FlipIt: An Interesting Game

This post is the first of several posts inspired by the game of flipIt. FlipIt is a strategic game created by Marten van Dijk, Ari Juels, Alina Oprea, and Ronald L. Rivest and introduced in the paper FLIPIT: The Game of “Stealthy Takeover”.

Play FlipIt: After seeing a talk about flipIt and unable to find any playable version online, I decide to write my own (which to the best of knowledge is the only playable version of flipIt online). To play flipIt click here. The source code and documentation plus additional modes can be found on github here. It is written using javascript and HTML5 so it will likely only work on chrome, firefox or possibly the latest version of IE.

Spy vs Spy:Aldrich Ames was a CIA Counter-Intelligence officer. He was also a spy feeding valuable intelligence to the Soviets and compromising US intelligence operations in the Soviet Union. He operated for ~9 years before the CIA recognized that they had a spy and began an investigation and determined that he was the leak. This strategic situation is the same one faced by computer networks, drug cartels, intelligence agencies and guerrilla networks.

All such organisations have a reasonable expectation that trusted personal/systems will eventually be recruited/captured by enemy organisations. Therefore such organisations must consume valuable resources to discover such betrayals and thereby regain secrecy. The question is then given the possible threats how often and at what cost should they spend resources on investigations/spy hunts/virus scans. This is where flipIt comes in.

FLIPIT: The Game of “Stealthy Takeover:” FlipIt was created to model these sorts of strategic situations and to study the best courses of action. Specifically flipIt was motivated by the recent interest in and success of Advanced Persistent Threats, or APTs.

The basic idea is that given the current experience that perfect protection of trusted resources is unattainable, lets think about how we can optimally manage compromises of the our most trusted systems.

Rules

Two players, player X (blue) and player Y (red) attempt to maintain control over a shared resource. At anytime in the game each player is allowed to play ‘flip’. The only way a player can learn the state of the game (who is in control) is when they play 'flip’. If a player is in control of the resource and they play 'flip’ they remain in control of the resource. If a player is not in control of the resource and they play 'flip’ they gain control of the resource. Players gain points for the length of time they control the resource. Players lose points every time they play flip.

This reflects the situation that the CIA is placed in with regard to moles/enemy spies. They don’t know if they have been compromised. They can perform an investigation and determine if they have been compromised, also catching the spy in the act, but this action is very expensive. That is, the CIA has to trade off between remaining “mole free” (a good) and investigations (an expense).

Winning: How do you win a fair game of flipIt against intelligent adaptive human adversaries? I’m not sure.

In the real world what is the best move given that the other “players” can secretly capture/corrupt your most trusted personal/systems? Rivest suggests in his talk that you:

“Be prepared to deal with repeated total failure (loss of control).

Play fast! Aim to make opponent drop out!

Arrange game so that your moves cost much less than your opponent’s!”

I will discuss this theme of success through affordable defeat (you win if you can afford to lose many times) in my next blog entry.