A Learning-Based Approach to Reactive Security

Author

Barth, Adam ; Rubinstein, Benjamin I P ; Sundararajan, Mukund ; Mitchell, John C. ; Song, Dawn ; Bartlett, Peter L.

Author_Institution

Google Inc., Mountain View, CA, USA

Volume

9

Issue

4

fYear

2012

Firstpage

482

Lastpage

493

Abstract

Despite the conventional wisdom that proactive security is superior to reactive security, we show that reactive security can be competitive with proactive security as long as the reactive defender learns from past attacks instead of myopically overreacting to the last attack. Our game-theoretic model follows common practice in the security literature by making worst case assumptions about the attacker: we grant the attacker complete knowledge of the defender´s strategy and do not require the attacker to act rationally. In this model, we bound the competitive ratio between a reactive defense algorithm (which is inspired by online learning theory) and the best fixed proactive defense. Additionally, we show that, unlike proactive defenses, this reactive strategy is robust to a lack of information about the attacker´s incentives and knowledge.

Keywords

game theory; learning (artificial intelligence); security of data; attacker incentives; attacker knowledge; defender strategy; game-theoretic model; learning-based approach; proactive defense; proactive security; reactive defender; reactive defense algorithm; reactive security; Credit cards; Databases; Games; Resource management; Risk management; Security; Servers; Reactive security; adversarial learning; attack graphs; game theory.; online learning; risk management;

fLanguage

English

Journal_Title

Dependable and Secure Computing, IEEE Transactions on

Publisher

ieee

ISSN

1545-5971

Type

jour

DOI

10.1109/TDSC.2011.42

Filename

5999670