Abstract
In security games, the defender often has to predict the attacker’s behavior based on some observed attack data. However, a clever attacker can intentionally change its behavior to mislead the defender’s learning, leading to an ineffective defense strategy. This paper investigates the attacker’s imitative behavior deception under uncertainty, in which the attacker mimics a (deceptive) behavior model by consistently playing according to that model, given that it is uncertain about the defender’s learning outcome. We have three main contributions. First, we introduce a new maximin-based algorithm to compute a robust attacker deception decision. Second, we propose a new counter-deception algorithm to tackle the attacker’s deception. We show that there is a universal optimal defense solution, regardless of any private knowledge the defender has about the relation between his learning outcome and the attacker deception choice. Third, we conduct extensive experiments, demonstrating the effectiveness of our proposed algorithms.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
In this work, we consider \(\lambda \ge 0\) as this is the widely accepted range of the attacker’s bounded rationality in the literature.
- 2.
We use a uniform discretization for the sake of solution quality analysis (as we will describe later). Our approach can be generalized to any non-uniform discretization.
- 3.
All of our detailed proofs are in online appendix: https://www.dropbox.com/s/frebqe6etjns6c6/appendix.pdf?dl=0.
- 4.
Observation 5 is stated for the general case \(n > 1\) when the defender’s interval \(I^d_{n}\) is left-open. When \(n = 1\) with the left bound is included, we have \(lb_{n} \le \lambda ^{\text {dec}}\le ub_{n + 1}\).
References
An, B., et al.: A deployed quantal response based patrol planning system for the us coast guard. Interfaces 43(5), 400–420 (2013)
Biggio, B., Nelson, B., Laskov, P.: Poisoning attacks against support vector machines. arXiv preprint arXiv:1206.6389 (2012)
Carroll, T.E., Grosu, D.: A game theoretic investigation of deception in network security. Secur. Commun. Netw. 4(10), 1162–1172 (2011)
Estornell, A., Das, S., Vorobeychik, Y.: Deception through half-truths. In: AAAI (2020)
Fraunholz, D., et al.: Demystifying deception technology: a survey. arXiv preprint arXiv:1804.06196 (2018)
Fugate, S., Ferguson-Walter, K.: Artificial intelligence and game theory models for defending critical networks with cyber deception. 40, 49–62 (2019). https://doi.org/10.1609/aimag.v40i1.2849. https://www.aaai.org/ojs/index.php/aimagazine/article/view/2849
Gan, J., Xu, H., Guo, Q., Tran-Thanh, L., Rabinovich, Z., Wooldridge, M.: Imitative follower deception in stackelberg games. arXiv preprint arXiv:1903.02917 (2019)
Gholami, S., Yadav, A., Tran-Thanh, L., Dilkina, B., Tambe, M.: Don’t put all your strategies in one basket: playing green security games with imperfect prior knowledge. In: AAMAS, pp. 395–403. AAMAS (2019)
Guo, Q., An, B., Bosansky, B., Kiekintveld, C.: Comparing strategic secrecy and stackelberg commitment in security games. In: IJCAI (2017)
Han, X., Kheir, N., Balzarotti, D.: Deception techniques in computer security: a research perspective. ACM Comput. Surv. (CSUR) 51(4), 1–36 (2018)
Horák, K., Zhu, Q., Bošanskỳ, B.: Manipulating adversary’s belief: a dynamic game approach to deception by design for proactive network security. In: Rass, S., An, B., Kiekintveld, C., Fang, F., Schauer, S. (eds.) GameSec 2017. LNCS, pp. 273–294. Springer, Heidelberg (2017). https://doi.org/10.1007/978-3-319-68711-7_15
Huang, L., Joseph, A.D., Nelson, B., Rubinstein, B.I., Tygar, J.D.: Adversarial machine learning. In: AISec, pp. 43–58. ACM (2011)
Kar, D., et al.: Trends and applications in stackelberg security games. In: Handbook of Dynamic Game Theory, pp. 1–47 (2017)
Kiekintveld, C., Jain, M., Tsai, J., Pita, J., Ordóñez, F., Tambe, M.: Computing optimal randomized resource allocations for massive security games. In: AAMAS, pp. 689–696. AAMAS (2009)
McFadden, D., et al.: Conditional logit analysis of qualitative choice behavior (1973)
McKelvey, R.D., Palfrey, T.R.: Quantal response equilibria for normal form games. Games Econom. Behav. 10(1), 6–38 (1995)
Nguyen, T.H., Sinha, A., He, H.: Partial adversarial behavior deception in security games. In: IJCAI (2020)
Nguyen, T.H., Vu, N., Yadav, A., Nguyen, U.: Decoding the imitation security game: handling attacker imitative behavior deception. In: ECAI (2020)
Nguyen, T.H., Wang, Y., Sinha, A., Wellman, M.P.: Deception in finitely repeated security games. In: AAAI (2019)
Nguyen, T.H., Yang, R., Azaria, A., Kraus, S., Tambe, M.: Analyzing the effectiveness of adversary modeling in security games. In: AAAI (2013)
Rabinovich, Z., Jiang, A.X., Jain, M., Xu, H.: Information disclosure as a means to security. In: AAMAS, pp. 645–653 (2015)
Sinha, A., Fang, F., An, B., Kiekintveld, C., Tambe, M.: Stackelberg security games: looking beyond a decade of success. In: IJCAI, pp. 5494–5501 (2018)
Steinhardt, J., Koh, P.W.W., Liang, P.S.: Certified defenses for data poisoning attacks. In: NeurIPS, pp. 3517–3529 (2017)
Tambe, M.: Security and Game Theory: Algorithms, Deployed Systems, Lessons Learned. Cambridge University Press, Cambridge (2011)
Tong, L., Yu, S., Alfeld, S., et al.: Adversarial regression with multiple learners. In: ICML, pp. 4946–4954 (2018)
Xu, H., Rabinovich, Z., Dughmi, S., Tambe, M.: Exploring information asymmetry in two-stage security games. In: AAMAS, pp. 1057–1063 (2015)
Yang, R., Kiekintveld, C., Ordonez, F., Tambe, M., John, R.: Improving resource allocation strategy against human adversaries in security games. In: IJCAI (2011)
Zhuang, J., Bier, V.M., Alagoz, O.: Modeling secrecy and deception in a multiple-period attacker-defender signaling game. Eur. J. Oper. Res. 203(2), 409–418 (2010)
Acknowledgement
Dr. Yadav was supported in part by ARO Grant No. W911NF-21-1-0047.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Nguyen, T.H., Yadav, A. (2023). The Risk of Attacker Behavioral Learning: Can Attacker Fool Defender Under Uncertainty?. In: Fang, F., Xu, H., Hayel, Y. (eds) Decision and Game Theory for Security. GameSec 2022. Lecture Notes in Computer Science, vol 13727. Springer, Cham. https://doi.org/10.1007/978-3-031-26369-9_1
Download citation
DOI: https://doi.org/10.1007/978-3-031-26369-9_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-26368-2
Online ISBN: 978-3-031-26369-9
eBook Packages: Computer ScienceComputer Science (R0)