Deceiving cyber adversaries: A game theoretic approach
Deceiving cyber adversaries: A game theoretic approach
An important way cyber adversaries find vulnerabilities in modern networks is through reconnaissance, in which they attempt to identify configuration specifics of network hosts. To increase uncertainty of adversarial reconnaissance, the network administrator (henceforth, defender) can introduce deception into responses to network scans, such as obscuring certain system characteristics. We introduce a novel game-theoretic model of deceptive interactions of this kind between a defender and a cyber attacker, which we call the Cyber Deception Game. We consider both a powerful (rational) attacker, who is aware of the defender's exact deception strategy, and a naive attacker who is not. We show that computing the optimal deception strategy is NP-hard for both types of attackers. For the case with a powerful attacker, we provide a mixed-integer linear program solution as well as a fast and effective greedy algorithm. Similarly, we provide complexity results and propose exact and heuristic approaches when the attacker is naive. Our extensive experimental analysis demonstrates the effectiveness of our approaches.
Cyber security, Game theory, Security games
892-900
International Foundation for Autonomous Agents and Multiagent Systems (IFAAMAS)
Schlenker, Aaron
96d51d9b-55ed-4fa2-bc6c-d685c8ed7b78
Thakoor, Omkar
91cce790-f3f0-422d-9fbf-5166f110d8af
Xu, Haifeng
f82aa998-282f-4d50-be6d-8edf15a1f0a9
Fang, Fei
0681e1db-6889-419c-94d4-77027f6979e7
Tambe, Milind
a620fda8-c4fe-4193-a396-fe6de595fc6f
Tran-Thanh, Long
e0666669-d34b-460e-950d-e8b139fab16c
Vayanos, Phebe
80d104da-8892-4ee6-9232-cdcc561a7445
Vorobeychik, Yevgeniy
685c819f-3a7e-4f75-a4fb-2be1678db607
10 July 2018
Schlenker, Aaron
96d51d9b-55ed-4fa2-bc6c-d685c8ed7b78
Thakoor, Omkar
91cce790-f3f0-422d-9fbf-5166f110d8af
Xu, Haifeng
f82aa998-282f-4d50-be6d-8edf15a1f0a9
Fang, Fei
0681e1db-6889-419c-94d4-77027f6979e7
Tambe, Milind
a620fda8-c4fe-4193-a396-fe6de595fc6f
Tran-Thanh, Long
e0666669-d34b-460e-950d-e8b139fab16c
Vayanos, Phebe
80d104da-8892-4ee6-9232-cdcc561a7445
Vorobeychik, Yevgeniy
685c819f-3a7e-4f75-a4fb-2be1678db607
Schlenker, Aaron, Thakoor, Omkar, Xu, Haifeng, Fang, Fei, Tambe, Milind, Tran-Thanh, Long, Vayanos, Phebe and Vorobeychik, Yevgeniy
(2018)
Deceiving cyber adversaries: A game theoretic approach.
In 17th International Conference on Autonomous Agents and Multiagent Systems, AAMAS 2018.
vol. 2,
International Foundation for Autonomous Agents and Multiagent Systems (IFAAMAS).
.
Record type:
Conference or Workshop Item
(Paper)
Abstract
An important way cyber adversaries find vulnerabilities in modern networks is through reconnaissance, in which they attempt to identify configuration specifics of network hosts. To increase uncertainty of adversarial reconnaissance, the network administrator (henceforth, defender) can introduce deception into responses to network scans, such as obscuring certain system characteristics. We introduce a novel game-theoretic model of deceptive interactions of this kind between a defender and a cyber attacker, which we call the Cyber Deception Game. We consider both a powerful (rational) attacker, who is aware of the defender's exact deception strategy, and a naive attacker who is not. We show that computing the optimal deception strategy is NP-hard for both types of attackers. For the case with a powerful attacker, we provide a mixed-integer linear program solution as well as a fast and effective greedy algorithm. Similarly, we provide complexity results and propose exact and heuristic approaches when the attacker is naive. Our extensive experimental analysis demonstrates the effectiveness of our approaches.
Text
p892
- Version of Record
Restricted to Repository staff only
Request a copy
More information
e-pub ahead of print date: 10 July 2018
Published date: 10 July 2018
Venue - Dates:
17th International Conference on Autonomous Agents and Multiagent Systems, AAMAS 2018, , Stockholm, Sweden, 2018-07-10 - 2018-07-15
Keywords:
Cyber security, Game theory, Security games
Identifiers
Local EPrints ID: 425571
URI: http://eprints.soton.ac.uk/id/eprint/425571
PURE UUID: 7ac40e33-912c-4dd3-889f-0a6afcb3ca60
Catalogue record
Date deposited: 25 Oct 2018 16:30
Last modified: 19 Jul 2024 16:52
Export record
Contributors
Author:
Aaron Schlenker
Author:
Omkar Thakoor
Author:
Haifeng Xu
Author:
Fei Fang
Author:
Milind Tambe
Author:
Long Tran-Thanh
Author:
Phebe Vayanos
Author:
Yevgeniy Vorobeychik
Download statistics
Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.
View more statistics