More Web Proxy on the site http://driver.im/

research-article

Public Access

Deceiving Cyber Adversaries: A Game Theoretic Approach

Authors:

Aaron Schlenker,

Long Tran-Thanh,

Yevgeniy VorobeychikAuthors Info & Claims

AAMAS '18: Proceedings of the 17th International Conference on Autonomous Agents and MultiAgent Systems

Pages 892 - 900

Published: 09 July 2018 Publication History

Abstract

An important way cyber adversaries find vulnerabilities in modern networks is through reconnaissance, in which they attempt to identify configuration specifics of network hosts. To increase uncertainty of adversarial reconnaissance, the network administrator (henceforth, defender) can introduce deception into responses to network scans, such as obscuring certain system characteristics. We introduce a novel game theoretic model of deceptive interactions of this kind between a defender and a cyber attacker, which we call the Cyber Deception Game. We consider both a powerful (rational) attacker, who is aware of the defender's exact deception strategy, and a naive attacker who is not. We show that computing the optimal deception strategy is NP-hard for both types of attackers. For the case with a powerful attacker, we provide a mixed-integer linear program solution as well as a fast and effective greedy algorithm. Similarly, we provide complexity results and propose exact and heuristic approaches when the attacker is naive. Our extensive experimental analysis demonstrates the effectiveness of our approaches.

References

[1]

Massimiliano Albanese, Ermanno Battista, and Sushil Jajodia . 2015. A deception based approach for defeating OS and service fingerprinting Communications and Network Security (CNS), 2015 IEEE Conference on. IEEE, 317--325.

[2]

Massimiliano Albanese, Ermanno Battista, and Sushil Jajodia . 2016. Deceiving Attackers by Creating a Virtual Attack Surface. Cyber Deception. Springer, 169--201.

[3]

Mohammed H Almeshekah and Eugene H Spafford . 2014. Planning and integrating deception into computer security defenses Proceedings of the 2014 Workshop on New Security Paradigms Workshop. ACM, 127--138.

Digital Library

[4]

Mohammed H Almeshekah and Eugene H Spafford . 2016. Cyber security deception. Cyber Deception. Springer-Verlag, 25--52.

[5]

Tansu Alpcan and Tamer Bacsar . 2010. Network security: A decision and game-theoretic approach. Cambridge University Press.

Digital Library

[6]

Nicola Basilico and Nicola Gatti . 2011. Automated Abstractions for Patrolling Security Games. AAAI.

Digital Library

[7]

Nicola Basilico, Nicola Gatti, and Francesco Amigoni . 2012. Patrolling security games: Definition and algorithms for solving large instances with single patroller and single intruder. Artificial Intelligence Vol. 184 (2012), 78--123.

Digital Library

[8]

David Barroso Berrueta . 2003. A practical approach for defeating Nmap OS- Fingerprinting. Retrieved March Vol. 12 (2003), 2009.

[9]

Christopher M Bishop . 2006. Pattern recognition and machine learning. springer.

Digital Library

[10]

Thomas E Carroll and Daniel Grosu . 2011. A game theoretic investigation of deception in network security. Security and Communication Networks Vol. 4, 10 (2011), 1162--1172.

[11]

Karel Durkota, Viliam Lisỳ, Branislav Bovsanskỳ, and Christopher Kiekintveld . 2015 a. Approximate solutions for attack graph games with imperfect information International Conference on Decision and Game Theory for Security. Springer, 228--249.

[12]

Karel Durkota, Viliam Lisỳ, Branislav Bosanskỳ, and Christopher Kiekintveld . 2015 b. Optimal Network Security Hardening Using Attack Graph Games. IJCAI. 526--532.

Digital Library

[13]

Vindu Goel and Nicole Perlroth . 2016 (accessed September 10, 2017). Yahoo Says 1 Billion User Accounts Were Hacked. https://www.nytimes.com/2016/12/14/technology/yahoo-hack.html

[14]

Ines Gutzmer . 2017 (accessed October 15, 2017). Equifax Announces Cybersecurity Incident Involving Consumer Information. https://investor.equifax.com/news-and-events/news/2017/09-07--2017--213000628

[15]

Sushil Jajodia, Noseong Park, Fabio Pierazzi, Andrea Pugliese, Edoardo Serra, Gerardo I Simari, and VS Subrahmanian . 2017. A Probabilistic Logic of Cyber Deception. IEEE Transactions on Information Forensics and Security, Vol. 12, 11 (2017), 2532--2544.

Digital Library

[16]

Rob Joyce . 2016. Disrupting Nation State Hackers. USENIX Association, San Francisco, CA.

[17]

Christopher Kiekintveld, Viliam Lisỳ, and Radek P'ıbil . 2015. Game-theoretic foundations for the strategic use of honeypots in network security. Cyber Warfare. Springer, 81--101.

[18]

Aron Laszka, Yevgeniy Vorobeychik, and Xenofon D Koutsoukos . 2015. Optimal Personalized Filtering Against Spear-Phishing Attacks. AAAI. 958--964.

Digital Library

[19]

Gordon Fyodor Lyon . 2009. Nmap network scanning: The official Nmap project guide to network discovery and security scanning. Insecure.

Digital Library

[20]

Mandiant . 2013. APT1: Exposing One of China's Cyber Espionage Units. (2013).

