Cloud Storage Defense Against Advanced Persistent Threats: A Prospect Theoretic Study

Cloud Storage Defense Against Advanced Persistent Threats: A Prospect Theoretic Study

Cloud storage is vulnerable to advanced persistent threats (APTs), in which an attacker launches stealthy, continuous, and targeted attacks on storage devices. In this paper, prospect theory (PT) is applied to formulate the interaction between the defender of a cloud storage system and an APT attack...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IEEE journal on selected areas in communications 2017-03, Vol.35 (3), p.534-544
Hauptverfasser: Xiao, Liang, Xu, Dongjin, Xie, Caixia, Mandayam, Narayan B., Poor, H. Vincent
Format: Artikel
Sprache:eng
Schlagworte:
advanced persistent threats
Cloud computing
Cloud storage
Communication networks
Computer simulation
Decision theory
Defense
Economic models
Expected utility
Game theory
Mathematical model
prospect theory
Q-learning
Strategy
Utility theory
Wireless communication
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 544
container_issue 3
container_start_page 534
container_title IEEE journal on selected areas in communications
container_volume 35
creator Xiao, Liang
Xu, Dongjin
Xie, Caixia
Mandayam, Narayan B.
Poor, H. Vincent
description Cloud storage is vulnerable to advanced persistent threats (APTs), in which an attacker launches stealthy, continuous, and targeted attacks on storage devices. In this paper, prospect theory (PT) is applied to formulate the interaction between the defender of a cloud storage system and an APT attacker who makes subjective decisions that sometimes deviate from the results of expected utility theory, which is a basis of traditional game theory. In the PT-based cloud storage defense game with pure strategy, the defender chooses a scan interval for each storage device and the subjective APT attacker chooses his or her interval of attack against each device. A mixed-strategy subjective storage defense game is also investigated, in which each subjective defender and APT attacker acts under uncertainty about the action of its opponent. The Nash equilibria (NEs) of both games are derived, showing that the subjective view of an APT attacker can improve the utility of the defender. A Q-learning-based APT defense scheme that the storage defender can apply without being aware of the APT attack model or the subjectivity model of the attacker in the dynamic APT defense game is also proposed. Simulation results show that the proposed defense scheme suppresses the attack motivation of subjective APT attackers and improves the utility of the defender, compared with the benchmark greedy defense strategy.
doi_str_mv 10.1109/JSAC.2017.2659418
format Article
fullrecord <record><control><sourceid>proquest_RIE</sourceid><recordid>TN_cdi_proquest_journals_1893702911</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>7835168</ieee_id><sourcerecordid>1893702911</sourcerecordid><originalsourceid>FETCH-LOGICAL-c336t-a16c6035633075774c1a83e332cc4d097413111deaa839c0aa4525fc7d117bfc3</originalsourceid><addsrcrecordid>eNo9kF1LwzAUhoMoOKc_QLwJeN2Z0zRN6l2p3wwcbLsOMTmdHbOdSSrs39sy8erAy_txeAi5BjYDYMXd27KsZikDOUtzUWSgTsgEhFAJY0ydkgmTnCdKQn5OLkLYMgZZptIJWVe7rnd0GTtvNkgfsMY2IC03pmlDpKX7Ma1FRxfoQxMitpGuPj2aGO5pSRe-C3u0o4adx9jYoal3h0tyVptdwKu_OyXrp8dV9ZLM359fq3KeWM7zmBjIbc64yDlnUkiZWTCKI-eptZljhcyAA4BDM8iFZcZkIhW1lQ5AftSWT8ntsXfvu-8eQ9TbrvftMKlBFVyytAAYXHB02eHd4LHWe998GX_QwPRIT4_09EhP_9EbMjfHTIOI_36puIBc8V9-LWoP</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>1893702911</pqid></control><display><type>article</type><title>Cloud Storage Defense Against Advanced Persistent Threats: A Prospect Theoretic Study</title><source>IEEE Electronic Library (IEL)</source><creator>Xiao, Liang ; Xu, Dongjin ; Xie, Caixia ; Mandayam, Narayan B. ; Poor, H. Vincent</creator><creatorcontrib>Xiao, Liang ; Xu, Dongjin ; Xie, Caixia ; Mandayam, Narayan B. ; Poor, H. Vincent</creatorcontrib><description>Cloud storage is vulnerable to advanced persistent threats (APTs), in which an attacker launches stealthy, continuous, and targeted attacks on storage devices. In this paper, prospect theory (PT) is applied to formulate the interaction between the defender of a cloud storage system and an APT attacker who makes subjective decisions that sometimes deviate from the results of expected utility theory, which is a basis of traditional game theory. In the PT-based cloud storage defense game with pure strategy, the defender chooses a scan interval for each storage device and the subjective APT attacker chooses his or her interval of attack against each device. A mixed-strategy subjective storage defense game is also investigated, in which each subjective defender and APT attacker acts under uncertainty about the action of its opponent. The Nash equilibria (NEs) of both games are derived, showing that the subjective view of an APT attacker can improve the utility of the defender. A Q-learning-based APT defense scheme that the storage defender can apply without being aware of the APT attack model or the subjectivity model of the attacker in the dynamic APT defense game is also proposed. Simulation results show that the proposed defense scheme suppresses the attack motivation of subjective APT attackers and improves the utility of the defender, compared with the benchmark greedy defense strategy.