Cyber Camouflage Games for Strategic Deception

Thakoor, Omkar; Tambe, Milind; Vayanos, Phebe; Xu, Haifeng; Kiekintveld, Christopher; Fang, Fei

doi:10.1007/978-3-030-32430-8_31

Cited by 17 publications

(9 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Thakoor et al [132] introduced a general-sum game, named Cyber Camouflage Games (CCGs), to model the interactions between a defender and an attacker performing reconnaissance attacks. The defender can mask the machine in the network with fake information, such as an operating system, to mitigate the effect of reconnaissance attacks.…”

Section: Pros and Consmentioning

confidence: 99%

“…• Utility [14,15,13,12,37,49,65,73,75,81,96,97,99,101,100,106,107,111,114,122,132,133,137,141,153,155]:…”

Section: A Metricsmentioning

confidence: 99%

“…As a result, some of these studies considered the impact to normal as another cost of deception technology [114,137]. A defender's expected utility is a common metric to be maximized as the system's objective, as shown in game-theoretic or ML-based DD techniques in [5,7,65,73,75,81,85,96,100,106,107,111,122,132,133,141,153,155].…”

Section: A Metricsmentioning

confidence: 99%

See 2 more Smart Citations

Game-Theoretic and Machine Learning-based Approaches for Defensive Deception: A Survey

Zhu¹,

Anwar²,

Wan³

et al. 2021

Preprint

View full text Add to dashboard Cite

Defensive deception is a promising approach for cyberdefense. Although defensive deception is increasingly popular in the research community, there hasn't been a systematic investigation of its key components, the underlying principles, and its tradeoffs in various problem settings. This survey paper focuses on defensive deception research centered on game theory and machine learning, since these are prominent families of artificial intelligence approaches that are widely employed in defensive deception. This paper brings forth insights, lessons, and limitations from prior work. It closes with an outline of some research directions to tackle major gaps in current defensive deception research.

show abstract

Section: Pros and Consmentioning

confidence: 99%

“…• Utility [14,15,13,12,37,49,65,73,75,81,96,97,99,101,100,106,107,111,114,122,132,133,137,141,153,155]:…”

Section: A Metricsmentioning

confidence: 99%

See 1 more Smart Citation

Game-Theoretic and Machine Learning-based Approaches for Defensive Deception: A Survey

Zhu¹,

Anwar²,

Wan³

et al. 2021

Preprint

View full text Add to dashboard Cite

show abstract

“…Among the rich literature of Stackelberg security games (SSGs) (Tambe 2011;Bucarey et al 2017), SSGs with realtime information have been studied recently. Some recent work in deception for cybersecurity, such as (Cooney et al 2019;Thakoor et al 2019), considers strategic signaling with boundedly rational attackers and attackers with different objectives and abilities, but no sensing is required to identify attackers; rather, the systems may interact with both normal and adversarial users. Some other work relies on human patrollers for real-time information (Zhang et al 2019;Wang et al 2019), and others rely on sensors that can notify the patroller when an opponent is detected (de Cote et al 2013;Basilico, De Nittis, and Gatti 2015;De Nittis and Gatti 2018).…”

Section: Related Workmentioning

confidence: 99%

To Signal or Not To Signal: Exploiting Uncertain Real-Time Information in Signaling Games for Security and Sustainability

Bondi

et al. 2020

AAAI

Self Cite

View full text Add to dashboard Cite

Motivated by real-world deployment of drones for conservation, this paper advances the state-of-the-art in security games with signaling. The well-known defender-attacker security games framework can help in planning for such strategic deployments of sensors and human patrollers, and warning signals to ward off adversaries. However, we show that defenders can suffer significant losses when ignoring real-world uncertainties despite carefully planned security game strategies with signaling. In fact, defenders may perform worse than forgoing drones completely in this case. We address this shortcoming by proposing a novel game model that integrates signaling and sensor uncertainty; perhaps surprisingly, we show that defenders can still perform well via a signaling strategy that exploits uncertain real-time information. For example, even in the presence of uncertainty, the defender still has an informational advantage in knowing that she has or has not actually detected the attacker; and she can design a signaling scheme to “mislead” the attacker who is uncertain as to whether he has been detected. We provide theoretical results, a novel algorithm, scale-up techniques, and experimental results from simulation based on our ongoing deployment of a conservation drone system in South Africa.

show abstract

“…Security games [24,15] are another class of important models for resource allocation in adversarial environments. In [25], the authors formulate a security game (Stackelberg game) to allocate limited decoy resources in a cybernetwork to mask network configurations from the attacker. This class of deception manipulates the adversary's perception of the payoffs and thus causes the adversary to take (or not to take) certain actions that aid the objective of the defender.…”

Section: Introductionmentioning

confidence: 99%

Decoy Allocation Games on Graphs with Temporal Logic Objectives

Kulkarni¹,

Fu²,

Luo³

et al. 2020

Preprint

View full text Add to dashboard Cite

We study a class of games, in which the adversary (attacker) is to satisfy a complex mission specified in linear temporal logic, and the defender is to prevent the adversary from achieving its goal. A deceptive defender can allocate decoys, in addition to defense actions, to create disinformation for the attacker. Thus, we focus on the problem of jointly synthesizing a decoy placement strategy and a deceptive defense strategy that maximally exploits the incomplete information the attacker about the decoy locations. We introduce a model of hypergames on graphs with temporal logic objectives to capture such adversarial interactions with asymmetric information. Using the hypergame model, we analyze the effectiveness of a given decoy placement, quantified by the set of deceptive winning states where the defender can prevent the attacker from satisfying the attack objective given its incomplete information about decoy locations. Then, we investigate how to place decoys to maximize the defender's deceptive winning region. Considering the large search space for all possible decoy allocation strategies, we incorporate the idea of compositional synthesis from formal methods and show that the objective function in the class of decoy allocation problem is monotone and nondecreasing. We derive the sufficient conditions under which the objective function for the decoy allocation problem is submodular, or supermodular, respectively. We show a sub-optimal allocation can be efficiently computed by iteratively composing the solutions of hypergames with a subset of decoys and the solution of a hypergame given a single decoy. We use a running example to illustrate the proposed method.

show abstract

Cyber Camouflage Games for Strategic Deception

Cited by 17 publications

References 21 publications

Game-Theoretic and Machine Learning-based Approaches for Defensive Deception: A Survey

Game-Theoretic and Machine Learning-based Approaches for Defensive Deception: A Survey

To Signal or Not To Signal: Exploiting Uncertain Real-Time Information in Signaling Games for Security and Sustainability

Decoy Allocation Games on Graphs with Temporal Logic Objectives

Contact Info

Product

Resources

About