Information Leakage Games: Exploring Information as a Utility Function
نویسندگان
چکیده
A common goal in the areas of secure information flow and privacy is to build effective defenses against unwanted leakage information. To this end, one must be able reason about potential attacks their interplay with possible defenses. In article, we propose a game-theoretic framework formalize strategies attacker defender context leakage, provide basis for developing optimal defense methods. novelty our games that utility given by which some cases may behave non-linear way. This causes significant deviation from classic game theory, functions are linear respect players’ strategies. Hence, key contribution work establishment foundations games. We consider two kinds games, depending on notion considered. The first kind, QIF -games , tailored theory quantitative flow. second one, DP corresponds differential privacy.
منابع مشابه
Information Leakage Games
We formalize the interplay between defender and adversary in a game-theoretic framework adapted to the specific issues of quantitative information flow. Assuming that both defender and adversary may be active and influence the system during the attack, we define a general framework of information leakage games in which the payoff function of the game is information leakage. We provide methods f...
متن کاملSymmetric Incomplete Information Games as Stochastic Games
The purpose of this chapter is to show how games with incomplete information in fact reduce to stochastic games, as long as the information is symmetric among the players. The new state space corresponds to the beliefs on the space of unknown parameters.
متن کاملSecurity Games with Information Leakage: Modeling and Computation
Most models of Stackelberg security games assume that the attacker only knows the defender’s mixed strategy, but is not able to observe (even partially) the instantiated pure strategy. Such partial observation of the deployed pure strategy – an issue we refer to as information leakage – is a significant concern in practical applications. While previous research on patrolling games has considere...
متن کاملHandling Declared Information Leakage
We address the problem of controlling information leakage in a concurrent declarative programming setting. Our aim is to define formal tools in order to distinguish between authorized, or declared, information flows such as password testing (e.g., ATM, login processes, etc.) and non-authorized ones. We propose to define security policies as rewriting systems. Such policies define how the privac...
متن کاملManaging Information Leakage
We explore the problem of managing information leakage by connecting two hitherto disconnected topics: entity resolution (ER) and data privacy (DP). As more of our sensitive data gets exposed to a variety of merchants, health care providers, employers, social sites and so on, there is a higher chance that an adversary can “connect the dots” and piece together our information, leading to even mo...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: ACM transactions on privacy and security
سال: 2022
ISSN: ['2471-2574', '2471-2566']
DOI: https://doi.org/10.1145/3517330