Projects per year
Abstract
In this work we propose a model for conducting efficient and mutually beneficial information sharing between two competing entities, focusing specifically on software vulnerability sharing. We extend the two-stage game-theoretic model proposed by Khouzani et al. [18] for bug sharing, addressing two key features: we allow security information to be associated with different categories and severities, but also remove a large proportion of player homogeneity assumptions the previous work makes. We then analyse how these added degrees of realism affect the trading dynamics of the game. Secondly, we develop a new private set operation (PSO) protocol that enables the removal of the trusted mediation requirement. The PSO functionality allows for bilateral trading between the two entities up to a mutually agreed threshold on the value of information shared, keeping all other input information secret. The protocol scales linearly with set sizes and we give an implementation that establishes the practicality of the design for varying input parameters. The resulting model and protocol provide a framework for practical and secure information sharing between competing entities.
Original language | English |
---|---|
Title of host publication | WISCS '16 Proceedings of the 2016 ACM on Workshop on Information Sharing and Collaborative Security |
Publisher | ACM |
Pages | 3-14 |
Number of pages | 12 |
ISBN (Print) | 978-1-4503-4565-1 |
DOIs | |
Publication status | Published - 24 Oct 2016 |
Event | WISCS 2016 - 3rd ACM Workshop on Information Sharing and Collaborative Security - Vienna, Austria Duration: 24 Oct 2016 → 24 Oct 2016 |
Workshop
Workshop | WISCS 2016 - 3rd ACM Workshop on Information Sharing and Collaborative Security |
---|---|
Country/Territory | Austria |
City | Vienna |
Period | 24/10/16 → 24/10/16 |
Projects
- 1 Finished
-
Centre for Doctoral Training in Cyber Security
Cid, C. (PI), Crampton, J. (CoI), Martin, K. M. (CoI) & Paterson, K. (CoI)
Eng & Phys Sci Res Council EPSRC
1/04/13 → 31/12/19
Project: Research