Skip to main content
SpringerLink
Log in

The Risk of Attacker Behavioral Learning: Can Attacker Fool Defender Under Uncertainty?

  • Conference paper
  • First Online:
Decision and Game Theory for Security (GameSec 2022)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13727))

Included in the following conference series:

  • 336 Accesses

Abstract

In security games, the defender often has to predict the attacker’s behavior based on some observed attack data. However, a clever attacker can intentionally change its behavior to mislead the defender’s learning, leading to an ineffective defense strategy. This paper investigates the attacker’s imitative behavior deception under uncertainty, in which the attacker mimics a (deceptive) behavior model by consistently playing according to that model, given that it is uncertain about the defender’s learning outcome. We have three main contributions. First, we introduce a new maximin-based algorithm to compute a robust attacker deception decision. Second, we propose a new counter-deception algorithm to tackle the attacker’s deception. We show that there is a universal optimal defense solution, regardless of any private knowledge the defender has about the relation between his learning outcome and the attacker deception choice. Third, we conduct extensive experiments, demonstrating the effectiveness of our proposed algorithms.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 64.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 84.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    In this work, we consider \(\lambda \ge 0\) as this is the widely accepted range of the attacker’s bounded rationality in the literature.

  2. 2.

    We use a uniform discretization for the sake of solution quality analysis (as we will describe later). Our approach can be generalized to any non-uniform discretization.

  3. 3.

    All of our detailed proofs are in online appendix: https://www.dropbox.com/s/frebqe6etjns6c6/appendix.pdf?dl=0.

  4. 4.

    Observation 5 is stated for the general case \(n > 1\) when the defender’s interval \(I^d_{n}\) is left-open. When \(n = 1\) with the left bound is included, we have \(lb_{n} \le \lambda ^{\text {dec}}\le ub_{n + 1}\).

References

  1. An, B., et al.: A deployed quantal response based patrol planning system for the us coast guard. Interfaces 43(5), 400–420 (2013)

    Article  Google Scholar 

  2. Biggio, B., Nelson, B., Laskov, P.: Poisoning attacks against support vector machines. arXiv preprint arXiv:1206.6389 (2012)

  3. Carroll, T.E., Grosu, D.: A game theoretic investigation of deception in network security. Secur. Commun. Netw. 4(10), 1162–1172 (2011)

    Article  Google Scholar 

  4. Estornell, A., Das, S., Vorobeychik, Y.: Deception through half-truths. In: AAAI (2020)

    Google Scholar 

  5. Fraunholz, D., et al.: Demystifying deception technology: a survey. arXiv preprint arXiv:1804.06196 (2018)

  6. Fugate, S., Ferguson-Walter, K.: Artificial intelligence and game theory models for defending critical networks with cyber deception. 40, 49–62 (2019). https://doi.org/10.1609/aimag.v40i1.2849. https://www.aaai.org/ojs/index.php/aimagazine/article/view/2849

  7. Gan, J., Xu, H., Guo, Q., Tran-Thanh, L., Rabinovich, Z., Wooldridge, M.: Imitative follower deception in stackelberg games. arXiv preprint arXiv:1903.02917 (2019)

  8. Gholami, S., Yadav, A., Tran-Thanh, L., Dilkina, B., Tambe, M.: Don’t put all your strategies in one basket: playing green security games with imperfect prior knowledge. In: AAMAS, pp. 395–403. AAMAS (2019)

    Google Scholar 

  9. Guo, Q., An, B., Bosansky, B., Kiekintveld, C.: Comparing strategic secrecy and stackelberg commitment in security games. In: IJCAI (2017)

    Google Scholar 

  10. Han, X., Kheir, N., Balzarotti, D.: Deception techniques in computer security: a research perspective. ACM Comput. Surv. (CSUR) 51(4), 1–36 (2018)

    Article  Google Scholar 

  11. Horák, K., Zhu, Q., Bošanskỳ, B.: Manipulating adversary’s belief: a dynamic game approach to deception by design for proactive network security. In: Rass, S., An, B., Kiekintveld, C., Fang, F., Schauer, S. (eds.) GameSec 2017. LNCS, pp. 273–294. Springer, Heidelberg (2017). https://doi.org/10.1007/978-3-319-68711-7_15

    Chapter  Google Scholar 

  12. Huang, L., Joseph, A.D., Nelson, B., Rubinstein, B.I., Tygar, J.D.: Adversarial machine learning. In: AISec, pp. 43–58. ACM (2011)

