Game Theoretic Cyber Deception to Foil Adversarial Network Reconnaissance

Schlenker, Aaron; Thakoor, Omkar; Xu, Haifeng; Fang, Fei; Tambe, Milind; Vayanos, Phebe

doi:10.1007/978-3-030-33432-1_9

Cited by 14 publications

(20 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…2. For this 20-node network, the defender has 10 actions for honeypot allocations including (6,12), (5,11), (16,19), (11,15), (0,5), (16,20), (12,16), (0,6), Fig. 2: Network topology consists of 20 nodes, with entry nodes represented in blue, target nodes in red, and intermediate nodes in yellow.…”

Section: Numerical Resultsmentioning

confidence: 99%

“…Game theoretic defensive deception [13] has been widely discussed in cybersecurity research. Authors in [14] presented a deception game for a defender who chooses a deception in response to the attacker's observation, while the attacker is unaware or aware of the deception. Authors in [15,5] proposed a signaling game based model to develop a honeypot defense system against DoS attacks.…”

Section: Cyber Deception Gtmentioning

confidence: 99%

“…In cybersecurity research, game theoretic defensive deception has been extensively addressed. Schlenker et al [11] propose a deception game for defender who decides on deception in response to the attacker's observation while the attacker is either uninformed of the deceit or aware of it. The comprehensive game model of hypergame theory [12] has been used to simulate the many subjective viewpoints of participants in uncertain situations.…”

Section: Game Theoretic Deceptionmentioning

confidence: 99%

See 2 more Smart Citations

Cyber Deception Against Zero-Day Attacks: A Game Theoretic Approach

Sayed

Anwar

Kiekintveld

et al. 2023

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Reconnaissance activities precedent other attack steps in the cyber kill chain. Zero-day attacks exploit unknown vulnerabilities and give attackers the upper hand against conventional defenses. Honeypots have been used to deceive attackers by misrepresenting the true state of the network. Existing work on cyber deception does not model zero-day attacks. In this paper, we address the question of "How to allocate honeypots over the network?" to protect its most valuable assets. To this end, we develop a two-player zero-sum game theoretic approach to study the potential reconnaissance tracks and attack paths that attackers may use. However, zero-day attacks allow attackers to avoid placed honeypots by creating new attack paths. Therefore, we introduce a sensitivity analysis to investigate the impact of different zero-day vulnerabilities on the performance of the proposed deception technique. Next, we propose several mitigating strategies to defend the network against zero-day attacks based on this analysis. Finally, our numerical results validate our findings and illustrate the effectiveness of the proposed defense approach.

show abstract

Section: Numerical Resultsmentioning

confidence: 99%

Section: Cyber Deception Gtmentioning

confidence: 99%

Section: Game Theoretic Deceptionmentioning

confidence: 99%

See 1 more Smart Citation

Cyber Deception Against Zero-Day Attacks: A Game Theoretic Approach

Sayed

Anwar

Kiekintveld

et al. 2023

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…e term discount expresses the assumption that a person does not value current and future returns equally. Parameter δ is the discount rate of an individual [18]. e closer δ is to 0, the less the individual values a future versus a present performance.…”

Section: Proposed Game Strategymentioning

confidence: 99%

Applications of Game Theory and Advanced Machine Learning Methods for Adaptive Cyberdefense Strategies in the Digital Music Industry

Jing¹

2022

Computational Intelligence and Neuroscience

View full text Add to dashboard Cite

As the likelihood and impact of cyber-attacks continue to grow, organizations realize the need to invest in specialized methods to protect their digital data and the information they circulate or manage. Due to its broad use, game theory has evolved into a concept that can be applied practically while analyzing and modifying existing cyber protection methods to arrive at the best possible conclusions. This study presents an innovative hybrid model that combines game theory and advanced machine learning methods for adaptive cyber defense strategies. Specifically, a repetitive game methodology is implemented to analyze cyber-attacks and model behaviors and study how defenders and attackers make decisions in a competing field. Based on Bayesian inference, the proposed method can predict the next steps in the game to produce the appropriate countermeasures and implement the best cyber defense strategies that govern an organization. The suggested system introduced to the academic literature for the first time was successfully tested in a particular application scenario involving the digital music industry and coping with impending cyber-attacks.

show abstract

“…Hidden information has been allowed on the part of the defender or the attacker in security games (Yin and Tambe, 2012; Xu et al., 2015, 2016; Schlenker et al., 2018; Gan et al., 2019). In this paper, we incorporate hidden information in the terror response facility location problem under disruption risk, to explain explicitly the effects of the defender's secret strategies against the adaptive adversary on the optimal solution compared to the fully disclosed case.…”

Section: Introductionmentioning

confidence: 99%

A game‐theoretic approach for the location of terror response facilities with both disruption risk and hidden information

Gan

et al. 2020

Int Trans Operational Res

View full text Add to dashboard Cite

Recently, locating emergency response facilities has been drawing increasing attention with the highly strategic nature of terrorist attacks. To this end, we present a game‐theoretic approach for the location of terror response facilities when both disruption risk and hidden information are taken into account. The game is described as a two‐stage game, in which the first stage allows the State, that is, defender, to locate the terror response facilities, including disclosed and undisclosed facilities, and assign them to the attacked city, while the second stage allows the terrorist, that is, attacker, to select one city to attack with partial information about facility location and assignment. We propose a mixed integer bi‐level nonlinear programming formulation, and in response, a heuristic algorithm is developed to find the equilibrium solution. Extensive computational tests on both synthetic data and a real‐world dataset of provincial capital cities in China demonstrate the effectiveness of the developed algorithm.

show abstract

Game Theoretic Cyber Deception to Foil Adversarial Network Reconnaissance

Cited by 14 publications

References 19 publications

Cyber Deception Against Zero-Day Attacks: A Game Theoretic Approach

Cyber Deception Against Zero-Day Attacks: A Game Theoretic Approach

Applications of Game Theory and Advanced Machine Learning Methods for Adaptive Cyberdefense Strategies in the Digital Music Industry

A game‐theoretic approach for the location of terror response facilities with both disruption risk and hidden information

Contact Info

Product

Resources

About