IFIP SEC 2018, Abstract of the talk

A Hypergame Analysis for ErsatzPasswords

Christopher N. Gutierrez1, Mohammed H. Almeshekah2, Saurabh Bagchi1, and Eugene H. Spafford1
1 Purdue University, Center for Education and Research in Information Assurance and Security (CERIAS), West Lafayette, USA, 2 King Saud University, Department of Computer Science, Riyadh, Saudi Arabia

Abstract. A hypergame is a game theoretic model capturing the decisions of rational players in a conflict where misperceptions, from deception or information asymmetry, are present. We demonstrate how hypergames can model an actual security mechanism: ErsatzPassword, a defense mechanism to protect password hashes from offline brute-force attacks. Two ErsatzPassword defensive strategies are considered: to block the attacker and trigger an alarm, or to redirect the attacker into a honeynet for attack analysis. We consider the scenario where there is information asymmetry in the system and one side under-estimates or over-estimates the risk tolerance of the other side. We analyze plausible strategies for both attacker and defender and then solve 57,600 hyper-game configurations to determine the optimal 1st line defense strategies under various levels of risk tolerance and misperceptions.

Keywords: Computer Security, Deception, Game Theory

The paper published in the IFIP SEC 2018 confeence proceedings by Springer Verlag