MarketNet: market-based protection of information systems

Abstract

This paper describes novel market-based technologies for systematic, quantifiable and predictable protection of information systems against attacks. These technologies, incorporated in the MarketNet system, use currency to control access to information systems resources and to account for their use. Clients wishing to access a resource must pay in currency acceptable to the domain that owns the resource. An attacker must thus pay to access the resources used in an attack. Therefore, the opportunities to attack and the damage that can be caused are strictly limited by the budget available to the attacker. A domain can control its exposure to attacks by setting the prices of critical resources and by limiting the currency that it makes available to potential attackers. Currency carries unique identifiers, enabling a domain to pinpoint the sources of attacks. Currency also provides a resource-independent instrumentation to monitor and correlate access patterns and to detect intrusion attacks through automated, uniform statistical analysis of anomalous currency flows. These mechanisms are resource-independent, and admit unlimited scalability for very large systems consisting of federated domains operated by mutually distrustful administrations. They uniquely establish quantifiable and adjustable limits on the power of attackers; enable verifiable accountability for malicious attacks; and admit systematic, uniform monitoring and detection of attacks.