    Google Scholar 

  13. Kar, D., et al.: Trends and applications in stackelberg security games. In: Handbook of Dynamic Game Theory, pp. 1–47 (2017)

    Google Scholar 

  14. Kiekintveld, C., Jain, M., Tsai, J., Pita, J., Ordóñez, F., Tambe, M.: Computing optimal randomized resource allocations for massive security games. In: AAMAS, pp. 689–696. AAMAS (2009)

    Google Scholar 

  15. McFadden, D., et al.: Conditional logit analysis of qualitative choice behavior (1973)

    Google Scholar 

  16. McKelvey, R.D., Palfrey, T.R.: Quantal response equilibria for normal form games. Games Econom. Behav. 10(1), 6–38 (1995)

    Article  MathSciNet  MATH  Google Scholar 

  17. Nguyen, T.H., Sinha, A., He, H.: Partial adversarial behavior deception in security games. In: IJCAI (2020)

    Google Scholar 

  18. Nguyen, T.H., Vu, N., Yadav, A., Nguyen, U.: Decoding the imitation security game: handling attacker imitative behavior deception. In: ECAI (2020)

    Google Scholar 

  19. Nguyen, T.H., Wang, Y., Sinha, A., Wellman, M.P.: Deception in finitely repeated security games. In: AAAI (2019)

    Google Scholar 

  20. Nguyen, T.H., Yang, R., Azaria, A., Kraus, S., Tambe, M.: Analyzing the effectiveness of adversary modeling in security games. In: AAAI (2013)

    Google Scholar 

  21. Rabinovich, Z., Jiang, A.X., Jain, M., Xu, H.: Information disclosure as a means to security. In: AAMAS, pp. 645–653 (2015)

    Google Scholar 

  22. Sinha, A., Fang, F., An, B., Kiekintveld, C., Tambe, M.: Stackelberg security games: looking beyond a decade of success. In: IJCAI, pp. 5494–5501 (2018)

    Google Scholar 

  23. Steinhardt, J., Koh, P.W.W., Liang, P.S.: Certified defenses for data poisoning attacks. In: NeurIPS, pp. 3517–3529 (2017)

    Google Scholar 

  24. Tambe, M.: Security and Game Theory: Algorithms, Deployed Systems, Lessons Learned. Cambridge University Press, Cambridge (2011)

    Book  MATH  Google Scholar 

  25. Tong, L., Yu, S., Alfeld, S., et al.: Adversarial regression with multiple learners. In: ICML, pp. 4946–4954 (2018)

    Google Scholar 

  26. Xu, H., Rabinovich, Z., Dughmi, S., Tambe, M.: Exploring information asymmetry in two-stage security games. In: AAMAS, pp. 1057–1063 (2015)

    Google Scholar 

  27. Yang, R., Kiekintveld, C., Ordonez, F., Tambe, M., John, R.: Improving resource allocation strategy against human adversaries in security games. In: IJCAI (2011)

    Google Scholar 

  28. Zhuang, J., Bier, V.M., Alagoz, O.: Modeling secrecy and deception in a multiple-period attacker-defender signaling game. Eur. J. Oper. Res. 203(2), 409–418 (2010)

    Article  MathSciNet  MATH  Google Scholar 

Download references

Acknowledgement

Dr. Yadav was supported in part by ARO Grant No. W911NF-21-1-0047.

Author information

Authors and Affiliations

  1. University of Oregon, Eugene, OR, 97403, USA

    Thanh Hong Nguyen

  2. Pennsylvania State University, University Park, PA, 16802, USA

    Amulya Yadav

Authors
  1. Thanh Hong Nguyen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Amulya Yadav
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Thanh Hong Nguyen .

Editor information

Editors and Affiliations

  1. Carnegie Mellon University, Pittsburgh, PA, USA

    Fei Fang

  2. University of Chicago, Chicago, IL, USA

    Haifeng Xu

  3. Université d'Avignon, Avignon, France

    Yezekael Hayel

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Nguyen, T.H., Yadav, A. (2023). The Risk of Attacker Behavioral Learning: Can Attacker Fool Defender Under Uncertainty?. In: Fang, F., Xu, H., Hayel, Y. (eds) Decision and Game Theory for Security. GameSec 2022. Lecture Notes in Computer Science, vol 13727. Springer, Cham. https://doi.org/10.1007/978-3-031-26369-9_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-26369-9_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-26368-2

  • Online ISBN: 978-3-031-26369-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation