TY - GEN
T1 - Compliance control
T2 - 7th ACM CCS International Workshop on Managing Insider Security Threats, MIST 2015
AU - Casey, Will
AU - Zhu, Quanyan
AU - Morales, Jose Andre
AU - Mishra, Bud
N1 - Publisher Copyright:
© 2015 ACM.
Copyright:
Copyright 2016 Elsevier B.V., All rights reserved.
PY - 2015/10/16
Y1 - 2015/10/16
N2 - The agents of an organization, in fulfillment of their tasks, generate a cyber-physical-human trace, which is amenable to formal analysis with modal logic to verify safety and liveness properties. Trusted but non-trustworthy agents within an organization may attempt to conceal their true intentions, develop deceptive strategies, and exploit the organization-a scenario modeled here as a basic compliance signaling game. The challenge for the organization, only partially informed of its own true state, is in measuring and estimating its own safety and liveness properties as accurately as possible-the subject of this paper. To improve measurements, we suggest counter strategies where the organization presents honey objectives on a closely monitored attack surface to elicit exploitive actions and to estimate its own safety properties, an activity required for an adaptive response aiming to manage an organization's vulnerability and safety surfaces. We expand the basic game to a system of social-technological agents and tailor the encounter structure of evolutionary games to one that best fits a typical organization. Focusing on these double-sided signaling games (compliance and measure) within a system of social-technological agents, we outline a simple gradient ascent-based control mechanism and report on its ability to select and stabilize desirable equilibria despite the typical non-stationarity and chaos within evolutionary game systems. We clarify the design of our feedback-driven control system by using behavioral sensing, estimation and numerical optimization, and actuation with micro-incentives.
AB - The agents of an organization, in fulfillment of their tasks, generate a cyber-physical-human trace, which is amenable to formal analysis with modal logic to verify safety and liveness properties. Trusted but non-trustworthy agents within an organization may attempt to conceal their true intentions, develop deceptive strategies, and exploit the organization-a scenario modeled here as a basic compliance signaling game. The challenge for the organization, only partially informed of its own true state, is in measuring and estimating its own safety and liveness properties as accurately as possible-the subject of this paper. To improve measurements, we suggest counter strategies where the organization presents honey objectives on a closely monitored attack surface to elicit exploitive actions and to estimate its own safety properties, an activity required for an adaptive response aiming to manage an organization's vulnerability and safety surfaces. We expand the basic game to a system of social-technological agents and tailor the encounter structure of evolutionary games to one that best fits a typical organization. Focusing on these double-sided signaling games (compliance and measure) within a system of social-technological agents, we outline a simple gradient ascent-based control mechanism and report on its ability to select and stabilize desirable equilibria despite the typical non-stationarity and chaos within evolutionary game systems. We clarify the design of our feedback-driven control system by using behavioral sensing, estimation and numerical optimization, and actuation with micro-incentives.
UR - http://www.scopus.com/inward/record.url?scp=84956705805&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84956705805&partnerID=8YFLogxK
U2 - 10.1145/2808783.2808788
DO - 10.1145/2808783.2808788
M3 - Conference contribution
AN - SCOPUS:84956705805
T3 - MIST 2015 - Proceedings of the 7th ACM CCS International Workshop on Managing Insider Security Threats, co-located with CCS 2015
SP - 53
EP - 62
BT - MIST 2015 - Proceedings of the 7th ACM CCS International Workshop on Managing Insider Security Threats, co-located with CCS 2015
PB - Association for Computing Machinery, Inc
Y2 - 12 October 2015
ER -