Game-Theoretic Analysis of Cyber Deception: Evidence-Based Strategies and Dynamic Risk Mitigation

Deception is a technique to mislead human or computer systems by manipulating beliefs and information. For the applications of cyber deception, non-cooperative games become a natural choice of models to capture the adversarial interactions between the players and quantitatively characterizes the conflicting incentives and strategic responses. In this chapter, we provide an overview of deception games in three different environments and extend the baseline signaling game models to include evidence through side-channel knowledge acquisition to capture the information asymmetry, dynamics, and strategic behaviors of deception. We analyze the deception in binary information space based on a signaling game framework with a detector that gives off probabilistic evidence of the deception when the sender acts deceptively. We then focus on a class of continuous one-dimensional information space and take into account the cost of deception in the signaling game. We finally explore the multi-stage incomplete-information Bayesian game model for defensive deception for advanced persistent threats (APTs). We use the perfect Bayesian Nash equilibrium (PBNE) as the solution concept for the deception games and analyze the strategic equilibrium behaviors for both the deceivers and the deceivees.

[1]  Quanyan Zhu,et al.  A Game-Theoretic Approach to Design Secure and Resilient Distributed Support Vector Machines , 2018, IEEE Transactions on Neural Networks and Learning Systems.

[2]  Quanyan Zhu,et al.  Strategic Trust in Cloud-Enabled Cyber-Physical Systems With an Application to Glucose Control , 2017, IEEE Transactions on Information Forensics and Security.

[3]  Sarit Kraus,et al.  Deployed ARMOR protection: the application of a game theoretic model for security at the Los Angeles International Airport , 2008, AAMAS 2008.

[4]  Quanyan Zhu,et al.  On solving large-scale low-rank zero-sum security games of incomplete information , 2016, 2016 IEEE International Workshop on Information Forensics and Security (WIFS).

[5]  Quanyan Zhu,et al.  Analysis and Computation of Adaptive Defense Strategies Against Advanced Persistent Threats for Cyber-Physical Systems , 2018, GameSec.

[6]  Quanyan Zhu,et al.  Deceptive routing games , 2012, 2012 IEEE 51st IEEE Conference on Decision and Control (CDC).

[7]  Quanyan Zhu,et al.  Deception by Design: Evidence-Based Signaling Games for Network Defense , 2015, WEIS.

[8]  Quanyan Zhu,et al.  A mean-field stackelberg game approach for obfuscation adoption in empirical risk minimization , 2017, 2017 IEEE Global Conference on Signal and Information Processing (GlobalSIP).

[9]  Quanyan Zhu,et al.  Game-Theoretic Approach to Feedback-Driven Multi-stage Moving Target Defense , 2013, GameSec.

[10]  Quanyan Zhu,et al.  FACID: A trust-based collaborative decision framework for intrusion detection networks , 2016, Ad Hoc Networks.

[11]  Quanyan Zhu,et al.  A Game-theoretic Taxonomy and Survey of Defensive Deception for Cybersecurity and Privacy , 2017, ACM Comput. Surv..

[12]  Quanyan Zhu,et al.  Secure and practical output feedback control for cloud-enabled cyber-physical systems , 2017, 2017 IEEE Conference on Communications and Network Security (CNS).

[13]  Philippe Jehiel,et al.  A theory of deception , 2010 .

[14]  Bo An,et al.  PROTECT: a deployed game theoretic system to protect the ports of the United States , 2012, AAMAS.

[15]  Sushil Jajodia,et al.  Moving Target Defense - Creating Asymmetric Uncertainty for Cyber Threats , 2011, Moving Target Defense.

[16]  Quanyan Zhu,et al.  Deceptive Routing in Relay Networks , 2012, GameSec.

[17]  Quanyan Zhu,et al.  Security investment under cognitive constraints: A Gestalt Nash equilibrium approach , 2018, 2018 52nd Annual Conference on Information Sciences and Systems (CISS).

[18]  Oguzhan Alagöz,et al.  Modeling secrecy and deception in a multiple-period attacker-defender signaling game , 2010, Eur. J. Oper. Res..

[19]  Indranil Bose,et al.  Unveiling the Mask of Phishing: Threats, Preventive Measures, and Responsibilities , 2007, Commun. Assoc. Inf. Syst..

[20]  Quanyan Zhu,et al.  Analysis of Leaky Deception for Network Security using Signaling Games with Evidence , 2018 .

[21]  Quanyan Zhu,et al.  A Dynamic Game Analysis and Design of Infrastructure Network Protection and Recovery: 125 , 2017, PERV.

[22]  Quanyan Zhu,et al.  On Multi-Phase and Multi-Stage Game-Theoretic Modeling of Advanced Persistent Threats , 2018, IEEE Access.

[23]  Quanyan Zhu,et al.  Deployment and exploitation of deceptive honeybots in social networks , 2012, 52nd IEEE Conference on Decision and Control.

[24]  S. Zamir,et al.  Zero-sum sequential games with incomplete information , 1973 .

[25]  Ray Bull,et al.  Increasing Cognitive Load to Facilitate Lie Detection: The Benefit of Recalling an Event in Reverse Order , 2008, Law and human behavior.

[26]  Quanyan Zhu,et al.  A game-theoretic defense against data poisoning attacks in distributed support vector machines , 2017, 2017 IEEE 56th Annual Conference on Decision and Control (CDC).

[27]  Quanyan Zhu,et al.  Physical Intrusion Games—Optimizing Surveillance by Simulation and Game Theory , 2017, IEEE Access.

[28]  Quanyan Zhu,et al.  Compliance signaling games: toward modeling the deterrence of insider threats , 2016, Comput. Math. Organ. Theory.

