Experimental Investigation in the Impact on Security of the Release Order of Defensive Algorithms

Abstract : In the practical use of security mechanisms such as CAPTCHAs and spam filters, attackers and defenders exchange ‘victories,’ each celebrating (temporary) success in breaking and defending. While most of security mechanisms rely on a single algorithm as a defense mechanism, we propose an approach based on a set of algorithms as a defense mechanism. When studying sets of algorithms various issues arise about how to construct the algorithms and in which order or in which combination to release them. In this paper, we consider the question of whether the order in which a set of defensive algorithms is released has a significant impact on the time taken by attackers to break the combined set of algorithms. The rationale behind our approach is that attackers learn from their attempts, and that the release schedule of defensive mechanisms can be adjusted so as to impair that learning process. This paper introduces this problem. We show that our hypothesis holds for an experiment using several simplified but representative spam filter algorithms—that is, the order in which spam filters are released has a statistically significant impact on the time attackers take to break all algorithms.
Type de document :
Communication dans un congrès
Alfredo Cuzzocrea; Christian Kittl; Dimitris E. Simos; Edgar Weippl; Lida Xu. 1st Cross-Domain Conference and Workshop on Availability, Reliability, and Security in Information Systems (CD-ARES), Sep 2013, Regensburg, Germany. Springer, Lecture Notes in Computer Science, LNCS-8128, pp.321-336, 2013, Security Engineering and Intelligence Informatics
Liste complète des métadonnées

Littérature citée [25 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01506554
Contributeur : Hal Ifip <>
Soumis le : mercredi 12 avril 2017 - 10:24:52
Dernière modification le : jeudi 13 avril 2017 - 01:06:53
Document(s) archivé(s) le : jeudi 13 juillet 2017 - 12:35:36

Fichier

978-3-642-40588-4_22_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

  • HAL Id : hal-01506554, version 1

Citation

Suliman Alsuhibany, Ahmad Alonaizi, Charles Morisset, Chris Smith, Aad Moorsel. Experimental Investigation in the Impact on Security of the Release Order of Defensive Algorithms. Alfredo Cuzzocrea; Christian Kittl; Dimitris E. Simos; Edgar Weippl; Lida Xu. 1st Cross-Domain Conference and Workshop on Availability, Reliability, and Security in Information Systems (CD-ARES), Sep 2013, Regensburg, Germany. Springer, Lecture Notes in Computer Science, LNCS-8128, pp.321-336, 2013, Security Engineering and Intelligence Informatics. 〈hal-01506554〉

Partager

Métriques

Consultations de la notice

104

Téléchargements de fichiers

34