Game Theory on Attack Graph for Cyber Deception

“…Various honeypot allocation methods for deception over attack graphs have been studied based on game theoretic approaches that considers uncertainty using partially observable MDP (POMDP) and stochastic games (POSG) [14,78]. Anwar et al [15] developed a static game model to protect a connected graph of targeted nodes against an attacker through honeypot placements based on node features and significance.…”

“…• Node or device compromise [2,3,12,13,14,15,23,24,30,58,63,65,73,81,87,99,100,104,106,111,135,141]: Some research does not specify the details of attack process. The authors only use "device compromising" to represent an attack.…”

“…The authors only use "device compromising" to represent an attack. Some research discusses that an attacker can probe a target before attacking [2,3,12,13,14,15,63,65,81,87,99,100,111,135,141] while others only discuss the attacking actions [23,24,30,58,73,104,106].…”

“…A signaling game is also considered with a perfect Bayesian equilibrium to model the interactions between an attacker and defender [40]. IoTs in battlefields is referred to IoBTs where deception games introduced in [14,15,13,12,23,99,141] 4) Pros and Cons: Since honeypots are fake nodes mimicking the behavior of a regular node, adding a honeypot won't change the hierarchy of the IoT network or the interface of IoT gateways. A game-theoretic honeypot technique is the only technique applied to this domain.…”

“…• Utility [14,15,13,12,37,49,65,73,75,81,96,97,99,101,100,106,107,111,114,122,132,133,137,141,153,155]:…”

Game-Theoretic and Machine Learning-based Approaches for Defensive Deception: A Survey

“…Various honeypot allocation methods for deception over attack graphs have been studied based on game theoretic approaches that considers uncertainty using partially observable MDP (POMDP) and stochastic games (POSG) [14,78]. Anwar et al [15] developed a static game model to protect a connected graph of targeted nodes against an attacker through honeypot placements based on node features and significance.…”

“…• Node or device compromise [2,3,12,13,14,15,23,24,30,58,63,65,73,81,87,99,100,104,106,111,135,141]: Some research does not specify the details of attack process. The authors only use "device compromising" to represent an attack.…”

“…The authors only use "device compromising" to represent an attack. Some research discusses that an attacker can probe a target before attacking [2,3,12,13,14,15,63,65,81,87,99,100,111,135,141] while others only discuss the attacking actions [23,24,30,58,73,104,106].…”

“…A signaling game is also considered with a perfect Bayesian equilibrium to model the interactions between an attacker and defender [40]. IoTs in battlefields is referred to IoBTs where deception games introduced in [14,15,13,12,23,99,141] 4) Pros and Cons: Since honeypots are fake nodes mimicking the behavior of a regular node, adding a honeypot won't change the hierarchy of the IoT network or the interface of IoT gateways. A game-theoretic honeypot technique is the only technique applied to this domain.…”

“…• Utility [14,15,13,12,37,49,65,73,75,81,96,97,99,101,100,106,107,111,114,122,132,133,137,141,153,155]:…”

Game-Theoretic and Machine Learning-based Approaches for Defensive Deception: A Survey

Ubiquitous Technical Surveillance: A Ubiquitous Intelligence Community Issue

Cyber Deception using Honeypot Allocation and Diversity: A Game Theoretic Approach