A Game Theoretical Model for Anticipating Email Spear-Phishing Strategies

Franklin Tchakounte; Virgile Nyassi; Duplex Danga; Kalum Udagepola; Marcellin Atemkeng

Research Article

A Game Theoretical Model for Anticipating Email Spear-Phishing Strategies

Download1176 downloads

Cite: BibTeX Plain Text

@ARTICLE{10.4108/eai.26-5-2020.166354,
    author={Franklin Tchakounte and Virgile Sim\^{e} Nyassi and Duplex Elvis Houpa Danga and Kalum Priyanath Udagepola and Marcellin Atemkeng},
    title={A Game Theoretical Model for Anticipating Email Spear-Phishing Strategies},
    journal={EAI Endorsed Transactions on Scalable Information Systems},
    volume={8},
    number={30},
    publisher={EAI},
    journal_a={SIS},
    year={2020},
    month={9},
    keywords={Attack, game theory, non-cooperative game, email spear-phishing, QRE},
    doi={10.4108/eai.26-5-2020.166354}
}

Franklin Tchakounte
Virgile Simé Nyassi
Duplex Elvis Houpa Danga
Kalum Priyanath Udagepola
Marcellin Atemkeng
Year: 2020
A Game Theoretical Model for Anticipating Email Spear-Phishing Strategies
SIS
EAI
DOI: 10.4108/eai.26-5-2020.166354

Franklin Tchakounte^1,2^,*, Virgile Simé Nyassi¹, Duplex Elvis Houpa Danga^1,2, Kalum Priyanath Udagepola³, Marcellin Atemkeng⁴

1: Department of Mathematics and Computer Science, Faculty of Science, University of Ngaoundéré, Cameroon
2: Laboratory of Mathematics and Applications (LAMAP), University of Ngaoundéré, Cameroon
3: Research Development Institute of Technology, Australia
4: Department of Mathematics, Rhodes University, 6140 Grahamstown, South Africa

*Contact email: tchafros@gmail.com

Abstract

A solution to help victims against phishing is anticipating and leveraging impacts related to phisher actions.In this regard, this work reshapes game theoretical logic between Intrusion Detection System (IDS) agents andinsiders to email spear-phishing interactions. The email spear-phishing attack is designed as a non-cooperativeand repeated game between opponents. Additionally, this work relies on Quantal Response Equilibrium (QRE)to build a game theoretical approach to predict the phisher’s future intent based on past actions of bothplayers. This approach is coupled with a recommendation strategy of appropriate allocation of resources toinvest to strengthen user protection. Simulations on spear-phishing scenarios demonstrate the ability of thefinal system to intuitively guess the most likely phisher decisions. This work provides intelligence to spear-phishing detectors and humans such that they can anticipate next phisher actions.

Keywords: Attack, game theory, non-cooperative game, email spear-phishing, QRE

Received: 2020-05-11
Accepted: 2020-09-09
Published: 2020-09-18
Publisher: EAI

: http://dx.doi.org/10.4108/eai.26-5-2020.166354

Copyright © 2020 F. Tchakounté et al., licensed to EAI. This is an open access article distributed under the terms of the Creative Commons Attribution license (http://creativecommons.org/licenses/by/3.0/), which permits unlimited use, distribution and reproduction in any medium so long as the original work is properly cited.