As an effective method to protect the daily access to sensitive data against malicious attacks, the audit mechanism has been widely deployed in various practical fields. In order to examine security vulnerabilities and prevent the leakage of sensitive data in a timely manner, the database logging system usually employs an online signaling scheme to issue an alert when suspicious access is detected. Defenders can audit alerts to reduce potential damage. This interaction process between a defender and an attacker can be modeled as an audit game. In previous studies, it was found that sending real-time signals in the audit game to warn visitors can improve the benefits of the defender. However, the previous approaches usually assume perfect information of the attacker, or simply concentrate on the utility of the defender. In this paper, we introduce a brand-new zero-determinant (ZD) strategy to study the sequential audit game with online signaling, which empowers the defender to unilaterally control the utility of visitors when accessing sensitive data. In addition, an optimization scheme based on the ZD strategy is designed to effectively maximize the utility difference between the defender and the attacker. Extensive simulation results show that our proposed scheme enhances the security management and control capabilities of the defender to better handle different access requests and safeguard the system security in a cost-efficient manner.
Chen, Jianan, Qin Hu, and Honglu Jiang. "Strategic signaling for utility control in audit games." Computers & Security 118 (2022): 102721. https://doi.org/10.1016/j.cose.2022.102721