ONLINE SEMINAR: Continuous Authentication Security Games, by Dr. Serkan Sarıtaş, Wed, Nov. 4, 2020, @15:30, via Zoom
October 30, 2020
As the second of the department's seminar series of 2020-2021 Fall Term, Dr. Serkan Sarıtaş from KTH Royal Institute of Technology, will make a talk titled "Continuous Authentication Security Games".

Seminar Date : Wendesday, November 4, 2020
Seminar Time : 15:30 (Turkey local time)
Seminar Place : Zoom
Zoom code and password is on the picture below.

For your questions and comments:
Dr. İsmail Uyanık,
Conventional single- and multi-factor authentication are insufficient for preventing sophisticated identity theft attacks, such as account takeover attacks and session hijacking attacks. These attacks may cause catastrophic losses for companies and individuals, and possibly disasters for critical infrastructures. As an extension to traditional identity and access management (IAM) strategies, continuous authentication schemes are increasingly utilized for mitigating such attacks. In the case of continuous authentication, the user's identity is verified by her behavioral characteristics (i.e., behavioral patterns that are unique to each user) repeatedly or continuously, instead of identifying users with their credentials only once, as in the classical approaches.

In the first part, we consider a system operator (defender) that maintains a corporate network (e.g., a critical infrastructure operator), an employee of the organization that uses resources on the corporate network, and an attacker. The interaction between the system operator (defender) who maintains continuous authentication and an intrusion detection system (IDS) in its system consisting of single/multiple resource(s), and the adversarial attacker who tries to execute a rogue command on the system's resources is modeled as a dynamic discrete stochastic game with imperfect information. For this general model, various scenarios are investigated, including the cases of single and multiple resources, a risk-averse and a risk-seeking defender, and the impact of parameter uncertainty. Despite its prominence in identification and its effectiveness in reducing security risks, the results show that continuous authentication only is not enough to secure the system, the additional solutions, such as IDS, are essential for optimal security risk minimization.

In the second part, we consider the continuous authentication problem under the channel authentication framework. In particular, a legitimate user (Alice) communicates with a data server/operator (Bob), who authenticates the origin of the packets by checking the carrier frequency offset (CFO), and there is an adversary (Eve), who listens the communication between Alice and Bob in order to inject malicious packets into the data server by impersonating Alice. Similar to the previous part, the interaction between Bob (defender) and Eve (attacker) is modeled as a dynamic discrete stochastic game with imperfect information. The optimal attacker and defender strategies are investigated under various scenarios.

Serkan Sarıtaş is a Postdoctoral Researcher jointly at the Division of Decision and Control Systems, the Division of Network and Systems Engineering, and the Division of Information Science and Engineering, KTH Royal Institute of Technology since September 2018. He received his B.Sc. degree in Electrical and Electronics Engineering, M.S. degree in Computer Engineering and Ph.D. degree in Electrical and Electronics Engineering from Bilkent University, Turkey, in 2010, 2013, and 2018, respectively. He has been a visiting research student at the Department of Mathematics and Statistics at Queen’s University in Kingston, Canada for five months in 2015. His main research interests include security of cyber-physical systems, networked control systems, game theory, communication systems, and information theory.