On the Security-Privacy Tradeoff in Collaborative Security: A Quantitative Information Flow Game Perspective

To contest the rapidly developing cyber-attacks, numerous collaborative security schemes, in which multiple security entities can exchange their observations and other relevant data to achieve more effective security decisions, are proposed and developed in the literature. However, the security-related information shared among the security entities may contain some sensitive information and such information exchange can raise privacy concerns, especially when these entities belong to different organizations. With such consideration, the interplay between the attacker and the collaborative entities is formulated as Quantitative Information Flow (QIF) games, in which the QIF theory is adapted to measure the collaboration gain and the privacy loss of the entities in the information sharing process. In particular, three games are considered, each corresponding to one possible scenario of interest in practice. Based on the game-theoretic analysis, the expected behaviors of both the attacker and the security entities are obtained. In addition, the simulation results are presented to validate the analysis.

[1]  Peng Ning,et al.  Privacy-preserving alert correlation: a concept hierarchy based approach , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).

[2]  Charles F. Hockett,et al.  A mathematical theory of communication , 1948, MOCO.

[3]  Geoffrey Smith,et al.  On the Foundations of Quantitative Information Flow , 2009, FoSSaCS.

[4]  Yang Liu,et al.  Collaborative Security , 2015, ACM Comput. Surv..

[5]  A T Karygiannis,et al.  Wireless Network Security: 802.11, Bluetooth and Handheld Devices , 2002 .

[6]  Mário S. Alvim,et al.  Measuring Information Leakage Using Generalized Gain Functions , 2012, 2012 IEEE 25th Computer Security Foundations Symposium.

[7]  Lawrence A. Gordon,et al.  Sharing Information on Computer Systems Security: An Economic Analysis , 2003 .

[8]  Vitaly Shmatikov,et al.  Privacy-Preserving Sharing and Correlation of Security Alerts , 2004, USENIX Security Symposium.

[9]  Sang Joon Kim,et al.  A Mathematical Theory of Communication , 2006 .

[10]  Mário S. Alvim,et al.  Information Leakage Games , 2017, GameSec.

[11]  Carlos Cid,et al.  Strategic Discovery and Sharing of Vulnerabilities in Competitive Environments , 2014, GameSec.

[12]  Andrew P. Martin,et al.  Cyber-Threats Information Sharing in Cloud Computing: A Game Theoretic Approach , 2015, 2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing.

[13]  M.E. Locasto,et al.  Towards collaborative security and P2P intrusion detection , 2005, Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop.

[14]  Alagan Anpalagan,et al.  Opportunistic Spectrum Access Using Partially Overlapping Channels: Graphical Game and Uncoupled Learning , 2013, IEEE Transactions on Communications.

[15]  Songwu Lu,et al.  SmartSiren: virus detection and alert for smartphones , 2007, MobiSys '07.

[16]  Pasquale Malacaria,et al.  Quantifying information leaks in software , 2010, ACSAC '10.

[17]  Mário S. Alvim,et al.  Axioms for Information Leakage , 2016, 2016 IEEE 29th Computer Security Foundations Symposium (CSF).

[18]  Vincent Conitzer,et al.  Stackelberg vs. Nash in security games: interchangeability, equivalence, and uniqueness , 2010, AAMAS 2010.

[19]  Branislav Bosanský,et al.  Manipulating Adversary's Belief: A Dynamic Game Approach to Deception by Design for Proactive Network Security , 2017, GameSec.

[20]  Richeng Jin,et al.  On the Tradeoff between Privacy and Utility in Collaborative Intrusion Detection Systems-A Game Theoretical Approach , 2017, HotSoS.

[21]  Axel Legay,et al.  Hybrid Statistical Estimation of Mutual Information for Quantifying Information Flow , 2016, FM.

[22]  Shamik Sengupta,et al.  Game Theoretic Modeling to Enforce Security Information Sharing among Firms , 2015, 2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing.

[23]  Wee Keong Ng,et al.  Privacy-preserving approach for sharing and processing intrusion alert data , 2015, 2015 IEEE Tenth International Conference on Intelligent Sensors, Sensor Networks and Information Processing (ISSNIP).

[24]  Peng Ning,et al.  Towards Privacy-Aware Collaborative Security: A Game-Theoretic Approach , 2017, 2017 IEEE Symposium on Privacy-Aware Computing (PAC).

[25]  Philip Gross,et al.  Secure "selecticast" for collaborative intrusion detection systems , 2004, ICSE 2004.

[26]  Andreas Haeberlen,et al.  Differential privacy for collaborative security , 2010, EUROSEC '10.

[27]  Anindya Ghose,et al.  The Economic Consequences of Sharing Security Information , 2004, Economics of Information Security.

[28]  Peng Ning,et al.  A Flexible Approach to Intrusion Alert Anonymization and Correlation , 2006, 2006 Securecomm and Workshops.

[29]  Jens Grossklags,et al.  FlipLeakage: A Game-Theoretic Approach to Protect Against Stealthy Attackers in the Presence of Information Leakage , 2016, GameSec.

[30]  Max Mühlhäuser,et al.  SkipMon: A locality-aware Collaborative Intrusion Detection System , 2015, 2015 IEEE 34th International Performance Computing and Communications Conference (IPCCC).

[31]  EMMANOUIL VASILOMANOLAKIS,et al.  Taxonomy and Survey of Collaborative Intrusion Detection , 2015, ACM Comput. Surv..

[32]  Vijay S. Mookerjee,et al.  Knowledge sharing and investment decisions in information security , 2011, Decis. Support Syst..

[33]  J. Massey Guessing and entropy , 1994, Proceedings of 1994 IEEE International Symposium on Information Theory.

[34]  Geraldine Vache,et al.  Environment Characterization and System Modeling Approach for the Quantitative Evaluation of Security , 2009, SAFECOMP.