SOD2G: A Study on a Social-Engineering Organizational Defensive Deception Game Framework through Optimization of Spatiotemporal MTD and Decoy Conflict

Seo, Sang; Kim, Do-Hoon

doi:10.3390/electronics10233012

Cited by 7 publications

(7 citation statements)

References 46 publications

(64 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Out of the above-mentioned related works, refs. [18,20,53,54,56,57] among previous game theory studies and [64,66] among previous IoT-enabled MTD studies provided the main inspirations for this study. Accordingly, to alleviate the above-mentioned limitations, we proposed IoDM, a systematic IoT deception model based on PBNE and BSSG and a partial signaling-based general sum game foreground and a POMDP state-transition background.…”

Section: Taxonomy Analysis By Previous Studies For Proposed Modelmentioning

confidence: 88%

“…As a follow-up study, Li et al [55] proposed a Markov Stackelberg game together with optimization formulas based on the average-cost semi-Markov decision process (SMDP) and the discrete time Markov decision process (DTMDP) to produce the defender's spatiotemporal MTD mutation decision-making process against advanced attackers. Seo et al [56,57] proposed an active cognitive disturbance function not influenced by the existing MTD concept and combined it with a social engineering decoy sandbox layered in the form of organizational open-source intelligence (OSINT) to form defensive deception concepts optimized for actual organizational operational goals. Based on these previous studies, a real-time attack-defense competition in an organizational environment with limited resources could be simulated and multi-staged deceptive decision-making processes could also be modeled depending on the scenario.…”

Section: Game-enabled Defensive Deception Techniques With Mtdmentioning

confidence: 99%

“…The IoT-enabled organizational MTD is therefore defined to be centered on the Bellman value iteration-based IoT-based mutation sampling (VS) for adaptive MTD configuration according to changes in attack actions together with the perturbation (P) to asymmetrically assign noises to the attacker's cognitive directivity and is configured as shown in Equations ( 1) and (2), respectively [56,57]:…”

Section: Iot-enabled Mtd and Decoy-based Deception Processmentioning

confidence: 99%

“…However, it is hierarchically configured based on the IoT network and host layer so that only legitimate users can identify it, and it is dynamically signaled under the leadership of the defender based on the internal rule table. The OS is a set of actual IoT specification information groups that are referred to in order to minimize attackers' suspicion about the defender's maneuver based on artificial disclosure and disinformation, and acts to configure deceptive perturbation through L while improving the deception efficiency of the generated L and The IoT-enabled organizational MTD is therefore defined to be centered on the Bellman value iteration-based IoT-based mutation sampling (VS) for adaptive MTD configuration according to changes in attack actions together with the perturbation (P) to asymmetrically assign noises to the attacker's cognitive directivity and is configured as shown in Equations ( 1) and (2), respectively [56,57]:…”

Section: Iot-enabled Mtd and Decoy-based Deception Processmentioning

confidence: 99%

See 3 more Smart Citations

IoDM: A Study on a IoT-Based Organizational Deception Modeling with Adaptive General-Sum Game Competition

Seo

Kim

2022

Electronics

Self Cite

View full text Add to dashboard Cite

Moving target defense (MTD) and decoy strategies, measures of active defense, were introduced to secure both the proactive security and reactive adaptability of internet-of-things (IoT) networks that have been explosively applied to various industries without any strong security measures and to mitigate the side effects of threats. However, the existing MTD and decoy strategies are limited to avoiding the attacker’s reconnaissance and initial intrusion attempts through simple structural mutations or inducing the attackers to a static trap based on the deceptive path and lack approaches to adaptively optimize IoT in consideration of the unique characteristic information by the domain of IoT. Game theory-based and decoy strategies are other options; however, they do not consider the dynamicity and uncertainty of the decision-making stages by the organizational agent related to the IoT domains. Therefore, in this paper, we present a type of organizational deception modeling, namely IoT-based organizational deception modeling (IoDM), which considers both the dynamic topologies and organizational business fingerprints customized in the IoT domain and operational purpose. For this model, we considered the practical scalability of the existing IoT-enabled MTD and decoy concepts and formulated the partially incomplete deceptive decision-making modeling for the cyber-attack and defense competition for IoT in real-time based on the general-sum game. According to our experimental results, the efficiency of the deceptive defense of the IoT defender could be improved by 70% on average while deriving the optimal defense cost compared to the increased defense performance. The findings of this study will improve the deception performances of MTD and decoy strategies by IoT scenarios related to various operational domains such as smart home networks, industrial networks, and medical networks. To the best of our knowledge, this study has employed social-engineering IoT knowledge and general-sum game theory for the first time.

