Deception by Design: Evidence-Based Signaling Games for Network Defense

Deception plays a critical role in the financial industry, online markets, national defense, and countless other areas. Understanding and harnessing deception - especially in cyberspace - is both crucial and difficult. Recent work in this area has used game theory to study the roles of incentives and rational behavior. Building upon this work, we employ a game-theoretic model for the purpose of mechanism design. Specifically, we study a defensive use of deception: implementation of honeypots for network defense. How does the design problem change when an adversary develops the ability to detect honeypots? We analyze two models: cheap-talk games and an augmented version of those games that we call cheap-talk games with evidence, in which the receiver can detect deception with some probability. Our first contribution is this new model for deceptive interactions. We show that the model includes traditional signaling games and complete information games as special cases. We also demonstrate numerically that deception detection sometimes eliminate pure-strategy equilibria. Finally, we present the surprising result that the utility of a deceptive defender can sometimes increase when an adversary develops the ability to detect deception. These results apply concretely to network defense. They are also general enough for the large and critical body of strategic interactions that involve deception.

[1]  Claire Cardie,et al.  Finding Deceptive Opinion Spam by Any Stretch of the Imagination , 2011, ACL.

[2]  Neal Krawetz,et al.  Anti-honeypot technology , 2004, IEEE Security & Privacy Magazine.

[3]  Daniel Grosu,et al.  A Game Theoretic Investigation of Deception in Network Security , 2009, ICCCN.

[4]  Aldert Vrij,et al.  Eliciting cues to deception and truth: What matters are the questions asked , 2012 .

[5]  Quanyan Zhu,et al.  A Dynamic Bayesian Security Game Framework for Strategic Defense Mechanism Design , 2014, GameSec.

[6]  A. Vrij,et al.  ‘Look into my eyes’: can an instruction to maintain eye contact facilitate lie detection? , 2010 .

[7]  B. Depaulo,et al.  Individual differences in judging deception: accuracy and bias. , 2008, Psychological bulletin.

[8]  T. Basar,et al.  A game theoretic approach to decision and analysis in network intrusion detection , 2003, 42nd IEEE International Conference on Decision and Control (IEEE Cat. No.03CH37475).

[9]  Jennifer M. C. Vendemia,et al.  Practice effects, workload, and reaction time in deception. , 2005, The American journal of psychology.

[10]  Colin Camerer,et al.  Pinocchio's Pupil: Using Eyetracking and Pupil Dilation to Understand Truth-Telling and Deception in Sender-Receiver Game , 2009 .

[11]  R. Trivers,et al.  The evolution and psychology of self-deception. , 2011, The Behavioral and brain sciences.

[12]  Adrian Perrig,et al.  Remote detection of virtual machine monitors with fuzzy benchmarking , 2008, OPSR.

[13]  Andrew McLennan,et al.  Gambit: Software Tools for Game Theory , 2006 .

[14]  Ray Bull,et al.  Increasing Cognitive Load to Facilitate Lie Detection: The Benefit of Recalling an Event in Reverse Order , 2008, Law and human behavior.

[15]  M. Dufwenberg Game theory. , 2011, Wiley interdisciplinary reviews. Cognitive science.

[16]  Oguzhan Alagöz,et al.  Modeling secrecy and deception in a multiple-period attacker-defender signaling game , 2010, Eur. J. Oper. Res..

[17]  R. Lewontin ‘The Selfish Gene’ , 1977, Nature.