A Game-Theoretic Approach to Information-Flow Control via Protocol Composition

@article{Alvim2018AGA,
  title={A Game-Theoretic Approach to Information-Flow Control via Protocol Composition},
  author={M{\'a}rio S. Alvim and Konstantinos Chatzikokolakis and Yusuke Kawamoto and Catuscia Palamidessi},
  journal={Entropy},
  year={2018},
  volume={20}
}
In the inference attacks studied in Quantitative Information Flow (QIF), the attacker typically tries to interfere with the system in the attempt to increase its leakage of secret information. The defender, on the other hand, typically tries to decrease leakage by introducing some controlled noise. This noise introduction can be modeled as a type of protocol composition, i.e., a probabilistic choice among different protocols, and its effect on the amount of leakage depends heavily on whether or… 
Leakage and Protocol Composition in a Game-Theoretic Perspective
TLDR
This work considers operators for modeling visible and invisible choice in protocol composition, and studies their algebraic properties, and formalizes the interplay between defender and adversary in a game-theoretic framework adapted to the specific issues of QIF, where the payoff is information leakage.
10 46 5 v 2 [ cs . C R ] 3 0 M ar 2 01 8 Leakage and Protocol Composition in a Game-Theoretic Perspective ⋆
In the inference attacks studied in Quantitative Information Flow (QIF), the adversary typically tries to interfere with the system in the attempt to increase its leakage of secret information. The
Verification and Control of Turn-Based Probabilistic Real-Time Games
TLDR
This work shows how to compute the key measures that underlie quantitative verification, namely the probability and expected cumulative price to reach a target, for the model of turn-based probabilistic timed multi-player games.
Hybrid statistical estimation of mutual information and its application to information flow
TLDR
A hybrid statistical estimation method that combines precise and statistical analyses to estimate mutual information, Shannon entropy, and conditional entropy, together with their confidence intervals is proposed and demonstrated with case studies that the new method outperforms the state of the art in quantifying information leakage.
Information Theory in Game Theory
TLDR
Information theory, as the mathematics of communication and storage of information, and game theory, are each successful fields of research on their own.
Future Security Challenges for Smart Societies: Overview from Technical and Societal Perspectives
Human societies went through a long journey from fundamental Society 1.0 to smart Society 5.0. From a security point of view, each phase of development has its characteristics and specialisation. In
Catuscia Palamidessi
TLDR
On the 4th of November 2019, Catuscia was celebrated with an LNCS volume written in her honor, entitled The Art of Modelling Computational Systems: A Journey from Logic and Concurrency to Security and Privacy.
Information Leakage Games: Exploring Information as a Utility Function
TLDR
This paper proposes a game-theoretic framework to formalize strategies of attacker and defender in the context of information leakage, and provide a basis for developing optimal defense methods.

References

SHOWING 1-10 OF 35 REFERENCES
Leakage and Protocol Composition in a Game-Theoretic Perspective
TLDR
This work considers operators for modeling visible and invisible choice in protocol composition, and studies their algebraic properties, and formalizes the interplay between defender and adversary in a game-theoretic framework adapted to the specific issues of QIF, where the payoff is information leakage.
Information Leakage Games
TLDR
This seems the first work to prove formally that in certain cases the optimal attack strategy is necessarily probabilistic, for both the attacker and the defender.
Security Games with Information Leakage: Modeling and Computation
TLDR
This work starts with an LP formulation to compute the defender's optimal strategy in the presence of leakage and shows that a key subproblem to solve this LP (more precisely, the defender oracle) is NP-hard even for the simplest of security game models.
Adversarial Leakage in Games
TLDR
The notion of adversarial leakage in games is introduced, namely, the ability of a player to learn the value of $b$ binary predicates about the strategy instantiation of her opponent.
On the Foundations of Quantitative Information Flow
TLDR
This paper argues that the consensus definitions of Shannon entropy actually fail to give good security guarantees, and explores an alternative foundation based on a concept of vulnerability and which measures uncertainty using Renyi's min-entropy , rather than Shannon entropy.
On the Compositionality of Quantitative Information Flow
TLDR
This paper studies the case in which the channel associated to the system can be decomposed into simpler channels, which typically happens when the observables consist of multiple components, and derivation of bounds on the (multiplicative version of) $g$-leakage of the whole system in terms of the $g-leaks of its components.
Bridging Game Theory and Cryptography: Recent Results and Future Directions
TLDR
This work surveys known results in combining the approaches and techniques of game theory and cryptography with those of cryptographic protocol design, and suggests some new definitions along with avenues for future research.
Quantitative information flow under generic leakage functions and adaptive adversaries
TLDR
This model subsumes many of the qif models proposed so far and shows that the maximum information leakage over strategies, given a finite time horizon, can be expressed in terms of a Bellman equation.
Relative Perfect Secrecy: Universally Optimal Strategies and Channel Design
TLDR
This paper addresses the fundamental question of what is the lowest leakage of information that can be achieved when some of the secrets have to be eliminated by deriving the minimum leakage in closed-form, and explicitly providing "universally optimal" randomized strategies, in the sense that they guarantee the Minimum leakage irrespective of the measure of entropy used to quantify the leakage.
Secure or insure?: a game-theoretic analysis of information security games
TLDR
In the weakest-target game, an interesting result is that, for almost all parameter settings, more effort is exerted at Nash equilibrium than at the social optimum, which may be attributed to the "strategic uncertainty" of players seeking to self-protect at just slightly above the lowest protection level.
...
1
2
3
4
...