[29]  Azer Bestavros,et al.  Markov Modeling of Moving Target Defense Games , 2016, MTD@CCS.

[30]  Quanyan Zhu,et al.  Resilient and secure network design for cyber attack-induced cascading link failures in critical infrastructures , 2015, 2015 49th Annual Conference on Information Sciences and Systems (CISS).

[31]  Quanyan Zhu,et al.  Strategic Defense Against Deceptive Civilian GPS Spoofing of Unmanned Aerial Vehicles , 2017, GameSec.

[32]  E. Harrell,et al.  Victims of Identity Theft, 2016: Bulletin , 2015 .

[33]  Quanyan Zhu,et al.  Factored markov game theory for secure interdependent infrastructure networks , 2018 .

[34]  Quanyan Zhu,et al.  Epidemic Protection Over Heterogeneous Networks Using Evolutionary Poisson Games , 2017, IEEE Transactions on Information Forensics and Security.

[35]  Rui Zhang,et al.  Secure and resilient distributed machine learning under adversarial environments , 2015, 2015 18th International Conference on Information Fusion (Fusion).

[36]  Robert Powell,et al.  Allocating Defensive Resources with Private Information about Vulnerability , 2007, American Political Science Review.

[37]  Quanyan Zhu,et al.  Game theory meets network security and privacy , 2013, CSUR.

[38]  Quanyan Zhu,et al.  A Dynamic Bayesian Security Game Framework for Strategic Defense Mechanism Design , 2014, GameSec.

[39]  Daniel Grosu,et al.  A Game Theoretic Investigation of Deception in Network Security , 2009, ICCCN.

[40]  Pawlick Jeffrey,et al.  A Stackelberg game perspective on the conflict between machine learning and data obfuscation , 2016 .

[41]  Quanyan Zhu,et al.  Interdependent network formation games with an application to critical infrastructures , 2016, 2016 American Control Conference (ACC).

[42]  Quanyan Zhu,et al.  A Bi-Level Game Approach to Attack-Aware Cyber Insurance of Computer Networks , 2017, IEEE Journal on Selected Areas in Communications.

[43]  Chase Qishi Wu,et al.  A Survey of Game Theory as Applied to Network Security , 2010, 2010 43rd Hawaii International Conference on System Sciences.

[44]  J. Vickers Signalling in a Model of Monetary Policy with Incomplete Information , 1986 .

[45]  Gerald G. Brown,et al.  A Two-Sided Optimization for Theater Ballistic Missile Defense , 2005, Oper. Res..

[46]  T. Basar,et al.  A game theoretic approach to decision and analysis in network intrusion detection , 2003, 42nd IEEE International Conference on Decision and Control (IEEE Cat. No.03CH37475).

[47]  J. Nash Equilibrium Points in N-Person Games. , 1950, Proceedings of the National Academy of Sciences of the United States of America.

[48]  Uri Gneezy,et al.  Deception: The Role of Consequences , 2005 .

[49]  Quanyan Zhu,et al.  A hybrid stochastic game for secure control of cyber-physical systems , 2018, Autom..

[50]  Quanyan Zhu,et al.  Game-Theoretic Methods for Robustness, Security, and Resilience of Cyberphysical Control Systems: Games-in-Games Principle for Optimal Cross-Layer Resilient Control Systems , 2015, IEEE Control Systems.

[51]  Antonio Iera,et al.  The Internet of Things: A survey , 2010, Comput. Networks.

[52]  Indranil Bose,et al.  Assessing anti-phishing preparedness: A study of online banks in Hong Kong , 2008, Decis. Support Syst..

[53]  Quanyan Zhu,et al.  Security as a Service for Cloud-Enabled Internet of Controlled Things Under Advanced Persistent Threats: A Contract Design Approach , 2017, IEEE Transactions on Information Forensics and Security.

[54]  John C. Harsanyi,et al.  Games with Incomplete Information Played by "Bayesian" Players, I-III: Part I. The Basic Model& , 2004, Manag. Sci..

[55]  Quanyan Zhu,et al.  Proactive Defense Against Physical Denial of Service Attacks Using Poisson Signaling Games , 2017, GameSec.

[56]  Branislav Bosanský,et al.  Manipulating Adversary's Belief: A Dynamic Game Approach to Deception by Design for Proactive Network Security , 2017, GameSec.

[57]  Quanyan Zhu,et al.  Adaptive Strategic Cyber Defense for Advanced Persistent Threats in Critical Infrastructure Networks , 2018, PERV.

[58]  Quanyan Zhu,et al.  Hypothesis Testing Game for Cyber Deception , 2018, GameSec.

[59]  Sajal K. Das,et al.  gPath: A Game-Theoretic Path Selection Algorithm to Protect Tor's Anonymity , 2010, GameSec.

[60]  Quanyan Zhu,et al.  On the Detection of Adversarial Attacks against Deep Neural Networks , 2017, SafeConfig@CCS.

[61]  Quanyan Zhu,et al.  Compliance Control: Managed Vulnerability Surface in Social-Technological Systems via Signaling Games , 2015, MIST@CCS.

[62]  Jie Zhang,et al.  A Multifaceted Approach to Modeling Agent Trust for Effective Communication in the Application of Mobile Ad Hoc Vehicular Networks , 2011, IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews).

[63]  Quanyan Zhu,et al.  Modeling and Analysis of Leaky Deception Using Signaling Games With Evidence , 2018, IEEE Transactions on Information Forensics and Security.

[64]  Lech J. Janczewski,et al.  Cyber Warfare and Cyber Terrorism , 2007 .

[65]  H. B. Cott,et al.  Adaptive Coloration in Animals , 1940 .

[66]  Tamer Basar,et al.  With the Capacity 0.461(bits) and the Optimal Opd Being 'q = , 1998 .