Deceiving Cyber Adversaries: A Game Theoretic Approach
| Title | Deceiving Cyber Adversaries: A Game Theoretic Approach |
| Publication Type | Conference Paper |
| Year of Publication | 2018 |
| Authors | Schlenker, Aaron, Thakoor, Omkar, Xu, Haifeng, Fang, Fei, Tambe, Milind, Tran-Thanh, Long, Vayanos, Phebe, Vorobeychik, Yevgeniy |
| Conference Name | Proceedings of the 17th International Conference on Autonomous Agents and MultiAgent Systems |
| Publisher | International Foundation for Autonomous Agents and Multiagent Systems |
| Conference Location | Stockholm, Sweden |
| Keywords | Cognitive Security in Cyber, Cogntive Security, cyber security, game theory, security games |
| Abstract | An important way cyber adversaries find vulnerabilities in mod- ern networks is through reconnaissance, in which they attempt to identify configuration specifics of network hosts. To increase un- certainty of adversarial reconnaissance, the network administrator (henceforth, defender) can introduce deception into responses to network scans, such as obscuring certain system characteristics. We introduce a novel game-theoretic model of deceptive interactions of this kind between a defender and a cyber attacker, which we call the Cyber Deception Game. We consider both a powerful (rational) attacker, who is aware of the defender's exact deception strategy, and a naive attacker who is not. We show that computing the optimal deception strategy is NP-hard for both types of attackers. For the case with a powerful attacker, we provide a mixed-integer linear program solution as well as a fast and effective greedy algorithm. Similarly, we provide complexity results and propose exact and heuristic approaches when the attacker is naive. Our extensive experimental analysis demonstrates the effectiveness of our approaches. |
| URL | http://dl.acm.org/citation.cfm?id=3237383.3237833 |
| Citation Key | Schlenker:2018:DCA:3237383.3237833 |