Strategic Signaling for Utility Control in Audit Games

TL;DR

This paper introduces a novel zero-determinant strategy in audit games with online signaling, enabling defenders to control visitor utilities and improve security management against malicious data access.

Contribution

It develops a new ZD strategy for sequential audit games with signaling, allowing unilateral utility control and optimized defender-attacker utility difference.

Findings

The proposed scheme effectively enhances security management.

Simulation results demonstrate improved utility control and system security.

The method is cost-efficient and adaptable to different access scenarios.

Abstract

As an effective method to protect the daily access to sensitive data against malicious attacks, the audit mechanism has been widely deployed in various practical fields. In order to examine security vulnerabilities and prevent the leakage of sensitive data in a timely manner, the database logging system usually employs an online signaling scheme to issue an alert when suspicious access is detected. Defenders can audit alerts to reduce potential damage. This interaction process between a defender and an attacker can be modeled as an audit game. In previous studies, it was found that sending real-time signals in the audit game to warn visitors can improve the benefits of the defender. However, the previous approaches usually assume perfect information of the attacker, or simply concentrate on the utility of the defender. In this paper, we introduce a brand-new zero-determinant (ZD) strategy to study the sequential audit game with online signaling, which empowers the defender to unilaterally control the utility of visitors when accessing sensitive data. In addition, an optimization scheme based on the ZD strategy is designed to effectively maximize the utility difference between the defender and the attacker. Extensive simulation results show that our proposed scheme enhances the security management and control capabilities of the defender to better handle different access requests and safeguard the system security in a cost-efficient manner.