Optimal Personalized Defense Strategy Against Man-In-The-Middle Attack

The Man-In-The-Middle (MITM) attack is one of the most common attacks employed in the network hacking. MITM attackers can successfully invoke attacks such as denial of service (DoS) and port stealing, and lead to surprisingly harmful consequences for users in terms of both financial loss and security issues. The conventional defense approaches mainly consider how to detect and eliminate those attacks or how to prevent those attacks from being launched in the first place. This paper proposes a game-theoretic defense strategy from a different perspective, which aims at minimizing the loss that the whole system sustains given that the MITM attacks are inevitable. We model the interaction between the attacker and the defender as a Stackelberg security game and adopt the Strong Stackelberg Equilibrium (SSE) as the defender’s strategy. Since the defender’s strategy space is infinite in our model, we employ a novel method to reduce the searching space of computing the optimal defense strategy. Finally, we empirically evaluate our optimal defense strategy by comparing it with non-strategic defense strategies. The results indicate that our game-theoretic defense strategy significantly outperforms other non-strategic defense strategies in terms of decreasing the total losses against MITM attacks.

[1]  Ariel Rubinstein,et al.  A Course in Game Theory , 1995 .

[2]  Manish Jain,et al.  Software Assistants for Randomized Patrol Planning for the LAX Airport Police and the Federal Air Marshal Service , 2010, Interfaces.

[3]  Gopi Nath Nayak,et al.  Different flavours of Man-In-The-Middle attack, consequences and feasible solutions , 2010, 2010 3rd International Conference on Computer Science and Information Technology.

[4]  Vincent Conitzer,et al.  Stackelberg vs. Nash in Security Games: An Extended Investigation of Interchangeability, Equivalence, and Uniqueness , 2011, J. Artif. Intell. Res..

[5]  U. J. Raju,et al.  PROTECTION AGAINST MAN-IN-THE-MIDDLE ATTACK IN BANKING TRANSACTION USING STEGANOGRAPHY Albina.N, , 2012 .

[6]  Bo An,et al.  PROTECT - A Deployed Game Theoretic System for Strategic Security Allocation for the United States Coast Guard , 2012, AI Mag..

[7]  C. Krishna Kumar,et al.  SAFETY MEASURES AGAINST MAN-IN-THE-MIDDLE ATTACK IN KEY EXCHANGE , 2012 .

[8]  Patrick Traynor,et al.  Trust No One Else: Detecting MITM Attacks against SSL/TLS without Third-Parties , 2012, ESORICS.

[9]  Bo An,et al.  PROTECT: An Application of Computational Game Theory for the Security of the Ports of the United States , 2012, AAAI.

[10]  Vladik Kreinovich,et al.  Security games with interval uncertainty , 2013, AAMAS.

[11]  Yue-Bin Luo,et al.  Effectiveness of Port Hopping as a Moving Target Defense , 2014, 2014 7th International Conference on Security Technology.

[12]  Collin Jackson,et al.  Analyzing Forged SSL Certificates in the Wild , 2014, 2014 IEEE Symposium on Security and Privacy.

[13]  Mirko Sailio,et al.  Detecting man-in-the-middle attacks on non-mobile systems , 2014, CODASPY '14.

[14]  Subodh Gangan,et al.  A Review of Man-in-the-Middle Attacks , 2015, ArXiv.

[15]  Bo An,et al.  An Initial Study on Personalized Filtering Thresholds in Defending Sequential Spear Phishing Attacks , 2015 .

[16]  Baosheng Wang,et al.  Analysis of Port Hopping for Proactive Cyber Defense 1 , 2015 .

[17]  Yevgeniy Vorobeychik,et al.  Optimal Personalized Filtering Against Spear-Phishing Attacks , 2015, AAAI.

[18]  Mauro Conti,et al.  A Survey of Man In The Middle Attacks , 2016, IEEE Communications Surveys & Tutorials.

[19]  Yevgeniy Vorobeychik,et al.  Multi-Defender Strategic Filtering Against Spear-Phishing Attacks , 2016, AAAI.