Toward a Game-Theoretic Foundation for Analysis and Design of Cyber Deception and Counter-Deception

Abstract

Attackers often have an advantage in the cyberspace due to the asymmetry in information and cost between an adversary and a defender. Deception is a game changer that can increase an adversary s uncertainty of the system and the cost of attack to disrupt and deter the adversarial behavior. The challenge to study cyber deception arises from the pivotal need for a quantitative framework for the analysis and design of deception and counter-deception mechanisms. This project leverages a class of dynamic games with incomplete information to build analytical frameworks to capture the strategic interactions between the players, the asymmetry in information and cost, cognitive limitations, and the multi-stage nature of cyber interactions. The proposed framework builds on the multi-stage signaling game to capture the multiple rounds of interactions between an attacker and a defender and enable the feedback-driven learning and adaptation over the stages. The project aims to develop a cognition-aware dynamic mechanism design theory to provide underpinning principles and computational methodologies to design proactive defense. The project studies two main mechanisms. One is an evidence-based method that extends the framework with evidence by incorporating detectors using side-channel information. The other one is a cost-based method that studies the cost structure of the players. The two approaches are integrated together to build a feedback-driven deception framework that can adapt defense strategies and build inherent resilience to unanticipated attacks. The developed tools will be applied to tackle the phishing problems and the honeypot deployment in computer networks, creating proactive solutions of crowd defense and moving target defense. Building on the solid foundation of game theory and control theory, the project develops a mechanism design theory that will enable quantitative analysis and design of deception mechanisms, bridging the gaps among engineering, computer science, cognitive science, social and economic sciences. The project consists of four main proposed objectives: 1. Establish dynamic deception and counter-deception game frameworks and develop model-predictive algorithms to compute the equilibrium solutions of the multi-stage deception games and characterize the fundamental limits of deception in cyberspace. 2. Incorporate bounded rationality into the framework to understand the impact of cognitive limits on the outcome of deception and develop cognition-aware solution concepts and mechanisms. 3. Develop a dynamic mechanism design theory using evidence- and cost-based approaches, and leverage learning techniques to build a feedback-driven cognitive framework for adaptive security. 4. Leverage the developed mechanism design theory to create synergetic design methods for crowd defense and moving target defense strategies for phishing attacks and honeypot deployment. This project guides the development of effective deception strategies that will lead to game-changing technologies to secure the cyberspace. The results will have a significant and fundamental impact on advancing the scientific knowledge and the technology of protecting and advancing our nation s cyber infrastructure. The project will generate new knowledge and techniques that crosscut the boundary of traditional fields such as economics, system engineering, and computer science. The impact of the developed methodology and theory will go beyond the field of cyber security to assist scientists in the fields of economics, behavioral and social psychology who study lie detection, and self-deception...

Document Details

Document Type

DoD Grant Award

Publication Date

Feb 14, 2019

Source ID

W911NF1910041

Entities

Tags