Multi-rate Threshold FlipThem

  • David Leslie
  • Chris Sherfield
  • Nigel P. SmartEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10493)


A standard method to protect data and secrets is to apply threshold cryptography in the form of secret sharing. This is motivated by the acceptance that adversaries will compromise systems at some point; and hence using threshold cryptography provides a defence in depth. The existence of such powerful adversaries has also motivated the introduction of game theoretic techniques into the analysis of systems, e.g. via the FlipIt game of van Dijk et al. This work further analyses the case of FlipIt when used with multiple resources, dubbed FlipThem in prior papers. We examine two key extensions of the FlipThem game to more realistic scenarios; namely separate costs and strategies on each resource, and a learning approach obtained using so-called fictitious play in which players do not know about opponent costs, or assume rationality.



The second author was supported by a studentship from GCHQ. This work has been supported in part by ERC Advanced Grant ERC-2015-AdG-IMPaCT and by EPSRC via grant EP/N021940/1.


  1. 1.
    Bedi, H.S., Shiva, S.G., Roy, S.: A game inspired defense mechanism against distributed denial of service attacks. Secur. Commun. Netw. 7(12), 2389–2404 (2014). doi: 10.1002/sec.949CrossRefGoogle Scholar
  2. 2.
    Ben-Or, M., Goldwasser, S., Wigderson, A.: Completeness theorems for non-cryptographic fault-tolerant distributed computation (extended abstract). In: Simon [33], pp. 1–10.
  3. 3.
    Benaim, M., Hirsch, M.W.: Mixed equilibria and dynamical systems arising from fictitious play in perturbed games. Games Econ. Behav. 29, 36–72 (1999)MathSciNetCrossRefzbMATHGoogle Scholar
  4. 4.
    Boneh, D., Boyen, X., Halevi, S.: Chosen ciphertext secure public key threshold encryption without random oracles. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 226–243. Springer, Heidelberg (2006). doi: 10.1007/11605805_15CrossRefGoogle Scholar
  5. 5.
    Bowers, K.D., van Dijk, M., Griffin, R., Juels, A., Oprea, A., Rivest, R.L., Triandopoulos, N.: Defending against the unknown enemy: applying FlipIt to system security. In: Grossklags and Walrand [15], pp. 248–263.
  6. 6.
    Brown, G.: Iterative solution of games by fictitious play. In: Koopmans, T.C. (ed.) Activity Analysis of Production and Allocation, pp. 374–376 (1951)Google Scholar
  7. 7.
    Çeker, H., Zhuang, J., Upadhyaya, S., La, Q.D., Soong, B.-H.: Deception-based game theoretical approach to mitigate DoS attacks. In: Zhu et al. [36], pp. 18–38 (2016).
  8. 8.
    Chaum, D., Crépeau, C., Damgård, I.: Multiparty unconditionally secure protocols (extended abstract). In: Simon [33], pp. 11–19.
  9. 9.
    Desmedt, Y.: Threshold cryptography. Eur. Trans. Telecommun. 5(4), 449–458 (1994). doi: 10.1002/ett.4460050407CrossRefGoogle Scholar
  10. 10.
    van Dijk, M., Juels, A., Oprea, A., Rivest, R.L.: FlipIt: the game of “stealthy takeover”. J. Cryptol. 26(4), 655–713 (2013). doi: 10.1007/s00145-012-9134-5MathSciNetCrossRefzbMATHGoogle Scholar
  11. 11.
    Farhang, S., Grossklags, J.: FlipLeakage: a game-theoretic approach to protect against stealthy attackers in the presence of information leakage. In: Zhu et al. [36], pp. 195–214.
  12. 12.
    Fudenberg, D., Kreps, D.: Learning mixed equilibria. Games Econ. Behav. 5, 320–367 (1993)MathSciNetCrossRefzbMATHGoogle Scholar
  13. 13.
    Fudenberg, D., Levine, D.K.: The Theory of Learning in Games, 1st edn. The MIT Press, Cambridge (1998)zbMATHGoogle Scholar
  14. 14.
    Grimmett, G., Stirzaker, D.: Probability and Random Processes, 3rd edn. Oxford University Press, Oxford (2001)zbMATHGoogle Scholar
  15. 15.
    Grossklags, J., Walrand, J.C. (eds.): GameSec 2012. LNCS, vol. 7638. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-34266-0zbMATHGoogle Scholar
  16. 16.
    Hota, A.R., Clements, A.A., Sundaram, S., Bagchi, S.: Optimal and game-theoretic deployment of security investments in interdependent assets. In: Zhu et al. [36], pp. 101–113.