[21]

NIST . 2017. National Vulnerability Database. https://nvd.nist.gov/

[22]

Jeffrey Pawlick and Quanyan Zhu . 2015. Deception by design: evidence-based signaling games for network defense. arXiv preprint arXiv:1503.05458 (2015).

[23]

Radek Pıbil, Viliam Lisỳ, Christopher Kiekintveld, Branislav Bovsanskỳ, and Michal Pechoucek . 2012. Game theoretic model of strategic honeypot selection in computer networks. Decision and Game Theory for Security Vol. 7638 (2012), 201--220.

[24]

Aaron Schlenker, Haifeng Xu, Mina Guirguis, Chris Kiekintveld, Arunesh Sinha, Milind Tambe, Solomon Sonya, Darryl Balderas, and Noah Dunstatter . 2017. Don`t Bury your Head in Warnings: A Game-Theoretic Approach for Intelligent Allocation of Cyber-security Alerts. (2017).

[25]

Edoardo Serra, Sushil Jajodia, Andrea Pugliese, Antonino Rullo, and VS Subrahmanian . 2015. Pareto-optimal adversarial defense of enterprise systems. ACM Transactions on Information and System Security (TISSEC), Vol. 17, 3 (2015), 11.

Digital Library

[26]

Milind Tambe . 2011. Security and game theory: algorithms, deployed systems, lessons learned. Cambridge University Press.

Digital Library

Cited By

Thakoor OTambe MVayanos PXu HKiekintveld CElkind EVeloso MAgmon NTaylor M(2019)General-Sum Cyber Deception Games under Partial Attacker Valuation InformationProceedings of the 18th International Conference on Autonomous Agents and MultiAgent Systems10.5555/3306127.3332062(2215-2217)Online publication date: 8-May-2019
https://dl.acm.org/doi/10.5555/3306127.3332062
Shi ZTang ZTran-Thanh LSingh RFang F(2018)Designing the game to playProceedings of the 27th International Joint Conference on Artificial Intelligence10.5555/3304415.3304488(512-518)Online publication date: 13-Jul-2018
https://dl.acm.org/doi/10.5555/3304415.3304488

Index Terms

Deceiving Cyber Adversaries: A Game Theoretic Approach
1. Theory of computation
  1. Theory and algorithms for application domains
    1. Algorithmic game theory and mechanism design
      1. Algorithmic game theory

Recommendations

Countering ARP spoofing attacks in software-defined networks using a game-theoretic approach
Abstract
The Address Resolution Protocol (ARP) spoofing is a form of attack typically used by attackers to cause a denial of service or man-in-the-middle attacks. This attack comes from ARP weaknesses and aims to compromise victims' ARP caches by sending ...
Government regulations in cyber security: Framework, standards and recommendations
Abstract
Cyber security refers to the protection of Internet-connected systems, such as hardware, software as well as data (information) from cyber attacks (adversaries). A cyber security regulation is needed in order to protect information ...
Highlights
- We list and discuss the cyber attacks, security requirements and measures. We then discuss the cyber security incident management framework and its various ...
Strategic evolution of adversaries against temporal platform diversity active cyber defenses
ADS '14: Proceedings of the 2014 Symposium on Agent Directed Simulation

Adversarial dynamics are a critical facet within the cyber security domain, in which there exists a co-evolution between attackers and defenders in any given threat scenario. While defenders leverage capabilities to minimize the potential impact of an ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

AAMAS '18: Proceedings of the 17th International Conference on Autonomous Agents and MultiAgent Systems

July 2018

2312 pages

General Chairs:
Elisabeth Andre
Augsburg University, Germany
,
Sven Koenig
University of Southern California, USA
,
Program Chairs:
Mehdi Dastani
Utrecht University, Netherlands
,
Gita Sukthankar
University of Central Florida, USA

Sponsors

In-Cooperation

ACM: Association for Computing Machinery

Publisher

International Foundation for Autonomous Agents and Multiagent Systems

Richland, SC

Publication History

Published: 09 July 2018

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Army Research Office
Google
Office of Naval Research
National Science Foundation

Conference

AAMAS '18

Sponsor:

SIGAI

AAMAS '18: Autonomous Agents and MultiAgent Systems

July 10 - 15, 2018

Stockholm, Sweden

Acceptance Rates

AAMAS '18 Paper Acceptance Rate 149 of 607 submissions, 25%;

Overall Acceptance Rate 1,155 of 5,036 submissions, 23%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
541
Total Downloads

Downloads (Last 12 months)125
Downloads (Last 6 weeks)11

Reflects downloads up to 10 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Thakoor OTambe MVayanos PXu HKiekintveld CElkind EVeloso MAgmon NTaylor M(2019)General-Sum Cyber Deception Games under Partial Attacker Valuation InformationProceedings of the 18th International Conference on Autonomous Agents and MultiAgent Systems10.5555/3306127.3332062(2215-2217)Online publication date: 8-May-2019
https://dl.acm.org/doi/10.5555/3306127.3332062
Shi ZTang ZTran-Thanh LSingh RFang F(2018)Designing the game to playProceedings of the 27th International Joint Conference on Artificial Intelligence10.5555/3304415.3304488(512-518)Online publication date: 13-Jul-2018
https://dl.acm.org/doi/10.5555/3304415.3304488

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents