FlipIt: The Game of “Stealthy Takeover”
- Marten van DijkAffiliated withRSA Laboratories
- , Ari JuelsAffiliated withRSA Laboratories
- , Alina OpreaAffiliated withRSA Laboratories Email author
- , Ronald L. RivestAffiliated withComputer Science and Artificial Intelligence Laboratory, Massachusetts Institute of Technology
Rent the article at a discountRent now
* Final gross prices may vary according to local VAT.Get Access
Systems should be designed under the assumption of repeated total compromise, including theft of cryptographic keys. FlipIt provides guidance on how to implement a cost-effective defensive strategy.
Aggressive play by one player can motivate the opponent to drop out of the game (essentially not to play at all). Therefore, moving fast is a good defensive strategy, but it can only be implemented if move costs are low. We believe that virtualization has a huge potential in this respect.
Close monitoring of one’s resources is beneficial in detecting potential attacks faster, gaining insight into attacker’s strategies, and scheduling defensive moves more effectively.
Interestingly, FlipIt finds applications in other security realms besides modeling of targeted attacks. Examples include cryptographic key rotation, password changing policies, refreshing virtual machines, and cloud auditing.
Key wordsFlipIt Security modeling Game theory Advanced persistent threats Repeated stealthy takeovers
- FlipIt: The Game of “Stealthy Takeover”
Journal of Cryptology
Volume 26, Issue 4 , pp 655-713
- Cover Date
- Print ISSN
- Online ISSN
- Springer US
- Additional Links
- Security modeling
- Game theory
- Advanced persistent threats
- Repeated stealthy takeovers
- Industry Sectors