Abstract
In the practical use of security mechanisms such as CAPTCHAs and spam filters, attackers and defenders exchange ‘victories,’ each celebrating (temporary) success in breaking and defending. While most of security mechanisms rely on a single algorithm as a defense mechanism, we propose an approach based on a set of algorithms as a defense mechanism. When studying sets of algorithms various issues arise about how to construct the algorithms and in which order or in which combination to release them. In this paper, we consider the question of whether the order in which a set of defensive algorithms is released has a significant impact on the time taken by attackers to break the combined set of algorithms. The rationale behind our approach is that attackers learn from their attempts, and that the release schedule of defensive mechanisms can be adjusted so as to impair that learning process. This paper introduces this problem. We show that our hypothesis holds for an experiment using several simplified but representative spam filter algorithms—that is, the order in which spam filters are released has a statistically significant impact on the time attackers take to break all algorithms.
Chapter PDF
References
Almasizadeh, J., Azgomi, M.A.: Intrusion Process Modeling for Security Quantification. In: 4th the International Conference on Availability, Reliability and Security, pp. 114–121. IEEE Press, Los Alamitos (2009)
Jonsson, E., Olovsson, T.: A Quantitative Model of the Security Intrusion Process Based on Attacker Behavior. IEEE Transactions on Software Engineering 23, 235–245 (1997)
Madan, B.B., Goseva-Popstojanova, K., Vaidyanathan, K., Trivedi, K.S.: Modeling and Quantification of Security Attributes of Software Systems. In: IEEE International Conference on Dependable Systems and Networks, pp. 505–514. IEEE Press, Los Alamitos (2002)
McQueen, M.A., Boyer, W.F., Flynn, M.A., Beitel, G.A.: Time-to-Compromise Model for Cyber Risk Reduction Estimation. In: First Workshop on Quality of Protection, pp. 49–64. Springer, Milan (2005)
McQueen, M.A., Boyer, W.F., Flynn, M.A., Beitel, G.: Quantitative Cyber Risk Reduction Estimation Methodology for a Small SCADA Control System. In: 39th Annual Hawaii Conference on System Science, IEEE Press (2006)
Ortalo, R., Deswarte, Y., Kaaniche, M.: Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security. IEEE Transactions on Software Engineering 25, 633–650 (1999)
Alsuhibany, S.A.: Optimising CAPTCHA Generation. In: 6th International Conference on Availability, Reliability and Security, pp. 740–745. IEEE Press (2011)
Sallhammar, K., Knapskog, S.J., Helvik, B.E.: Using Stochastic Game Theory to Compute the Expected Behavior of Attackers. In: International Symposium on Applications and the Internet Workshops (2005)
Yoshida, K., Adachi, F., Washio, T., Motoda, H., Homma, T., Nakashima, A., Fujikawa, H., Yamazaki, K.: Density Based Spam Detector. In: ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 486–493. ACM (2004)
Alsuhibany, S.A., Alonizi, A., Morisset, C., van Moorsel, A.: Optimizing the Release Order of Defensive Mechanisms. In: 29th Annual UK Performance Engineering Workshop (to appear)
McInerney, J., Tubberud, S., Anwar, S., Hamilton, S.: FRIARS: a Feedback Control System for Information Assurance Using a Markov Decision Process. In: 35th Annual 2001 International Carnahan Conference on Security Technology, pp. 223–228. IEEE Press (2001)
Alpcan, T., Baser, T.: An Intrusion Detection Game with Limited Observations. In: 12th International Symposium on Dynamic Games and Applications, France, (2006)
Shiva, S., Roy, S., Dasgupta, D.: Game Theory for Cyber Security. In: Sixth Annual Workshop on Cyber Security and Information Intelligence Research (2010)
Leversage, D.J., Byres, E.J.: Comparing Electronic Battlefields: Using Mean Time-to-Compromise as a Comparative Security Metric. In: Gorodetsky, V., Kotenko, I., Skormin, V.A. (eds.) MMM-ACNS 2007. CCIS, vol. 1, pp. 213–227. Springer, Heidelberg (2007)
Elio, R., Anderson, J.R.: The Effects of Information Order and Learning Mode on Schema Abstraction. Memory and Cognition 12, 20–30 (1984)
Sandhofer, C.M., Doumas, L.A.A.: Order of Presentation Effects in Learning Color Categories. Journal of Cognition and Development 9, 194–221 (2008)
Medin, D.L., Bettger, J.G.: Presentation Order and Recognition of Categorically Related Examples. Psychonomic Bulletin & Review 1, 250–254 (1994)
Jiang, W., Tian, Z., Zhang, H., Song, X.: A Stochastic Game Theoretic Approach to Attack Prediction and Optimal Active Defense Strategy Decision. In: IEEE International Conference on Networking, Sensing and Control, pp. 6–8. IEEE Press (2008)
Huang, L., Joseph, A.D., Nelson, B., Rubinstein, B.I.P., Tygar, J.D.: Adversarial Machine Learning. In: 4th ACM workshop on Artificial Intelligence and Security, pp. 43–58 (2011)
Mathy, F., Feldman, J.: A Rule-Based Presentation Order Facilitates Category Learning. Psychonomic Bulletin & Review 16, 1050–1057 (2009)
Alsuhibany, S.A., van Moorsel, A.: Modelling and Analysis of Release Order of Security Algorithms Using Stochastic Petri Nets. In: 8th International Conference on Availability, Reliability and Security (to appear)
Caliendo, M., Clement, M., Papies, D., Scheel-Kopeinig, S.: The Cost Impact of Spam Filters: Measuring the Effect of Information System Technologies in Organizations. Information Systems Research, 1–13 (2012)
Kahn, P., O’Rourke, K.: Guide to Curriculum Design: Enquiry-Based Learning. Higher Education Academy, York (2004)
Garcia, F.D., Hoepman, J.-H., van Nieuwenhuizen, J.: Spam Filter Analysis. In: 19th IFIP International Information Security Conference, Toulouse, pp. 395–410. Springer (2004)
Roy, S., Ellis, C., Shiva, S., Dasgupta, D., Shandilya, V., Wu, Q.: A Survey of Game Theory as Applied to Network Security. In: Hawaii International Conference on System Sciences, pp. 1–10. IEEE Press (2010)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 IFIP International Federation for Information Processing
About this paper
Cite this paper
Alsuhibany, S.A., Alonaizi, A., Morisset, C., Smith, C., van Moorsel, A. (2013). Experimental Investigation in the Impact on Security of the Release Order of Defensive Algorithms. In: Cuzzocrea, A., Kittl, C., Simos, D.E., Weippl, E., Xu, L. (eds) Security Engineering and Intelligence Informatics. CD-ARES 2013. Lecture Notes in Computer Science, vol 8128. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-40588-4_22
Download citation
DOI: https://doi.org/10.1007/978-3-642-40588-4_22
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-40587-7
Online ISBN: 978-3-642-40588-4
eBook Packages: Computer ScienceComputer Science (R0)