Tradeoff gain and loss optimization against man-in-the-middle attacks based on game theoretic model

Abstract A successful man-in-the-middle (MITM) attack can result in significant financial loss and affect the cyber security of an organization. In this paper, we use a defender vs. multi-attacker Stackelberg game to model MITM attacks. We then propose an effective approach to compute the optimal defender strategy, based on a multi-double oracle algorithm. Finally, we quantify the gain and loss, based on the given noise packet insertion by calculating the Pareto optimal (non-dominated) solutions. We also demonstrate that our scheme achieves scalability and outperforms other non-strategy defense methods, based on findings from the simulations.

[1]  Cheng Guo,et al.  Key-Aggregate Authentication Cryptosystem for Data Sharing in Dynamic Cloud Storage , 2017, 2017 14th International Symposium on Pervasive Systems, Algorithms and Networks & 2017 11th International Conference on Frontier of Computer Science and Technology & 2017 Third International Symposium of Creative Computing (ISPAN-FCST-ISCC).

[2]  Bo Qin,et al.  Cecoin: A decentralized PKI mitigating MitM attacks , 2017, Future Gener. Comput. Syst..

[3]  Bo An,et al.  Multi-objective optimization for security games , 2012, AAMAS.

[4]  Baosheng Wang,et al.  Analysis of Port Hopping for Proactive Cyber Defense 1 , 2015 .

[5]  Bo An,et al.  Optimal Personalized Defense Strategy Against Man-In-The-Middle Attack , 2017, AAAI.

[6]  Bo An,et al.  Defending Against Man-In-The-Middle Attack in Repeated Games , 2017, IJCAI.

[7]  Mirko Sailio,et al.  Detecting man-in-the-middle attacks on non-mobile systems , 2014, CODASPY '14.

[8]  Paul Tavolato,et al.  Detection of Man-in-the-Middle Attacks on Industrial Control Networks , 2016, 2016 International Conference on Software Security and Assurance (ICSSA).

[9]  H. Stackelberg,et al.  Marktform und Gleichgewicht , 1935 .

[10]  Mingchu Li,et al.  Dynamic Defense Strategy Against DoS Attacks Over Vehicular Ad Hoc Networks Based on Port Hopping , 2018, IEEE Access.

[11]  Xue Chen,et al.  Dynamic Multi-Phrase Ranked Search over Encrypted Data with Symmetric Searchable Encryption , 2020, IEEE Transactions on Services Computing.

[12]  Kim-Kwang Raymond Choo,et al.  A Data Exfiltration and Remote Exploitation Attack on Consumer 3D Printers , 2016, IEEE Transactions on Information Forensics and Security.

[13]  George Mavrotas,et al.  Effective implementation of the epsilon-constraint method in Multi-Objective Mathematical Programming problems , 2009, Appl. Math. Comput..

[14]  Milind Tambe,et al.  Urban Security: Game-Theoretic Resource Allocation in Networked Domains , 2010, AAAI.

[15]  Kim-Kwang Raymond Choo,et al.  Secure Range Search Over Encrypted Uncertain IoT Outsourced Data , 2019, IEEE Internet of Things Journal.

[16]  Xiangjian He,et al.  Blockchain Based Secured Identity Authentication and Expeditious Revocation Framework for Vehicular Networks , 2018, 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE).

[17]  M. L. Fisher,et al.  An analysis of approximations for maximizing submodular set functions—I , 1978, Math. Program..

[18]  Kim-Kwang Raymond Choo,et al.  Are You Dating Danger? An Interdisciplinary Approach to Evaluating the (In)Security of Android Dating Apps , 2017, IEEE Transactions on Sustainable Computing.

[19]  Bernhard von Stengel,et al.  Fast algorithms for finding randomized strategies in game trees , 1994, STOC '94.

[20]  Christoforos N. Hadjicostis,et al.  Distributed Calculation of Edge-Disjoint Spanning Trees for Robustifying Distributed Algorithms Against Man-in-the-Middle Attacks , 2018, IEEE Transactions on Control of Network Systems.

[21]  S. Selvakumar,et al.  Prevention of Man-in-the-Middle Attacks Using ID Based Signatures , 2011, 2011 Second International Conference on Networking and Distributed Computing.

[22]  Vincent Conitzer,et al.  Computing the optimal strategy to commit to , 2006, EC '06.

[23]  Sheng Wang,et al.  Security Analysis on Mutual Authentication against Man-in-the-Middle Attack , 2009, 2009 First International Conference on Information Science and Engineering.

[24]  Vincent Conitzer,et al.  Stackelberg vs. Nash in security games: interchangeability, equivalence, and uniqueness , 2010, AAMAS 2010.

[25]  Kim-Kwang Raymond Choo,et al.  Circumventing iOS security mechanisms for APT forensic investigations: A security taxonomy for cloud apps , 2018, Future Gener. Comput. Syst..

[26]  S. Sorin,et al.  The LP formulation of finite zero-sum games with incomplete information , 1980 .

[27]  Albert Y. Zomaya,et al.  Secure authentication and load balancing of distributed edge datacenters , 2019, J. Parallel Distributed Comput..