Secure Team Composition to Thwart Insider Threats and Cyber-Espionage

Laszka Aron, Johnson Benjamin, Schöttle Pascal, Grossklags Jens, Böhme Rainer

Zusammenfassung

We develop a formal nondeterministic game model for secure team composition to counter cyber-espionage and to protect organizational secrets against an attacker who tries to sidestep technical security mechanisms by offering a bribe to a project team member. The game captures the adversarial interaction between the attacker and the project manager who has a secret she wants to protect but must share with a team of individuals selected from within her organization. Our interdisciplinary work is important in the face of the multipronged approaches utilized by well-motivated attackers to circumvent the fortifications of otherwise well-defended targets.