</description><identifier>ISSN: 0733-8716</identifier><identifier>EISSN: 1558-0008</identifier><identifier>DOI: 10.1109/JSAC.2017.2659418</identifier><identifier>CODEN: ISACEM</identifier><language>eng</language><publisher>New York: IEEE</publisher><subject>advanced persistent threats ; Cloud computing ; Cloud storage ; Communication networks ; Computer simulation ; Decision theory ; Defense ; Economic models ; Expected utility ; Game theory ; Mathematical model ; prospect theory ; Q-learning ; Strategy ; Utility theory ; Wireless communication</subject><ispartof>IEEE journal on selected areas in communications, 2017-03, Vol.35 (3), p.534-544</ispartof><rights>Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2017</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c336t-a16c6035633075774c1a83e332cc4d097413111deaa839c0aa4525fc7d117bfc3</citedby><cites>FETCH-LOGICAL-c336t-a16c6035633075774c1a83e332cc4d097413111deaa839c0aa4525fc7d117bfc3</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/7835168$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>314,776,780,792,27901,27902,54733</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/7835168$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Xiao, Liang</creatorcontrib><creatorcontrib>Xu, Dongjin</creatorcontrib><creatorcontrib>Xie, Caixia</creatorcontrib><creatorcontrib>Mandayam, Narayan B.</creatorcontrib><creatorcontrib>Poor, H. Vincent</creatorcontrib><title>Cloud Storage Defense Against Advanced Persistent Threats: A Prospect Theoretic Study</title><title>IEEE journal on selected areas in communications</title><addtitle>J-SAC</addtitle><description>Cloud storage is vulnerable to advanced persistent threats (APTs), in which an attacker launches stealthy, continuous, and targeted attacks on storage devices. In this paper, prospect theory (PT) is applied to formulate the interaction between the defender of a cloud storage system and an APT attacker who makes subjective decisions that sometimes deviate from the results of expected utility theory, which is a basis of traditional game theory. In the PT-based cloud storage defense game with pure strategy, the defender chooses a scan interval for each storage device and the subjective APT attacker chooses his or her interval of attack against each device. A mixed-strategy subjective storage defense game is also investigated, in which each subjective defender and APT attacker acts under uncertainty about the action of its opponent. The Nash equilibria (NEs) of both games are derived, showing that the subjective view of an APT attacker can improve the utility of the defender. A Q-learning-based APT defense scheme that the storage defender can apply without being aware of the APT attack model or the subjectivity model of the attacker in the dynamic APT defense game is also proposed. Simulation results show that the proposed defense scheme suppresses the attack motivation of subjective APT attackers and improves the utility of the defender, compared with the benchmark greedy defense strategy.</description><subject>advanced persistent threats</subject><subject>Cloud computing</subject><subject>Cloud storage</subject><subject>Communication networks</subject><subject>Computer simulation</subject><subject>Decision theory</subject><subject>Defense</subject><subject>Economic models</subject><subject>Expected utility</subject><subject>Game theory</subject><subject>Mathematical model</subject><subject>prospect theory</subject><subject>Q-learning</subject><subject>Strategy</subject><subject>Utility theory</subject><subject>Wireless communication</subject><issn>0733-8716</issn><issn>1558-0008</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2017</creationdate><recordtype>article</recordtype><sourceid>RIE</sourceid><recordid>eNo9kF1LwzAUhoMoOKc_QLwJeN2Z0zRN6l2p3wwcbLsOMTmdHbOdSSrs39sy8erAy_txeAi5BjYDYMXd27KsZikDOUtzUWSgTsgEhFAJY0ydkgmTnCdKQn5OLkLYMgZZptIJWVe7rnd0GTtvNkgfsMY2IC03pmlDpKX7Ma1FRxfoQxMitpGuPj2aGO5pSRe-C3u0o4adx9jYoal3h0tyVptdwKu_OyXrp8dV9ZLM359fq3KeWM7zmBjIbc64yDlnUkiZWTCKI-eptZljhcyAA4BDM8iFZcZkIhW1lQ5AftSWT8ntsXfvu-8eQ9TbrvftMKlBFVyytAAYXHB02eHd4LHWe998GX_QwPRIT4_09EhP_9EbMjfHTIOI_36puIBc8V9-LWoP</recordid><startdate>20170301</startdate><enddate>20170301</enddate><creator>Xiao, Liang</creator><creator>Xu, Dongjin</creator><creator>Xie, Caixia</creator><creator>Mandayam, Narayan B.