讲座时间：2016年9月6日上午10：30

讲座地点：科研楼C218

讲座题目：Prospect Theoretic Study of Cloud Storage Defense Against

Advanced Persistent Threats

主讲人：肖亮，厦门大学信息学院教授，博导，IEEE高级会员，CCF高级会员，网络与数据通信专委会委员

报告简介：Cloud storage is vulnerable to Advanced Persistent Threats (APTs), in whichan attacker throws stealthy, continuous, well funded and targeted attacksover storage devices. In this work, we apply prospect theory to study the interaction between a defender that monitors cloud storage devices to detect APT attacks and a subjective APT attacker. More specifically, we formulate a cloud storage defense game with pure-strategy, in which the defender chooses its scan interval at each storage device and the subjective APT attacker decides its attack interval against each device under uncertain durations to complete APT attacks. A mixed-strategy subjective storage defense game is also investigated, in which both the defender and the APT attacker make subjective decisions on their mixed strategy under uncertain action of their opponents. The Nash equilibria of both storage defense games are derived, showing the impact of the subjectivity of APT attackers. We present a Q-learning based APT detection scheme for dynamic storage defense games with pure-strategy and mixed-strategy. Simulation results show that the subjective view of an APT attacker improves the utility of the defender, and the proposed defense scheme improves the utility of the defender and suppresses the attack motivation of subjective APT attackers.

主讲人简介：肖亮从事网络安全和无线通信等方向的研究。获教育部留学回国人员科研启动基金，入选福建省高等学校新世纪优秀人才支持计划。主持和参与了多项国家自然科学基金和福建省自然科学基金研究项目，参与863项目。担任过IEEE Trans. Information Forensics & Security等多个国际SCI期刊编委。担任INFOCOM、GLOBECOM和ICC等国际学术会议技术议程委员。获INFOCOM BIGSECURITY WS’16最佳论文奖。美国Rutgers大学电子与计算机工程系博士，清华大学电子系硕士，南京邮电学院通信工程系学士。曾作为访问学者在普林斯顿大学，弗吉尼亚理工和马里兰大学进行研究。