume perfect information of the attacker, or simply concentrate on the utility of the defender. In this paper, we introduce a brand-new zero-determinant (ZD) strategy to study the sequential audit game with online signaling, which empowers the defender to unilaterally control the utility of visitors when accessing sensitive data. In addition, an optimization scheme based on the ZD strategy is designed to effectively maximize the utility difference between the defender and the attacker. Extensive simulation results show that our proposed scheme enhances the security management and control capabilities of the defender to better handle different access requests and safeguard the system security in a cost-efficient manner.

Description
item.page.description.tableofcontents
item.page.relation.haspart
Cite As
Chen, J., Hu, Q., & Jiang, H. (2022). Strategic signaling for utility control in audit games. Computers & Security, 118, 102721. https://doi.org/10.1016/j.cose.2022.102721
ISSN
Publisher
Series/Report
Sponsorship
Major
Extent
Identifier
Relation
Journal
Computers & Security
Source
Author
Alternative Title
Type
Article
Number
Volume
Conference Dates
Conference Host
Conference Location
Conference Name
Conference Panel
Conference Secretariat Location
Version
Author's manuscript
Full Text Available at
This item is under embargo {{howLong}}