Learning to Signal in the Goldilocks Zone: Improving Adversary Compliance in Security Games

Cooney, Sarah; Wang, Kai; Bondi, Elizabeth; Nguyen, Thanh H.; Vayanos, Phebe; Winetrobe, Hailey; Cranford, Edward A.; González, Cleotilde; Lebière, Christian; Tambe, Milind

doi:10.1007/978-3-030-46150-8_42

Cited by 12 publications

(8 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…For a majority of participants, those that attacked greater than 95% of the time, rebuilding that belief was difficult, if not impossible, because the effects of a positive outcome can persist long enough, through confirmation bias, until another positive outcome is experienced to reinforce their behavior. For cybersecurity, it is important to understand these human biases to construct effective defenses that can account for human bounded rationality and find the optimal rate of signaling (Cooney et al., 2019).…”

Section: Discussionmentioning

confidence: 99%

“…When the signal is absent, players may attack with impunity. Therefore, research has begun to investigate the possible benefits of a defense signaling scheme that adds deception when a target is monitored by sometimes refraining from sending a signal (Cooney et al., 2019; Cranford et al., 2020a). If signals were always truthful, attackers would likely always comply because there is no evidence that attacking given a signal would result in a reward.…”

Section: Discussionmentioning

confidence: 99%

“…Research is currently underway to find the optimal combination of bluffing and truth-telling that minimizes attacks on uncovered targets for boundedly rational humans. For example, we have developed game-theoretic models of signaling, and also of masking, that use machine learning methods to predict the likelihood of an attack in particular situations using real human data to inform the design of the defense strategy (Aggarwal et al, 2020;Cooney et al, 2019;Thakoor et al, 2020). Meanwhile, in other research, we have developed techniques that use the present IBL model to predict human behavior in real time to adapt the signaling scheme to the individual user (Cranford et al, 2020a(Cranford et al, , 2020b.…”

Section: Discussionmentioning

confidence: 99%

“…Our methods involve a combination of game theoretical defense and signaling algorithms, cognitive modeling for representing attacker's behavior, and human laboratory studies to gain a better understanding of attacker behavior playing against the different defense strategies (Gonzalez et al., 2020). The present research advances the psychology of deception through understanding the cognitive processes involved in making decisions in the face of deceptive signals and the emergent biases that affect those decisions, leading to better signaling algorithms for defense against boundedly rational humans (see Cooney et al., 2019).…”

Section: Game‐theoretic Models Signaling and Securitymentioning

confidence: 99%

See 3 more Smart Citations

Towards a Cognitive Theory of Cyber Deception

et al. 2021

Self Cite

View full text Add to dashboard Cite

This work is an initial step toward developing a cognitive theory of cyber deception. While widely studied, the psychology of deception has largely focused on physical cues of deception. Given that present-day communication among humans is largely electronic, we focus on the cyber domain where physical cues are unavailable and for which there is less psychological research. To improve cyber defense, researchers have used signaling theory to extended algorithms developed for the optimal allocation of limited defense resources by using deceptive signals to trick the human mind. However, the algorithms are designed to protect against adversaries that make perfectly rational decisions. In behavioral experiments using an abstract cybersecurity game (i.e., Insider Attack Game), we examined human decision-making when paired against the defense algorithm. We developed an instance-based learning (IBL) model of an attacker using the Adaptive Control of Thought-Rational (ACT-R) cognitive architecture to investigate how humans make decisions under deception in cyber-attack scenarios. Our results show that the defense algorithm is more effective at reducing the probability of attack and protecting assets when using deceptive signaling, compared to no signaling, but is less effective than predicted against a perfectly rational adversary. Also, the IBL model replicates human attack decisions accurately. The IBL model shows how human decisions arise from experience, and how memory retrieval dynamics can give rise to cognitive biases, such as confirmation bias. The implications of these findings are discussed in the perspective of informing theories of deception and designing more effective signaling schemes that consider human bounded rationality.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Discussionmentioning

confidence: 99%

Section: Discussionmentioning

confidence: 99%

Section: Game‐theoretic Models Signaling and Securitymentioning

confidence: 99%

See 2 more Smart Citations

Towards a Cognitive Theory of Cyber Deception

et al. 2021

Self Cite

View full text Add to dashboard Cite

show abstract

“…Among the rich literature of Stackelberg security games (SSGs) (Tambe 2011;Bucarey et al 2017), SSGs with realtime information have been studied recently. Some recent work in deception for cybersecurity, such as (Cooney et al 2019;Thakoor et al 2019), considers strategic signaling with boundedly rational attackers and attackers with different objectives and abilities, but no sensing is required to identify attackers; rather, the systems may interact with both normal and adversarial users. Some other work relies on human patrollers for real-time information (Zhang et al 2019;Wang et al 2019), and others rely on sensors that can notify the patroller when an opponent is detected (de Cote et al 2013;Basilico, De Nittis, and Gatti 2015;De Nittis and Gatti 2018).…”

Section: Related Workmentioning

confidence: 99%

To Signal or Not To Signal: Exploiting Uncertain Real-Time Information in Signaling Games for Security and Sustainability

Bondi

et al. 2020

AAAI

Self Cite

View full text Add to dashboard Cite

Motivated by real-world deployment of drones for conservation, this paper advances the state-of-the-art in security games with signaling. The well-known defender-attacker security games framework can help in planning for such strategic deployments of sensors and human patrollers, and warning signals to ward off adversaries. However, we show that defenders can suffer significant losses when ignoring real-world uncertainties despite carefully planned security game strategies with signaling. In fact, defenders may perform worse than forgoing drones completely in this case. We address this shortcoming by proposing a novel game model that integrates signaling and sensor uncertainty; perhaps surprisingly, we show that defenders can still perform well via a signaling strategy that exploits uncertain real-time information. For example, even in the presence of uncertainty, the defender still has an informational advantage in knowing that she has or has not actually detected the attacker; and she can design a signaling scheme to “mislead” the attacker who is uncertain as to whether he has been detected. We provide theoretical results, a novel algorithm, scale-up techniques, and experimental results from simulation based on our ongoing deployment of a conservation drone system in South Africa.

show abstract