Cloud Storage Defense Against Advanced Persistent Threats: A Prospect Theoretic Study

IF 13.8 1区计算机科学 Q1 ENGINEERING, ELECTRICAL & ELECTRONIC IEEE Journal on Selected Areas in Communications Pub Date : 2017-03-01 DOI:10.1109/JSAC.2017.2659418

Liang Xiao, Dongjin Xu, Caixia Xie, N. Mandayam, H. Poor

{"title":"Cloud Storage Defense Against Advanced Persistent Threats: A Prospect Theoretic Study","authors":"Liang Xiao, Dongjin Xu, Caixia Xie, N. Mandayam, H. Poor","doi":"10.1109/JSAC.2017.2659418","DOIUrl":null,"url":null,"abstract":"Cloud storage is vulnerable to advanced persistent threats (APTs), in which an attacker launches stealthy, continuous, and targeted attacks on storage devices. In this paper, prospect theory (PT) is applied to formulate the interaction between the defender of a cloud storage system and an APT attacker who makes subjective decisions that sometimes deviate from the results of expected utility theory, which is a basis of traditional game theory. In the PT-based cloud storage defense game with pure strategy, the defender chooses a scan interval for each storage device and the subjective APT attacker chooses his or her interval of attack against each device. A mixed-strategy subjective storage defense game is also investigated, in which each subjective defender and APT attacker acts under uncertainty about the action of its opponent. The Nash equilibria (NEs) of both games are derived, showing that the subjective view of an APT attacker can improve the utility of the defender. A Q-learning-based APT defense scheme that the storage defender can apply without being aware of the APT attack model or the subjectivity model of the attacker in the dynamic APT defense game is also proposed. Simulation results show that the proposed defense scheme suppresses the attack motivation of subjective APT attackers and improves the utility of the defender, compared with the benchmark greedy defense strategy.","PeriodicalId":13243,"journal":{"name":"IEEE Journal on Selected Areas in Communications","volume":"35 1","pages":"534-544"},"PeriodicalIF":13.8000,"publicationDate":"2017-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1109/JSAC.2017.2659418","citationCount":"81","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Journal on Selected Areas in Communications","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1109/JSAC.2017.2659418","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"ENGINEERING, ELECTRICAL & ELECTRONIC","Score":null,"Total":0}

引用次数: 81

Abstract

Cloud storage is vulnerable to advanced persistent threats (APTs), in which an attacker launches stealthy, continuous, and targeted attacks on storage devices. In this paper, prospect theory (PT) is applied to formulate the interaction between the defender of a cloud storage system and an APT attacker who makes subjective decisions that sometimes deviate from the results of expected utility theory, which is a basis of traditional game theory. In the PT-based cloud storage defense game with pure strategy, the defender chooses a scan interval for each storage device and the subjective APT attacker chooses his or her interval of attack against each device. A mixed-strategy subjective storage defense game is also investigated, in which each subjective defender and APT attacker acts under uncertainty about the action of its opponent. The Nash equilibria (NEs) of both games are derived, showing that the subjective view of an APT attacker can improve the utility of the defender. A Q-learning-based APT defense scheme that the storage defender can apply without being aware of the APT attack model or the subjectivity model of the attacker in the dynamic APT defense game is also proposed. Simulation results show that the proposed defense scheme suppresses the attack motivation of subjective APT attackers and improves the utility of the defender, compared with the benchmark greedy defense strategy.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

云存储对高级持续性威胁的防御:展望理论研究

云存储易受高级持续威胁（APT）的攻击，攻击者会对存储设备发起隐蔽、连续和有针对性的攻击。本文应用前景理论（PT）来描述云存储系统的防御者和APT攻击者之间的交互，APT攻击者做出的主观决策有时会偏离预期效用理论的结果，这是传统博弈论的基础。在纯策略的基于PT的云存储防御游戏中，防御者为每个存储设备选择一个扫描间隔，主观APT攻击者选择他或她对每个设备的攻击间隔。还研究了一个混合策略的主观存储防御游戏，其中每个主观防御者和APT攻击者都在对手行动的不确定性下行动。推导了两种博弈的纳什均衡（NE），表明APT攻击者的主观观点可以提高防御者的效用。还提出了一种基于Q学习的APT防御方案，存储防御者可以在不知道APT攻击模型或攻击者在动态APT防御游戏中的主观模型的情况下应用该方案。仿真结果表明，与基准贪婪防御策略相比，该防御方案抑制了主观APT攻击者的攻击动机，提高了防御者的效用。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

IEEE Journal on Selected Areas in Communications 工程技术-电信学

CiteScore

30.00

自引率

4.30%

发文量

234

审稿时长

6 months

期刊介绍： The IEEE Journal on Selected Areas in Communications (JSAC) is a prestigious journal that covers various topics related to Computer Networks and Communications (Q1) as well as Electrical and Electronic Engineering (Q1). Each issue of JSAC is dedicated to a specific technical topic, providing readers with an up-to-date collection of papers in that area. The journal is highly regarded within the research community and serves as a valuable reference. The topics covered by JSAC issues span the entire field of communications and networking, with recent issue themes including Network Coding for Wireless Communication Networks, Wireless and Pervasive Communications for Healthcare, Network Infrastructure Configuration, Broadband Access Networks: Architectures and Protocols, Body Area Networking: Technology and Applications, Underwater Wireless Communication Networks, Game Theory in Communication Systems, and Exploiting Limited Feedback in Tomorrow’s Communication Networks.