John Mitchell : 2010 Security Workshop


Friday, April 30, 2010
Location: Fisher Conference Center, Arrillaga Alumni Center

"Is Reactive Security Good Enough?"


Despite the conventional wisdom that proactive security is superior to reactive security, there are circumstances in which a reactive defensive strategy is effective. Using a game-theoretic model based on certain assumptions, it is possible to show that reactive security can be competitive with proactive security when the reactive defender learns from past attacks. The game-theoretic model used to study this problem assumes that the attacker has complete knowledge of the defender's strategy, but need not act rationally. On the other hand, we must also assume that the defender can reallocate the security budget adaptively, and none of the attacks put the enterprise under attack out of business. It is also interesting that unlike proactive defenses, our best reactive strategy is robust to a lack of information about the attacker's knowledge and incentives.


John Mitchell is the Mary and Gordon Crary Family Professor in the Stanford Computer Science Department. His research in computer security focuses on trust management, privacy, security analysis of network protocols, and web security. He has also worked on programming language analysis and design, formal methods, and other applications of mathematical logic to computer science. Prof. Mitchell is currently involved in the multi-university PORTIA research project to study privacy concerns in databases and information processing systems, and the NSF TRUST Center.