A Framework for Asymmetric Information Interactions among (Cyber) Defenders and Attackers
Abstract
Engaging and deceiving attackers into intruding controlled systems and accessing obfuscated data offers a proactive approach to computer and information security. It wastes attacker resources and potentially misleads the attacker. Importantly, it also offers an untapped opportunity to understand attackers beliefs,capabilities, and preferences and how they evolve by sifting and mining the detailed activity logs. Identifying these mental and physical states not only informs the defender about the attackers intent, but also guides new ways of deceiving the attacker . In order to establish a formal understanding of deception, this research will build a general framework for computationally modeling interactions between asymmetric adversaries, which, among other uses, is expected to offer a principled basis for deception. The framework will be used to study various interactions between cyber defenders and attackers, with the ultimate goal of foundationally modeling cyber deception and improving its efficacy
Document Details
- Document Type
- Technical Report
- Publication Date
- Jan 12, 2023
- Accession Number
- AD1201078
Entities
People
- Prashant Doshi
Organizations
- University of Georgia Research Foundation