Skip to Main content Skip to Navigation
New interface
Conference papers

A Hypergame Analysis for ErsatzPasswords

Abstract : A hypergame is a game theoretic model capturing the decisions of rational players in a conflict where misperceptions, from deception or information asymmetry, are present. We demonstrate how hypergames can model an actual security mechanism: ErsatzPassword, a defense mechanism to protect password hashes from offline brute-force attacks. Two ErsatzPassword defensive strategies are considered: to block the attacker and trigger an alarm, or to redirect the attacker into a honeynet for attack analysis. We consider the scenario where there is information asymmetry in the system and one side under-estimates or over-estimates the risk tolerance of the other side. We analyze plausible strategies for both attacker and defender and then solve 57,600 hypergame configurations to determine the optimal 1st line defense strategies under various levels of risk tolerance and misperceptions.
Document type :
Conference papers
Complete list of metadata

Cited literature [16 references]  Display  Hide  Download
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Thursday, February 21, 2019 - 4:37:54 PM
Last modification on : Thursday, February 21, 2019 - 4:40:00 PM
Long-term archiving on: : Wednesday, May 22, 2019 - 9:04:41 PM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Christopher N. Gutierrez, Mohammed H. Almeshekah, Saurabh Bagchi, Eugene H. Spafford. A Hypergame Analysis for ErsatzPasswords. 33th IFIP International Conference on ICT Systems Security and Privacy Protection (SEC), Sep 2018, Poznan, Poland. pp.47-61, ⟨10.1007/978-3-319-99828-2_4⟩. ⟨hal-02023738⟩



Record views


Files downloads