Analysis of Leaky Deception for Network Security using Signaling Games with Evidence

Deception plays critical roles in economics and technology, especially in emerging interactions in cyberspace. Holistic models of deception are needed in order to analyze interactions and to design mechanisms that improve them. Game theory provides such models. In particular, existing work models deception using signaling games. But signaling games inherently model deception that is undetectable. In this paper, we analyze an extended version of signaling games that includes a detector which gives off probabilistic warnings when the sender acts deceptively. We derive pooling and partially-separating equilibria of the game. We find that 1) high-quality detectors eliminate some pure-strategy equilibria, 2) detectors with high true-positive rates encourage more honest signaling than detectors with low false-positive rates, and 3) receivers obtain optimal outcomes for equal-error-rate detectors. We illustrate these results with an application to defensive deception for network security. Our results provide a quantitative and rigorous analysis of the fundamental aspects of detectable deception.

[1]  Tamer Başar,et al.  Information-Theoretic Approach to Strategic Communication as a Hierarchical Game , 2015, Proceedings of the IEEE.

[2]  Quanyan Zhu,et al.  Proactive Defense Against Physical Denial of Service Attacks Using Poisson Signaling Games , 2017, GameSec.

[3]  John C. Harsanyi,et al.  Games with Incomplete Information Played by "Bayesian" Players, I-III: Part I. The Basic Model& , 2004, Manag. Sci..

[4]  Viliam Lisý,et al.  Game-Theoretic Foundations for the Strategic Use of Honeypots in Network Security , 2015, Cyber Warfare.

[5]  Daniel Grosu,et al.  A Game Theoretic Investigation of Deception in Network Security , 2009, ICCCN.

[6]  Uri Gneezy,et al.  Deception: The Role of Consequences , 2005 .

[7]  Sanford J. Grossman The Informational Role of Warranties and Private Disclosure about Product Quality , 1981, The Journal of Law and Economics.

[8]  Quanyan Zhu,et al.  Deception by Design: Evidence-Based Signaling Games for Network Defense , 2015, WEIS.

[9]  Quanyan Zhu,et al.  Strategic Defense Against Deceptive Civilian GPS Spoofing of Unmanned Aerial Vehicles , 2017, GameSec.

[10]  W. Youden,et al.  Index for rating diagnostic tests , 1950, Cancer.

[11]  Ville Leppänen,et al.  A Survey on Anti-honeypot and Anti-introspection Methods , 2017, WorldCIST.

[12]  J. Sobel,et al.  STRATEGIC INFORMATION TRANSMISSION , 1982 .

[13]  Sajal K. Das,et al.  gPath: A Game-Theoretic Path Selection Algorithm to Protect Tor's Anonymity , 2010, GameSec.

[14]  Quanyan Zhu,et al.  Game-Theoretic Approach to Feedback-Driven Multi-stage Moving Target Defense , 2013, GameSec.

[15]  V. Crawford Lying for Strategic Advantage: Rational and Boundedly Rational Misrepresentation of Intentions , 2003 .

[16]  Thorsten Holz,et al.  NoSEBrEaK - attacking honeynets , 2004, Proceedings from the Fifth Annual IEEE SMC Information Assurance Workshop, 2004..

[17]  Quanyan Zhu,et al.  Flip the Cloud: Cyber-Physical Signaling Games in the Presence of Advanced Persistent Threats , 2015, GameSec.

[18]  Claire Cardie,et al.  Finding Deceptive Opinion Spam by Any Stretch of the Imagination , 2011, ACL.

[19]  Oliver Hart,et al.  Disclosure Laws and Takeover Bids , 1980 .

[20]  T. Holz,et al.  Detecting honeypots and other suspicious environments , 2005, Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop.

[21]  Oguzhan Alagöz,et al.  Modeling secrecy and deception in a multiple-period attacker-defender signaling game , 2010, Eur. J. Oper. Res..

[22]  Antonio Iera,et al.  The Internet of Things: A survey , 2010, Comput. Networks.

[23]  Ping Chen,et al.  A Study on Advanced Persistent Threats , 2014, Communications and Multimedia Security.

[24]  Pawlick Jeffrey,et al.  A Stackelberg game perspective on the conflict between machine learning and data obfuscation , 2016 .

[25]  Lech J. Janczewski,et al.  Cyber Warfare and Cyber Terrorism , 2007 .

[26]  J. Nash Equilibrium Points in N-Person Games. , 1950, Proceedings of the National Academy of Sciences of the United States of America.

[27]  Xuejun Tan,et al.  On Recognizing Virtual Honeypots and Countermeasures , 2006, 2006 2nd IEEE International Symposium on Dependable, Autonomic and Secure Computing.

[28]  Quanyan Zhu,et al.  Strategic Trust in Cloud-Enabled Cyber-Physical Systems With an Application to Glucose Control , 2017, IEEE Transactions on Information Forensics and Security.

[29]  H. B. Cott,et al.  Adaptive Coloration in Animals , 1940 .

[30]  Navin Kartik,et al.  Strategic Communication with Lying Costs , 2009 .

[31]  James Edwin Mahon,et al.  The Definition of Lying and Deception , 2015 .

[32]  Jie Zhang,et al.  A Multifaceted Approach to Modeling Agent Trust for Effective Communication in the Application of Mobile Ad Hoc Vehicular Networks , 2011, IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews).

[33]  Paul R. Milgrom,et al.  Good News and Bad News: Representation Theorems and Applications , 1981 .

[34]  Christine M. Mitchell,et al.  Human-computer cooperative problem solving: theory, design, and evaluation of an intelligent associate system , 1995, IEEE Trans. Syst. Man Cybern..

[35]  Ray Bull,et al.  Increasing Cognitive Load to Facilitate Lie Detection: The Benefit of Recalling an Event in Reverse Order , 2008, Law and human behavior.

[36]  N.C. Rowe,et al.  Fake Honeypots: A Defensive Tactic for Cyberspace , 2006, 2006 IEEE Information Assurance Workshop.

[37]  Todd E. Humphreys,et al.  Attackers can spoof navigation signals without our knowledge. Here's how to fight back GPS lies , 2016, IEEE Spectrum.