Scalable Algorithms for Identifying Stealthy Attackers in a Game‐Theoretic Framework Using Deception

“…Kulkarni et al [85], Milani et al [96], Tsemogne et al [133] investigated game-theoretic cyberdeception techniques played on attack graphs. Kulkarni et al [85], Basak et al [23] formulated a deception game to place decoy devices to deceive and trap an attacker and proposed a greedy algorithm to solve the developed game. Milani et al [96] developed a Stackelberg game to allocated defensive resources and manipulate a generated attack graph.…”

“…• Node or device compromise [2,3,12,13,14,15,23,24,30,58,63,65,73,81,87,99,100,104,106,111,135,141]: Some research does not specify the details of attack process. The authors only use "device compromising" to represent an attack.…”

“…The authors only use "device compromising" to represent an attack. Some research discusses that an attacker can probe a target before attacking [2,3,12,13,14,15,63,65,81,87,99,100,111,135,141] while others only discuss the attacking actions [23,24,30,58,73,104,106].…”

“…A signaling game is also considered with a perfect Bayesian equilibrium to model the interactions between an attacker and defender [40]. IoTs in battlefields is referred to IoBTs where deception games introduced in [14,15,13,12,23,99,141] 4) Pros and Cons: Since honeypots are fake nodes mimicking the behavior of a regular node, adding a honeypot won't change the hierarchy of the IoT network or the interface of IoT gateways. A game-theoretic honeypot technique is the only technique applied to this domain.…”

“…• Detection accuracy [1,21,24,23,27,32,45,60,88 [45] used an algorithm to discover fake Liker in social networks. The authors in [27,32,143] evaluated a masquerade attack detector based on AUC.…”

Game-Theoretic and Machine Learning-based Approaches for Defensive Deception: A Survey

“…Kulkarni et al [85], Milani et al [96], Tsemogne et al [133] investigated game-theoretic cyberdeception techniques played on attack graphs. Kulkarni et al [85], Basak et al [23] formulated a deception game to place decoy devices to deceive and trap an attacker and proposed a greedy algorithm to solve the developed game. Milani et al [96] developed a Stackelberg game to allocated defensive resources and manipulate a generated attack graph.…”

“…• Node or device compromise [2,3,12,13,14,15,23,24,30,58,63,65,73,81,87,99,100,104,106,111,135,141]: Some research does not specify the details of attack process. The authors only use "device compromising" to represent an attack.…”

“…The authors only use "device compromising" to represent an attack. Some research discusses that an attacker can probe a target before attacking [2,3,12,13,14,15,63,65,81,87,99,100,111,135,141] while others only discuss the attacking actions [23,24,30,58,73,104,106].…”

“…A signaling game is also considered with a perfect Bayesian equilibrium to model the interactions between an attacker and defender [40]. IoTs in battlefields is referred to IoBTs where deception games introduced in [14,15,13,12,23,99,141] 4) Pros and Cons: Since honeypots are fake nodes mimicking the behavior of a regular node, adding a honeypot won't change the hierarchy of the IoT network or the interface of IoT gateways. A game-theoretic honeypot technique is the only technique applied to this domain.…”

“…• Detection accuracy [1,21,24,23,27,32,45,60,88 [45] used an algorithm to discover fake Liker in social networks. The authors in [27,32,143] evaluated a masquerade attack detector based on AUC.…”

Game-Theoretic and Machine Learning-based Approaches for Defensive Deception: A Survey