Cloud Storage Defense Against Advanced Persistent Threats: A Prospect Theoretic Study

IF 13.8 1区 计算机科学 Q1 ENGINEERING, ELECTRICAL & ELECTRONIC
Liang Xiao, Dongjin Xu, Caixia Xie, N. Mandayam, H. Poor
{"title":"Cloud Storage Defense Against Advanced Persistent Threats: A Prospect Theoretic Study","authors":"Liang Xiao, Dongjin Xu, Caixia Xie, N. Mandayam, H. Poor","doi":"10.1109/JSAC.2017.2659418","DOIUrl":null,"url":null,"abstract":"Cloud storage is vulnerable to advanced persistent threats (APTs), in which an attacker launches stealthy, continuous, and targeted attacks on storage devices. In this paper, prospect theory (PT) is applied to formulate the interaction between the defender of a cloud storage system and an APT attacker who makes subjective decisions that sometimes deviate from the results of expected utility theory, which is a basis of traditional game theory. In the PT-based cloud storage defense game with pure strategy, the defender chooses a scan interval for each storage device and the subjective APT attacker chooses his or her interval of attack against each device. A mixed-strategy subjective storage defense game is also investigated, in which each subjective defender and APT attacker acts under uncertainty about the action of its opponent. The Nash equilibria (NEs) of both games are derived, showing that the subjective view of an APT attacker can improve the utility of the defender. A Q-learning-based APT defense scheme that the storage defender can apply without being aware of the APT attack model or the subjectivity model of the attacker in the dynamic APT defense game is also proposed. Simulation results show that the proposed defense scheme suppresses the attack motivation of subjective APT attackers and improves the utility of the defender, compared with the benchmark greedy defense strategy.","PeriodicalId":13243,"journal":{"name":"IEEE Journal on Selected Areas in Communications","volume":"35 1","pages":"534-544"},"PeriodicalIF":13.8000,"publicationDate":"2017-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1109/JSAC.2017.2659418","citationCount":"81","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Journal on Selected Areas in Communications","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1109/JSAC.2017.2659418","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"ENGINEERING, ELECTRICAL & ELECTRONIC","Score":null,"Total":0}
引用次数: 81

Abstract

Cloud storage is vulnerable to advanced persistent threats (APTs), in which an attacker launches stealthy, continuous, and targeted attacks on storage devices. In this paper, prospect theory (PT) is applied to formulate the interaction between the defender of a cloud storage system and an APT attacker who makes subjective decisions that sometimes deviate from the results of expected utility theory, which is a basis of traditional game theory. In the PT-based cloud storage defense game with pure strategy, the defender chooses a scan interval for each storage device and the subjective APT attacker chooses his or her interval of attack against each device. A mixed-strategy subjective storage defense game is also investigated, in which each subjective defender and APT attacker acts under uncertainty about the action of its opponent. The Nash equilibria (NEs) of both games are derived, showing that the subjective view of an APT attacker can improve the utility of the defender. A Q-learning-based APT defense scheme that the storage defender can apply without being aware of the APT attack model or the subjectivity model of the attacker in the dynamic APT defense game is also proposed. Simulation results show that the proposed defense scheme suppresses the attack motivation of subjective APT attackers and improves the utility of the defender, compared with the benchmark greedy defense strategy.
云存储对高级持续性威胁的防御:展望理论研究
云存储易受高级持续威胁(APT)的攻击,攻击者会对存储设备发起隐蔽、连续和有针对性的攻击。本文应用前景理论(PT)来描述云存储系统的防御者和APT攻击者之间的交互,APT攻击者做出的主观决策有时会偏离预期效用理论的结果,这是传统博弈论的基础。在纯策略的基于PT的云存储防御游戏中,防御者为每个存储设备选择一个扫描间隔,主观APT攻击者选择他或她对每个设备的攻击间隔。还研究了一个混合策略的主观存储防御游戏,其中每个主观防御者和APT攻击者都在对手行动的不确定性下行动。推导了两种博弈的纳什均衡(NE),表明APT攻击者的主观观点可以提高防御者的效用。还提出了一种基于Q学习的APT防御方案,存储防御者可以在不知道APT攻击模型或攻击者在动态APT防御游戏中的主观模型的情况下应用该方案。仿真结果表明,与基准贪婪防御策略相比,该防御方案抑制了主观APT攻击者的攻击动机,提高了防御者的效用。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
CiteScore
30.00
自引率
4.30%
发文量
234
审稿时长
6 months
期刊介绍: The IEEE Journal on Selected Areas in Communications (JSAC) is a prestigious journal that covers various topics related to Computer Networks and Communications (Q1) as well as Electrical and Electronic Engineering (Q1). Each issue of JSAC is dedicated to a specific technical topic, providing readers with an up-to-date collection of papers in that area. The journal is highly regarded within the research community and serves as a valuable reference. The topics covered by JSAC issues span the entire field of communications and networking, with recent issue themes including Network Coding for Wireless Communication Networks, Wireless and Pervasive Communications for Healthcare, Network Infrastructure Configuration, Broadband Access Networks: Architectures and Protocols, Body Area Networking: Technology and Applications, Underwater Wireless Communication Networks, Game Theory in Communication Systems, and Exploiting Limited Feedback in Tomorrow’s Communication Networks.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信