Cloud Storage Defense Against Advanced Persistent Threats: A Prospect Theoretic Study

Liang Xiao, Dongjin Xu, Caixia Xie, Narayan B. Mandayam, H. Vincent Poor

Research output: Contribution to journalArticlepeer-review

81 Scopus citations

Abstract

Cloud storage is vulnerable to advanced persistent threats (APTs), in which an attacker launches stealthy, continuous, and targeted attacks on storage devices. In this paper, prospect theory (PT) is applied to formulate the interaction between the defender of a cloud storage system and an APT attacker who makes subjective decisions that sometimes deviate from the results of expected utility theory, which is a basis of traditional game theory. In the PT-based cloud storage defense game with pure strategy, the defender chooses a scan interval for each storage device and the subjective APT attacker chooses his or her interval of attack against each device. A mixed-strategy subjective storage defense game is also investigated, in which each subjective defender and APT attacker acts under uncertainty about the action of its opponent. The Nash equilibria (NEs) of both games are derived, showing that the subjective view of an APT attacker can improve the utility of the defender. A Q-learning-based APT defense scheme that the storage defender can apply without being aware of the APT attack model or the subjectivity model of the attacker in the dynamic APT defense game is also proposed. Simulation results show that the proposed defense scheme suppresses the attack motivation of subjective APT attackers and improves the utility of the defender, compared with the benchmark greedy defense strategy.

Original languageEnglish (US)
Article number7835168
Pages (from-to)534-544
Number of pages11
JournalIEEE Journal on Selected Areas in Communications
Volume35
Issue number3
DOIs
StatePublished - Mar 2017
Externally publishedYes

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Electrical and Electronic Engineering

Keywords

  • Cloud storage
  • Q-learning
  • advanced persistent threats
  • game theory
  • prospect theory

Fingerprint

Dive into the research topics of 'Cloud Storage Defense Against Advanced Persistent Threats: A Prospect Theoretic Study'. Together they form a unique fingerprint.

Cite this