Defending against the Unknown Enemy: Applying FlipIt to System Security
Most cryptographic systems carry the basic assumption that entities are able to preserve the secrecy of their keys. With attacks today showing ever increasing sophistication, however, this tenet is eroding. “Advanced Persistent Threats” (APTs), for instance, leverage zero-day exploits and extensive...
| Main Authors: | , , , , , , |
|---|---|
| Other Authors: | |
| Format: | Article |
| Language: | en_US |
| Published: |
Springer Science+Business Media
2014
|
| Online Access: | http://hdl.handle.net/1721.1/90591 https://orcid.org/0000-0002-7105-3690 |
| _version_ | 1811093359276589056 |
|---|---|
| author | Bowers, Kevin D. van Dijk, Marten Griffin, Robert Juels, Ari Oprea, Alina Rivest, Ronald L. Triandopoulos, Nikos |
| author2 | Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science |
| author_facet | Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science Bowers, Kevin D. van Dijk, Marten Griffin, Robert Juels, Ari Oprea, Alina Rivest, Ronald L. Triandopoulos, Nikos |
| author_sort | Bowers, Kevin D. |
| collection | MIT |
| description | Most cryptographic systems carry the basic assumption that entities are able to preserve the secrecy of their keys. With attacks today showing ever increasing sophistication, however, this tenet is eroding. “Advanced Persistent Threats” (APTs), for instance, leverage zero-day exploits and extensive system knowledge to achieve full compromise of cryptographic keys and other secrets. Such compromise is often silent, with defenders failing to detect the loss of private keys critical to protection of their systems. The growing virulence of today’s threats clearly calls for new models of defenders’ goals and abilities.
In this paper, we explore applications of FlipIt, a novel game-theoretic model of system defense introduced in [14]. In FlipIt, an attacker periodically gains complete control of a system, with the unique feature that system compromises are stealthy, i.e., not immediately detected by the system owner, called the defender. We distill out several lessons from our study of FlipIt and demonstrate their application to several real-world problems, including password reset policies, key rotation, VM refresh and cloud auditing. |
| first_indexed | 2024-09-23T15:44:00Z |
| format | Article |
| id | mit-1721.1/90591 |
| institution | Massachusetts Institute of Technology |
| language | en_US |
| last_indexed | 2024-09-23T15:44:00Z |
| publishDate | 2014 |
| publisher | Springer Science+Business Media |
| record_format | dspace |
| spelling | mit-1721.1/905912022-09-29T15:48:21Z Defending against the Unknown Enemy: Applying FlipIt to System Security Bowers, Kevin D. van Dijk, Marten Griffin, Robert Juels, Ari Oprea, Alina Rivest, Ronald L. Triandopoulos, Nikos Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science Rivest, Ronald L. Most cryptographic systems carry the basic assumption that entities are able to preserve the secrecy of their keys. With attacks today showing ever increasing sophistication, however, this tenet is eroding. “Advanced Persistent Threats” (APTs), for instance, leverage zero-day exploits and extensive system knowledge to achieve full compromise of cryptographic keys and other secrets. Such compromise is often silent, with defenders failing to detect the loss of private keys critical to protection of their systems. The growing virulence of today’s threats clearly calls for new models of defenders’ goals and abilities. In this paper, we explore applications of FlipIt, a novel game-theoretic model of system defense introduced in [14]. In FlipIt, an attacker periodically gains complete control of a system, with the unique feature that system compromises are stealthy, i.e., not immediately detected by the system owner, called the defender. We distill out several lessons from our study of FlipIt and demonstrate their application to several real-world problems, including password reset policies, key rotation, VM refresh and cloud auditing. 2014-10-07T17:58:55Z 2014-10-07T17:58:55Z 2012 Article http://purl.org/eprint/type/ConferencePaper 978-3-642-34265-3 978-3-642-34266-0 0302-9743 1611-3349 http://hdl.handle.net/1721.1/90591 Bowers, Kevin D., Marten van Dijk, Robert Griffin, Ari Juels, Alina Oprea, Ronald L. Rivest, and Nikos Triandopoulos. “Defending Against the Unknown Enemy: Applying FlipIt to System Security.” Lecture Notes in Computer Science (2012): 248–263. https://orcid.org/0000-0002-7105-3690 en_US http://dx.doi.org/10.1007/978-3-642-34266-0_15 Decision and Game Theory for Security Creative Commons Attribution-Noncommercial-Share Alike http://creativecommons.org/licenses/by-nc-sa/4.0/ application/pdf Springer Science+Business Media MIT web domain |
| spellingShingle | Bowers, Kevin D. van Dijk, Marten Griffin, Robert Juels, Ari Oprea, Alina Rivest, Ronald L. Triandopoulos, Nikos Defending against the Unknown Enemy: Applying FlipIt to System Security |
| title | Defending against the Unknown Enemy: Applying FlipIt to System Security |
| title_full | Defending against the Unknown Enemy: Applying FlipIt to System Security |
| title_fullStr | Defending against the Unknown Enemy: Applying FlipIt to System Security |
| title_full_unstemmed | Defending against the Unknown Enemy: Applying FlipIt to System Security |
| title_short | Defending against the Unknown Enemy: Applying FlipIt to System Security |
| title_sort | defending against the unknown enemy applying flipit to system security |
| url | http://hdl.handle.net/1721.1/90591 https://orcid.org/0000-0002-7105-3690 |
| work_keys_str_mv | AT bowerskevind defendingagainsttheunknownenemyapplyingflipittosystemsecurity AT vandijkmarten defendingagainsttheunknownenemyapplyingflipittosystemsecurity AT griffinrobert defendingagainsttheunknownenemyapplyingflipittosystemsecurity AT juelsari defendingagainsttheunknownenemyapplyingflipittosystemsecurity AT opreaalina defendingagainsttheunknownenemyapplyingflipittosystemsecurity AT rivestronaldl defendingagainsttheunknownenemyapplyingflipittosystemsecurity AT triandopoulosnikos defendingagainsttheunknownenemyapplyingflipittosystemsecurity |