Visible to the public Biblio

Filters: Keyword is game theory  [Clear All Filters]
2019-09-24
Schlenker, Aaron, Thakoor, Omkar, Xu, Haifeng, Fang, Fei, Tambe, Milind, Tran-Thanh, Long, Vayanos, Phebe, Vorobeychik, Yevgeniy.  2018.  Deceiving Cyber Adversaries: A Game Theoretic Approach. Proceedings of the 17th International Conference on Autonomous Agents and MultiAgent Systems. :892–900.

An important way cyber adversaries find vulnerabilities in mod- ern networks is through reconnaissance, in which they attempt to identify configuration specifics of network hosts. To increase un- certainty of adversarial reconnaissance, the network administrator (henceforth, defender) can introduce deception into responses to network scans, such as obscuring certain system characteristics.  We introduce a novel game-theoretic model of deceptive interactions of this kind between a defender and a cyber attacker, which we call the Cyber Deception Game. We consider both a powerful (rational) attacker, who is aware of the defender’s exact deception strategy, and a naive attacker who is not. We show that computing the optimal deception strategy is NP-hard for both types of attackers. For the case with a powerful attacker, we provide a mixed-integer linear program solution as well as a fast and effective greedy algorithm. Similarly, we provide complexity results and propose exact and heuristic approaches when the attacker is naive. Our extensive experimental analysis demonstrates the effectiveness of our approaches.

2019-09-20
Sunny Fugate, Kimberly Ferguson-Walter.  2019.  Artificial Intelligence and Game Theory Models for Defending Critical Networks with Cyber Deception. AI Magazine. 40(1):49-62.

Traditional cyber security techniques have led to an asymmetric disadvantage for defenders. The defender must detect all possible threats at all times from all attackers and defend all systems against all possible exploitation. In contrast, an attacker needs only to find a single path to the defender's critical information. In this article, we discuss how this asymmetry can be rebalanced using cyber deception to change the attacker's perception of the network environment, and lead attackers to false beliefs about which systems contain critical information or are critical to a defender's computing infrastructure. We introduce game theory concepts and models to represent and reason over the use of cyber deception by the defender and the effect it has on attackerperception. Finally, we discuss techniques for combining artificial intelligence algorithms with game theory models to estimate hidden states of the attacker using feedback through payoffs to learn how best to defend the system using cyber deception. It is our opinion that adaptive cyber deception is a necessary component of future information systems and networks. The techniques we present can simultaneously decrease the risks and impacts suffered by defenders and dramatically increase the costs and risks of detection for attackers. Such techniques are likely to play a pivotal role in defending national and international security concerns.

2019-09-12
Kimberly Ferguson-Walter, Sunny Fugate, Justin Mauger, Maxine Major.  2019.  Game Theory for Adaptive Defensive Cyber Deception. ACM Digital Library.

As infamous hacker Kevin Mitnick describes in his book The Art of Deception, "the human factor is truly security's weakest link". Deception has been widely successful when used by hackers for social engineering and by military strategists in kinetic warfare [26]. Deception affects the human's beliefs, decisions, and behaviors. Similarly, as cyber defenders, deception is a powerful tool that should be employed to protect our systems against humans who wish to penetrate, attack, and harm them.