Towards a Cognitive Theory of Cyber Deception

This work is an initial step toward developing a cognitive theory of cyber deception. While widely studied, the psychology of deception has largely focused on physical cues of deception. Given that present-day communication among humans is largely electronic, we focus on the cyber domain where physical cues are unavailable and for which there is less psychological research. To improve cyber defense, researchers have used signaling theory to extended algorithms developed for the optimal allocation of limited defense resources by using deceptive signals to trick the human mind. However, the algorithms are designed to protect against adversaries that make perfectly rational decisions. In behavioral experiments using an abstract cybersecurity game (i.e., Insider Attack Game), we examined human decision-making when paired against the defense algorithm. We developed an instance-based learning (IBL) model of an attacker using the Adaptive Control of Thought-Rational (ACT-R) cognitive architecture to investigate how humans make decisions under deception in cyber-attack scenarios. Our results show that the defense algorithm is more effective at reducing the probability of attack and protecting assets when using deceptive signaling, compared to no signaling, but is less effective than predicted against a perfectly rational adversary. Also, the IBL model replicates human attack decisions accurately. The IBL model shows how human decisions arise from experience, and how memory retrieval dynamics can give rise to cognitive biases, such as confirmation bias. The implications of these findings are discussed in the perspective of informing theories of deception and designing more effective signaling schemes that consider human bounded rationality.

[1]  J. Wagemans,et al.  Conjuring Deceptions: Fooling the Eye or Fooling the Mind? , 2016, Trends in Cognitive Sciences.

[2]  Adrianna C. Jenkins,et al.  Cognitive neuroscience of honesty and deception: a signaling framework , 2016, Current Opinion in Behavioral Sciences.

[3]  Bo An,et al.  PROTECT: a deployed game theoretic system to protect the ports of the United States , 2012, AAMAS.

[4]  Cleotilde Gonzalez,et al.  A Cognitive Model of Dynamic Cooperation With Varied Interdependency Information , 2015, Cogn. Sci..

[5]  Mohammed H. Almeshekah,et al.  Cyber Security Deception , 2016, Cyber Deception.

[6]  Cleotilde Gonzalez,et al.  The boundaries of instance-based learning theory for explaining decisions from experience. , 2013, Progress in brain research.

[7]  Christian Lebiere,et al.  Simple games as dynamic, coupled systems: randomness and other emergent properties , 2001, Cognitive Systems Research.

[8]  Ronald E. Riggio,et al.  Individual Differences and Cues to Deception , 1983 .

[9]  H. Simon,et al.  Rational choice and the structure of the environment. , 1956, Psychological review.

[10]  Milind Tambe,et al.  Know Your Adversary: Insights for a Better Adversarial Behavioral Model , 2016, CogSci.

[11]  Milind Tambe,et al.  Learning to Signal in the Goldilocks Zone: Improving Adversary Compliance in Security Games , 2019, ECML/PKDD.

[12]  R. Hertwig Decisions from Experience , 2015 .

[13]  Cleotilde Gonzalez,et al.  Security under Uncertainty: Adaptive Attackers Are More Challenging to Human Defenders than Random Attackers , 2017, Front. Psychol..

[14]  Quanyan Zhu,et al.  A Game-theoretic Taxonomy and Survey of Defensive Deception for Cybersecurity and Privacy , 2017, ACM Comput. Surv..

[15]  Varun Dutt,et al.  Instance-based learning: integrating sampling and repeated decisions from experience. , 2011, Psychological review.

[16]  Haifeng Xu,et al.  Exploring Information Asymmetry in Two-Stage Security Games , 2015, AAAI.

[17]  Michael K. Martin,et al.  Instance-Based Decision Making Model of Repeated Binary Choice , 2007 .

[18]  Christian Lebiere,et al.  Learning features while learning to classify: a cognitive model for autonomous systems , 2020, Comput. Math. Organ. Theory.

