Abstract
Prior work has explored the use of defensive cyber deception to manipulate the information available to attackers and to proactively lie on behalf of both real and decoy systems. Such approaches can provide advantages to defenders by delaying attacker forward progress and thereby decreasing or eliminating attacker payoffs. In this work, we expand previous work by incorporating new parameters relating to attacker costs and choices. The extended model includes attacker costs for probing a system to learn its declared type (“real” or “fake”) and allows an attacker to proactively choose to leave the game early by walking away. While these additional parameters represent extensions to our prior model, they are key to understanding attacker behavior when confronted with deceptive cyber defenses. We first present the extended model and an analysis of the expected rewards for rational players. We then present the behavior of an adaptive attacker in a Markov Decision Process (MDP) simulation. Lastly, we relate our analytic and empirical findings to cognitive bias effects and speculate on how the manipulation of game parameters may be used in future work to both estimate and trigger bias effects during defender-attacker interactions.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Aggarwal, P., Dutt, V., Gonzalez, C.: Cyber-security: role of deception in cyber-attack detection. In: Nicholson, D. (ed.) Advances in Human Factors in Cybersecurity. AISC, vol. 501, pp. 85–96. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-41932-9_8
Bilinski, M., Ferguson-Walter, K., Fugate, S., Gabrys, R., Mauger, J., Souza, B.: You only lie twice: a multi-round cyber deception game of questionable veracity. In: Alpcan, T., Vorobeychik, Y., Baras, J.S., Dán, G. (eds.) GameSec 2019. LNCS, vol. 11836, pp. 65–84. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-32430-8_5
Bilinski, M., Gabrys, R., Mauger, J.: Optimal placement of honeypots for network defense. In: Bushnell, L., Poovendran, R., Başar, T. (eds.) GameSec 2018. LNCS, vol. 11199, pp. 115–126. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-01554-1_7
Brockman, G., et al.: Open AI gym. https://arxiv.org/abs/1606.01540s (2016)
Carroll, T.E., Grosu, D.: A game theoretic investigation of deception in network security. Secur. Commun. Netw. 4(10), 1162–1172 (2011)
Çeker, H., Zhuang, J., Upadhyaya, S., La, Q.D., Soong, B.-H.: Deception-based game theoretical approach to mitigate DoS attacks. In: Zhu, Q., Alpcan, T., Panaousis, E., Tambe, M., Casey, W. (eds.) GameSec 2016. LNCS, vol. 9996, pp. 18–38. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-47413-7_2
Cifranic, N., Romero-Mariona, J., Souza, B., Hallman, R.: Decepti-SCADA: a framework for actively defending networked critical infrastructures (2020). https://doi.org/10.5220/0009343300690077
Ferguson-Walter, K.: An empirical assessment of the effectiveness of deception for cyber defense. Ph.D. thesis (2020). https://doi.org/10.7275/z0rb-ek46
Ferguson-Walter, K.J., et al.: The tularosa study: an experimental design and implementation to quantify the effectiveness of cyber deception, Maui, HI (2019)
Ferguson-Walter, K.J., LaFon, D., Shade, T.: Friend or Faux: deception for cyber defense. J. Inf. Warfare 16, 28–42 (2017)
Garg, N., Grosu, D.: Deception in honeynets: a game-theoretic analysis. In: 2007 IEEE SMC Information Assurance And Security Workshop, pp. 107–113 (2007)
Gutzwiller, R., Ferguson-Walter, K.J., Fugate, S., Rogers, A.: Oh, look, a butterfly!. A framework for distracting attackers to improve cyber defense, Philadelphia, Pennsylvania (2018)
Gutzwiller, R.S., Ferguson-Walter, K.J., Fugate, S.J.: Are cyber attackers thinking fast and slow? Exploratory analysis reveals evidence of decision-making biases in red teamers. In: Proceedings of the Human Factors and Ergonomics Society Annual Meeting, vol. 63, pp. 427–431. SAGE Publications (2019)
Heckman, K.E., Stech, F.J., Thomas, R.K., Schmoker, B., Tsow, A.W.: Cyber Denial, Deception and Counter Deception: A Framework for Supporting Active Cyber Defense. AIS. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-25133-2. www.springer.com/us/book/9783319251318
Huang, Y., Zhu, Q.: Deceptive reinforcement learning under adversarial manipulations on cost signals. In: Alpcan, T., Vorobeychik, Y., Baras, J.S., Dán, G. (eds.) GameSec 2019. LNCS, vol. 11836, pp. 217–237. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-32430-8_14
Jajodia, S., et al.: A probabilistic logic of cyber deception. IEEE Trans. Inf. Forensics Secur. 12(11), 2532–2544 (2017)
Johnson, C.: Measuring the impact of the sunk cost fallacy to delay and disrupt attacker behavior. Doctoral dissertation in preparation, Arizona State University
Johnson, C., Gutzwiller, R., Ferguson-Walter, K.J., Fugate, S.: A cyber-relevant table of decision making biases and their definitions. https://doi.org/10.13140/RG.2.2.14891.87846
Kahneman, D., Tversky, A.: Prospect theory: an analysis of decision under risk. Econometrica 47(2), 363–391 (1979)
Libicki, M.: Cyberdeterrence and Cyberwar. RAND Corporation, Santa Monica (2009)
Píbil, R., Lisý, V., Kiekintveld, C., Bošanský, B., Pěchouček, M.: Game theoretic model of strategic honeypot selection in computer networks. In: Grossklags, J., Walrand, J. (eds.) GameSec 2012. LNCS, vol. 7638, pp. 201–220. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-34266-0_12
Schlenker, A., et al.: Deceiving cyber adversaries: a game theoretic approach. In: Proceedings of the 17th International Conference on Autonomous Agents and MultiAgent Systems, pp. 892–900 (2018)
Strom, B.E., Applebaum, A., Miller, D.P., Nickels, K.C., Pennington, A.G., Thomas, C.B.: MITRE ATT&CK: design and philosophy. Technical report (2018)
Terrell, D.: A test of the gambler’s fallacy: evidence from pari-mutuel games. J. Risk Uncertainty 8(2), 309–317 (1994)
Tversky, A., Kahneman, D.: Belief in the law of small numbers. Psychol. Bull. 76(2), 105 (1971)
Tversky, A., Kahneman, D.: Judgment under uncertainty: heuristics and biases. Science 185(4157), 1124–1131 (1974)
Wagener, G., State, R., Dulaunoy, A., Engel, T.: Self adaptive high interaction honeypots driven by game theory. In: Guerraoui, R., Petit, F. (eds.) SSS 2009. LNCS, vol. 5873, pp. 741–755. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-05118-0_51
Wang, W., Zeng, B.: A two-stage deception game for network defense. In: Bushnell, L., Poovendran, R., Başar, T. (eds.) GameSec 2018. LNCS, vol. 11199, pp. 569–582. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-01554-1_33
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 This is a U.S. government work and not under copyright protection in the U.S.; foreign copyright protection may apply
About this paper
Cite this paper
Bilinski, M. et al. (2020). Lie Another Day: Demonstrating Bias in a Multi-round Cyber Deception Game of Questionable Veracity. In: Zhu, Q., Baras, J.S., Poovendran, R., Chen, J. (eds) Decision and Game Theory for Security. GameSec 2020. Lecture Notes in Computer Science(), vol 12513. Springer, Cham. https://doi.org/10.1007/978-3-030-64793-3_5
Download citation
DOI: https://doi.org/10.1007/978-3-030-64793-3_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-64792-6
Online ISBN: 978-3-030-64793-3
eBook Packages: Computer ScienceComputer Science (R0)