Asymmetric Information Warfare: A Constant Battle of Attrition

The term Asymmetric Information Warfare is worth unpacking to understand its importance, especially for the people who prevent fraud and online abuse. It is a combination of Information Warfare and Asymmetric Warfare, and is a huge challenge to defend against.

Information Warfare and Asymmetric Warfare

The goal of Information Warfare is to create a state of information superiority over an adversary by manipulating the information that they have access to. This is so that the adversary makes decisions that are against their own interest. Online, there are many reasons for an attacker to carry out an Information Warfare attack. For example, this could be to fraudulently purchase something of value or to send valid-looking login attempts to take over a genuine customer account. In both of these examples, the result is an organization acting on faulty information to its detriment: either losing revenue or having a security breach. 

Asymmetric Warfare refers to a situation where the groups involved in the struggle are unevenly matched or have very different strategies and capabilities. Asymmetric Warfare is particularly challenging to defend against as the attacker has several advantages over the defender. The attacker can:

Choose where and when to attack, as well as the method of the attack.
Extensively plan and focus preparations on a specific attack.
In contrast, the defender must deploy considerable resources
to prepare for and defend against all plausible attack scenarios,
and must do so round the clock. 

Combining these two concepts of Asymmetric Warfare and Information Warfare creates the concept of Asymmetric Information Warfare. In the Arkose Labs context, this is the dynamic that exists between two sides:

  1. On one side we have multiple independent groups that carry out attacks using varying techniques, durations and volumes of hostile traffic.
  2. On the other side, we have a single defender (Arkose Labs) that must identify all the manipulated information in a stream of true information and prevent the hostile, manipulated information from reaching our customers.

Framed in this way, the challenge of defending against Asymmetric Information Warfare can seem insurmountable. After all, on the internet, it is a challenge to tell the difference between manipulated information and true information. A fake browser identification can be byte-for-byte identical to a legitimate identification. However, at Arkose Labs, we have two unique weapons on our side which allow us to turn the table on our attackers and help us identify and block hostile traffic. 

Advantage Arkose Labs

The first advantage is our Enforcement Challenge (EC). In order to pass the enforcement challenge, a user must solve a simple puzzle. Deploying an EC is often all we need to do to stop the attacks that use simple automation, such as bots. We have a library of puzzles of varying complexity that we can deploy if an attacker uses more complex automation, such as a human sweatshop. This allows us to take the initiative back from the attackers, and gives us the control to choose the weapon with which the battle will be fought. The weapon might, for example, be a puzzle for which it is difficult to create an automated solver, or a puzzle that requires significant investment of human time to solve. Either of these wastes the attacker’s resources and makes the process of attacking the Arkose Labs EC less profitable.

The second advantage that Arkose Labs has is that we are the only people who can see the entire chessboard. We alone have the visibility into all of the information, both manipulated and true, historical and real-time. This Continuous Intelligence is an incredibly valuable resource because an attacker must create a large volume of transactions in order to be profitable. This means that the attacker must send us a large volume of manipulated information. When we analyze the traffic to determine if the information sent to us is manipulated or true, we inspect many features of this incoming traffic. The exact composition of these features is constantly changing. For an attacker to be able to hide the manipulated information amongst the true information, they would need to know what the actual current distribution of values are for those features in the true information. Even if an attacker were able to reverse engineer and determine exactly which features we are analyzing (by itself no small feat) they cannot guess what the correct distribution of values for those features are. Moreover, if an attacker were somehow able to acquire a correct “map” of these distributions, it would immediately start to go out of date and rapidly become useless.  

A constant battle of attrition

The dual advantage of Enforcement Challenge and Continuous Intelligence enables Arkose Labs to protect some of the largest web properties in the world from Asymmetric Information Warfare attacks. At its heart, AIW is simply an evolutionary adaptation resulting from competition in the game of survival, much like antibiotic or pesticide resistance. As information leaks from us to the attackers and vice versa, we learn about how our attackers operate, just as they learn about us and our defenses. This results in successful attack and defensive techniques surviving and being reused, with unsuccessful ones discarded. It is a constant battle of attrition on ever-shifting sands, and one that Arkose Labs is uniquely positioned to be able to fight.

Comments