</creator><creator>Poor, H. Vincent</creator><general>IEEE</general><general>The Institute of Electrical and Electronics Engineers, Inc. (IEEE)</general><scope>97E</scope><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SP</scope><scope>8FD</scope><scope>L7M</scope></search><sort><creationdate>20170301</creationdate><title>Cloud Storage Defense Against Advanced Persistent Threats: A Prospect Theoretic Study</title><author>Xiao, Liang ; Xu, Dongjin ; Xie, Caixia ; Mandayam, Narayan B. ; Poor, H. Vincent</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c336t-a16c6035633075774c1a83e332cc4d097413111deaa839c0aa4525fc7d117bfc3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2017</creationdate><topic>advanced persistent threats</topic><topic>Cloud computing</topic><topic>Cloud storage</topic><topic>Communication networks</topic><topic>Computer simulation</topic><topic>Decision theory</topic><topic>Defense</topic><topic>Economic models</topic><topic>Expected utility</topic><topic>Game theory</topic><topic>Mathematical model</topic><topic>prospect theory</topic><topic>Q-learning</topic><topic>Strategy</topic><topic>Utility theory</topic><topic>Wireless communication</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Xiao, Liang</creatorcontrib><creatorcontrib>Xu, Dongjin</creatorcontrib><creatorcontrib>Xie, Caixia</creatorcontrib><creatorcontrib>Mandayam, Narayan B.</creatorcontrib><creatorcontrib>Poor, H. Vincent</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE Electronic Library (IEL)</collection><collection>CrossRef</collection><collection>Electronics &amp; Communications Abstracts</collection><collection>Technology Research Database</collection><collection>Advanced Technologies Database with Aerospace</collection><jtitle>IEEE journal on selected areas in communications</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Xiao, Liang</au><au>Xu, Dongjin</au><au>Xie, Caixia</au><au>Mandayam, Narayan B.</au><au>Poor, H. Vincent</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Cloud Storage Defense Against Advanced Persistent Threats: A Prospect Theoretic Study</atitle><jtitle>IEEE journal on selected areas in communications</jtitle><stitle>J-SAC</stitle><date>2017-03-01</date><risdate>2017</risdate><volume>35</volume><issue>3</issue><spage>534</spage><epage>544</epage><pages>534-544</pages><issn>0733-8716</issn><eissn>1558-0008</eissn><coden>ISACEM</coden><abstract>Cloud storage is vulnerable to advanced persistent threats (APTs), in which an attacker launches stealthy, continuous, and targeted attacks on storage devices. In this paper, prospect theory (PT) is applied to formulate the interaction between the defender of a cloud storage system and an APT attacker who makes subjective decisions that sometimes deviate from the results of expected utility theory, which is a basis of traditional game theory. In the PT-based cloud storage defense game with pure strategy, the defender chooses a scan interval for each storage device and the subjective APT attacker chooses his or her interval of attack against each device. A mixed-strategy subjective storage defense game is also investigated, in which each subjective defender and APT attacker acts under uncertainty about the action of its opponent. The Nash equilibria (NEs) of both games are derived, showing that the subjective view of an APT attacker can improve the utility of the defender. A Q-learning-based APT defense scheme that the storage defender can apply without being aware of the APT attack model or the subjectivity model of the attacker in the dynamic APT defense game is also proposed. Simulation results show that the proposed defense scheme suppresses the attack motivation of subjective APT attackers and improves the utility of the defender, compared with the benchmark greedy defense strategy.</abstract><cop>New York</cop><pub>IEEE</pub><doi>10.1109/JSAC.2017.2659418</doi><tpages>11</tpages><oa>free_for_read</oa></addata></record>
fulltext fulltext_linktorsrc
identifier ISSN: 0733-8716
ispartof IEEE journal on selected areas in communications, 2017-03, Vol.35 (3), p.534-544
issn 0733-8716
1558-0008
language eng
recordid cdi_proquest_journals_1893702911
source IEEE Electronic Library (IEL)
subjects advanced persistent threats
Cloud computing
Cloud storage
Communication networks
Computer simulation
Decision theory
Defense
Economic models
Expected utility
Game theory
Mathematical model
prospect theory
Q-learning
Strategy
Utility theory
Wireless communication
title Cloud Storage Defense Against Advanced Persistent Threats: A Prospect Theoretic Study
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-02-21T21%3A57%3A37IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_RIE&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Cloud%20Storage%20Defense%20Against%20Advanced%20Persistent%20Threats:%20A%20Prospect%20Theoretic%20Study&rft.jtitle=IEEE%20journal%20on%20selected%20areas%20in%20communications&rft.au=Xiao,%20Liang&rft.date=2017-03-01&rft.volume=35&rft.issue=3&rft.spage=534&rft.epage=544&rft.pages=534-544&rft.issn=0733-8716&rft.eissn=1558-0008&rft.coden=ISACEM&rft_id=info:doi/10.1109/JSAC.2017.2659418&rft_dat=%3Cproquest_RIE%3E1893702911%3C/proquest_RIE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=1893702911&rft_id=info:pmid/&rft_ieee_id=7835168&rfr_iscdi=true