  17. 17.
    Hu, P., Li, H., Fu, H., Cansever, D., Mohapatra, P.: Dynamic defense strategy against advanced persistent threat with insiders. In: 2015 IEEE Conference on Computer Communications (INFOCOM), pp. 747–755. IEEE (2015)Google Scholar
  18. 18.
    Laszka, A., Horvath, G., Felegyhazi, M., Buttyán, L.: FlipThem: modeling targeted attacks with FlipIt for multiple resources. In: Poovendran and Saad [29], pp. 175–194.
  19. 19.
    Laszka, A., Johnson, B., Grossklags, J.: Mitigating covert compromises. In: Chen, Y., Immorlica, N. (eds.) WINE 2013. LNCS, vol. 8289, pp. 319–332. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-45046-4_26CrossRefGoogle Scholar
  20. 20.
    Leslie, D., Sherfield, C., Smart, N.P.: Threshold FlipThem: when the winner does not need to take all. In: Khouzani, M.H.R., Panaousis, E., Theodorakopoulos, G. (eds.) GameSec 2015. LNCS, vol. 9406, pp. 74–92. Springer, Cham (2015). doi: 10.1007/978-3-319-25594-1_5CrossRefGoogle Scholar
  21. 21.
    Leslie, D.S., Collins, E.J.: Generalized weakened fictitious play. Games Econ. Behav. 56, 285–298 (2006)CrossRefzbMATHGoogle Scholar
  22. 22.
    Moayedi, B.Z., Azgomi, M.A.: A game theoretic framework for evaluation of the impacts of hackers diversity on security measures. Reliab. Eng. Syst. Saf. 99, 45–54 (2012). doi: 10.1016/j.ress.2011.11.001CrossRefGoogle Scholar
  23. 23.
    Nash, J.: Non-cooperative games. Ann. Math. 54, 286–295 (1951)MathSciNetCrossRefzbMATHGoogle Scholar
  24. 24.
    Nochenson, A., Grossklags, J.: A behavioral investigation of the FlipIt game. In: Proceedings of the 12th Workshop on the Economics of Information Security (WEIS) (2013)Google Scholar
  25. 25.
    Osborne, M., Rubinstein, A.: A Course in Game Theory. MIT Press, Cambridge (1994)zbMATHGoogle Scholar
  26. 26.
    Panaousis, E., Fielder, A., Malacaria, P., Hankin, C., Smeraldi, F.: Cybersecurity games and investments: a decision support approach. In: Poovendran and Saad [29], pp. 266–286.
  27. 27.
    Pawlick, J., Farhang, S., Zhu, Q.: Flip the cloud: cyber-physical signaling games in the presence of advanced persistent threats. In: Khouzani, M.H.R., Panaousis, E., Theodorakopoulos, G. (eds.) GameSec 2015. LNCS, vol. 9406, pp. 289–308. Springer, Cham (2015). doi: 10.1007/978-3-319-25594-1_16CrossRefGoogle Scholar
  28. 28.
    Pham, V., Cid, C.: Are we compromised? Modelling security assessment games. In: Grossklags and Walrand [15], pp. 234–247.
  29. 29.
    Poovendran, R., Saad, W. (eds.): GameSec 2014. LNCS, vol. 8840. Springer, Cham (2014). doi: 10.1007/978-3-319-12601-2zbMATHGoogle Scholar
  30. 30.
    Rass, S., Zhu, Q.: GADAPT: a sequential game-theoretic framework for designing defense-in-depth strategies against advanced persistent threats. In: Zhu et al. [36], pp. 314–326.
  31. 31.
    Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979). doi: 10.1145/359168.359176MathSciNetCrossRefzbMATHGoogle Scholar
  32. 32.
    Shoup, V.: Practical threshold signatures. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 207–220. Springer, Heidelberg (2000). doi: 10.1007/3-540-45539-6_15CrossRefGoogle Scholar
  33. 33.
    Simon, J. (ed.): Proceedings of the 20th Annual ACM Symposium on Theory of Computing, Chicago, Illinois, USA, 2–4 May 1988. ACM (1988)Google Scholar
  34. 34.
    Smyrnakis, M., Leslie, D.S.: Dynamic opponent modelling in fictitious play. Comput. J. 53(9), 1344–1359 (2010)CrossRefGoogle Scholar
  35. 35.
    Zhou, Z., Bambos, N., Glynn, P.: Dynamics on linear influence network games under stochastic environments. In: Zhu et al. [36], pp. 114–126.
  36. 36.
    Zhu, Q., Alpcan, T., Panaousis, E., Tambe, M., Casey, W. (eds.): GameSec 2016. LNCS, vol. 9996. Springer, Cham (2016). doi: 10.1007/978-3-319-47413-7Google Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • David Leslie
    • 1
  • Chris Sherfield
    • 2
  • Nigel P. Smart
    • 2
    Email author
  1. 1.Department Mathematics and StatisticsUniversity of LancasterLancasterUK
  2. 2.Department of Computer ScienceUniversity of BristolBristolUK

Personalised recommendations