[19]  Bo An,et al.  Stackelberg Security Games: Looking Beyond a Decade of Success , 2018, IJCAI.

[20]  Cleotilde Gonzalez,et al.  Instance-based learning in dynamic decision making , 2003 .

[21]  Richard Reviewer-Granger Unified Theories of Cognition , 1991, Journal of Cognitive Neuroscience.

[22]  C. Lebiere,et al.  Instance-Based Cognitive Models of Decision-Making , 2005 .

[23]  Cleotilde Gonzalez,et al.  Exploiting Bounded Rationality in Risk-Based Cyber Camouflage Games , 2020, GameSec.

[24]  Milind Tambe,et al.  Security and Game Theory - Algorithms, Deployed Systems, Lessons Learned , 2011 .

[25]  Ray Hyman The Psychology of Deception , 1989 .

[26]  John R. Anderson Is human cognition adaptive? , 1991, Behavioral and Brain Sciences.

[27]  Kevin W. Hamlen,et al.  Autonomous Cyber Deception: Reasoning, Adaptive Planning, and Evaluation of HoneyThings , 2019, Springer International Publishing.

[28]  Chad M. Eliason How do complex animal signals evolve? , 2018, PLoS biology.

[29]  Nigel Harvey,et al.  Blackwell Handbook of Judgment and Decision Making , 2004 .

[30]  Sarit Kraus,et al.  ARMOR Security for Los Angeles International Airport , 2008, AAAI.

[31]  Milind Tambe,et al.  An Exploratory Study of a Masking Strategy of Cyberdeception Using CyberVAN , 2020 .

[32]  B. Depaulo,et al.  Individual differences in judging deception: accuracy and bias. , 2008, Psychological bulletin.

[33]  Cleotilde Gonzalez,et al.  Cyber-Security: Role of Deception in Cyber-Attack Detection , 2016 .

[34]  Milind Tambe,et al.  Learning about Cyber Deception through Simulations: Predictions of Human Decision Making with Deceptive Signals in Stackelberg Security Games , 2018, CogSci.

[35]  Ion Juvina,et al.  Reciprocal Trust Mediates Deep Transfer of Learning Between Games of Strategic Interaction , 2013 .

[36]  M. Mokkonen,et al.  The evolutionary ecology of deception , 2016, Biological reviews of the Cambridge Philosophical Society.

[37]  Scott Sanner,et al.  Achieving Efficient and Cognitively Plausible Learning in Backgammon , 2000, ICML.

[38]  John R Anderson,et al.  An integrated theory of the mind. , 2004, Psychological review.

[39]  Frank J. Stech,et al.  Integrating Cyber-D&D into Adversary Modeling for Active Cyber Defense , 2016, Cyber Deception.

[40]  David M. Kreps,et al.  Signaling Games and Stable Equilibria , 1987 .

[41]  Cleotilde Gonzalez,et al.  Design of Dynamic and Personalized Deception: A Research Framework and New Insights , 2020, HICSS.

[42]  Milind Tambe,et al.  Adaptive Cyber Deception: Cognitively Informed Signaling for Cyber Defense , 2020, HICSS.

[43]  John R. Anderson,et al.  A Functional Model of Sensemaking in a Neurocognitive Architecture , 2013, Comput. Intell. Neurosci..

[44]  Ofer H. Azar,et al.  Deception and decision making in professional basketball: Is it beneficial to flop? , 2014 .

[45]  Neil C. Rowe,et al.  Introduction to Cyberdeception , 2016, Springer International Publishing.

[46]  Milind Tambe,et al.  Toward Personalized Deceptive Signaling for Cyber Defense Using Cognitive Models , 2020, Top. Cogn. Sci..

[47]  S. Kosslyn,et al.  Types of deception revealed by individual differences in cognitive abilities , 2009, Social neuroscience.

[48]  C. Lebiere,et al.  The Atomic Components of Thought , 1998 .