Game of Duplicity: A Proactive Automated Defense Mechanism by Deception Design

We present a new game framework called the duplicity game to design defensive deception mechanisms. The mechanism provides the defender with a proactive and automated way to enhance security by defensive deception. Unlike encryption which hides a secret, our mechanism achieves deception overtly; i.e., the user recognizes the potential deception, yet still has the incentive to participate in the mechanism and follow the defender's regulation. The deception mechanism consists of the joint design of a policy generator, an incentive manipulator, and a trust modulator. A case study of discriminative honeypot configuration is presented to validate the deception mechanism design.

[1]  Quanyan Zhu,et al.  A Dynamic Games Approach to Proactive Defense Strategies against Advanced Persistent Threats in Cyber-Physical Systems , 2019, Comput. Secur..

[2]  Jiayong Liu,et al.  Automatic Identification of Honeypot Server Using Machine Learning Techniques , 2019, Secur. Commun. Networks.

[3]  Andriy Zapechelnyuk,et al.  Persuasion of a Privately Informed Receiver , 2016 .

[4]  Martín Abadi,et al.  Heat-seeking honeypots: design and experience , 2011, WWW.

[5]  Emir Kamenica,et al.  Bayesian Persuasion , 2009 .

[6]  Sushil Jajodia,et al.  Moving Target Defense - Creating Asymmetric Uncertainty for Cyber Threats , 2011, Moving Target Defense.

[7]  A. Kolotilin Optimal Information Disclosure: A Linear Programming Approach , 2016 .

[8]  Kenli Li,et al.  Game-Theoretic Design of Optimal Two-Sided Rating Protocols for Service Exchange Dilemma in Crowdsourcing , 2018, IEEE Transactions on Information Forensics and Security.

[9]  Quanyan Zhu,et al.  Security as a Service for Cloud-Enabled Internet of Controlled Things Under Advanced Persistent Threats: A Contract Design Approach , 2017, IEEE Transactions on Information Forensics and Security.

[10]  Haifeng Xu,et al.  Algorithmic Bayesian persuasion , 2015, STOC.

[11]  Hongli Zhang,et al.  Client honeypots: Approaches and challenges , 2010, 4th International Conference on New Trends in Information Science and Service Science.

[12]  Frank Wannemaker,et al.  Arrangements Of Hyperplanes , 2016 .

[13]  D. Bergemann,et al.  The Design and Price of Information , 2016 .

[14]  Hao Li,et al.  Discriminatory Information Disclosure , 2017 .

[15]  Milind Tambe,et al.  Learning about Cyber Deception through Simulations: Predictions of Human Decision Making with Deceptive Signals in Stackelberg Security Games , 2018, CogSci.

[16]  Neil C. Rowe,et al.  Defending Cyberspace with Fake Honeypots , 2007, J. Comput..

[17]  Lance Spitzner,et al.  Honeypots: catching the insider threat , 2003, 19th Annual Computer Security Applications Conference, 2003. Proceedings..

[18]  Vincent Conitzer,et al.  Signaling in Bayesian Stackelberg Games , 2016, AAMAS.

[19]  Quanyan Zhu,et al.  Finite-horizon semi-Markov game for time-sensitive attack response and probabilistic risk assessment in nuclear power plants , 2020, Reliab. Eng. Syst. Saf..

[20]  N. Rowe A Taxonomy of Deception in Cyberspace , 2006 .

[21]  Quanyan Zhu,et al.  Game theory meets network security and privacy , 2013, CSUR.

[22]  Hiroshi Fujinoki,et al.  A Survey: Recent Advances and Future Trends in Honeypot Research , 2012 .

[23]  Branislav Bosanský,et al.  Manipulating Adversary's Belief: A Dynamic Game Approach to Deception by Design for Proactive Network Security , 2017, GameSec.

[24]  Quanyan Zhu,et al.  Dynamic Games of Asymmetric Information for Deceptive Autonomous Vehicles. , 2019 .

[25]  Jérôme Renault,et al.  Repeated Games with Incomplete Information , 2009, Encyclopedia of Complexity and Systems Science.

[26]  Quanyan Zhu,et al.  Modeling and Analysis of Leaky Deception Using Signaling Games With Evidence , 2018, IEEE Transactions on Information Forensics and Security.

[27]  Pavol Sokol,et al.  Evolution of Legal Issues of Honeynets , 2016 .

[28]  D. Bergemann,et al.  Information Design: A Unified Perspective , 2017, Journal of Economic Literature.

[29]  Quanyan Zhu,et al.  A Large-Scale Markov Game Approach to Dynamic Protection of Interdependent Infrastructure Networks , 2017, GameSec.

[30]  Quanyan Zhu,et al.  iSTRICT: An Interdependent Strategic Trust Mechanism for the Cloud-Enabled Internet of Controlled Things , 2018, IEEE Transactions on Information Forensics and Security.