REMOTEGATE: Incentive-Compatible Remote Configuration of Security Gateways

Imagine that a malicious hacker is trying to attack a server over the Internet and the server wants to block the attack packets as close to their point of origin as possible. However, the security gateway ahead of the source of attack is untrusted. How can the server block the attack packets through...

Full description

Saved in:
Bibliographic Details
Published inarXiv.org
Main Authors Aggarwal, Abhinav, Zamani, Mahdi, Christodorescu, Mihai
Format Paper
LanguageEnglish
Published Ithaca Cornell University Library, arXiv.org 14.09.2017
Subjects
Cybersecurity
Incentives
Internet
Trustworthiness
Online AccessGet full text

Cover

More Information
Summary:Imagine that a malicious hacker is trying to attack a server over the Internet and the server wants to block the attack packets as close to their point of origin as possible. However, the security gateway ahead of the source of attack is untrusted. How can the server block the attack packets through this gateway? In this paper, we introduce REMOTEGATE, a trustworthy mechanism for allowing any party (server) on the Internet to configure a security gateway owned by a second party, at a certain agreed upon reward that the former pays to the latter for its service. We take an interactive incentive-compatible approach, for the case when both the server and the gateway are rational, to devise a protocol that will allow the server to help the security gateway generate and deploy a policy rule that filters the attack packets before they reach the server. The server will reward the gateway only when the latter can successfully verify that it has generated and deployed the correct rule for the issue. This mechanism will enable an Internet-scale approach to improving security and privacy, backed by digital payment incentives.
ISSN:2331-8422