show abstract

Section: Taxonomy Analysis By Previous Studies For Proposed Modelmentioning

confidence: 88%

Section: Game-enabled Defensive Deception Techniques With Mtdmentioning

confidence: 99%

Section: Iot-enabled Mtd and Decoy-based Deception Processmentioning

confidence: 99%

Section: Iot-enabled Mtd and Decoy-based Deception Processmentioning

confidence: 99%

See 2 more Smart Citations

IoDM: A Study on a IoT-Based Organizational Deception Modeling with Adaptive General-Sum Game Competition

Seo

Kim

2022

Electronics

Self Cite

View full text Add to dashboard Cite

show abstract

“…Deception-based defenses are potent weapons that have been proven to work in various domains. Their efficacy is based on the fact that they are programmed to exploit key biases to appear realistic but misleading substitutes to the hidden reality [ 79 , 80 , 81 , 82 , 83 , 84 , 85 , 86 , 87 , 88 , 89 , 90 , 91 , 92 , 93 , 94 , 95 , 96 , 97 , 98 , 99 , 100 , 101 , 102 , 103 , 104 , 105 , 106 , 107 , 108 ]. As a result, one will require a thorough understanding of both offensive and defensive trickery to implement a perfect Deception strategy.…”

Section: Discussionmentioning

confidence: 99%

Leveraging Computational Intelligence Techniques for Defensive Deception: A Review, Recent Advances, Open Problems and Future Directions

Mohan

Dixit

Gyaneshwar

et al. 2022

Sensors

View full text Add to dashboard Cite

With information systems worldwide being attacked daily, analogies from traditional warfare are apt, and deception tactics have historically proven effective as both a strategy and a technique for Defense. Defensive Deception includes thinking like an attacker and determining the best strategy to counter common attack strategies. Defensive Deception tactics are beneficial at introducing uncertainty for adversaries, increasing their learning costs, and, as a result, lowering the likelihood of successful attacks. In cybersecurity, honeypots and honeytokens and camouflaging and moving target defense commonly employ Defensive Deception tactics. For a variety of purposes, deceptive and anti-deceptive technologies have been created. However, there is a critical need for a broad, comprehensive and quantitative framework that can help us deploy advanced deception technologies. Computational intelligence provides an appropriate set of tools for creating advanced deception frameworks. Computational intelligence comprises two significant families of artificial intelligence technologies: deep learning and machine learning. These strategies can be used in various situations in Defensive Deception technologies. This survey focuses on Defensive Deception tactics deployed using the help of deep learning and machine learning algorithms. Prior work has yielded insights, lessons, and limitations presented in this study. It culminates with a discussion about future directions, which helps address the important gaps in present Defensive Deception research.

show abstract

Decoding the Human Element in APT Attacks: Unveiling Attention Diversion Techniques in Cyber-Physical System Security

Akbarzadeh,

Erdodi,

Houmb

et al. 2024

HCI for Cybersecurity, Privacy and Trust

View full text Add to dashboard Cite

SOD2G: A Study on a Social-Engineering Organizational Defensive Deception Game Framework through Optimization of Spatiotemporal MTD and Decoy Conflict

Cited by 7 publications

References 46 publications

IoDM: A Study on a IoT-Based Organizational Deception Modeling with Adaptive General-Sum Game Competition

IoDM: A Study on a IoT-Based Organizational Deception Modeling with Adaptive General-Sum Game Competition

Leveraging Computational Intelligence Techniques for Defensive Deception: A Review, Recent Advances, Open Problems and Future Directions

Decoding the Human Element in APT Attacks: Unveiling Attention Diversion Techniques in Cyber-Physical System Security

Contact Info

Product

Resources

About