Manipulating Adversary’s Belief: A Dynamic Game Approach to Deception by Design for Proactive Network Security

Karel Horák, Quanyan Zhu, Branislav Bošanský

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Due to the sophisticated nature of current computer systems, traditional defense measures, such as firewalls, malware scanners, and intrusion detection/prevention systems, have been found inadequate. These technological systems suffer from the fact that a sophisticated attacker can study them, identify their weaknesses and thus get an advantage over the defender. To prevent this from happening a proactive cyber defense is a new defense mechanism in which we strategically engage the attacker by using cyber deception techniques, and we influence his actions by creating and reinforcing his view of the computer system. We apply the cyber deception techniques in the field of network security and study the impact of the deception on attacker’s beliefs using the quantitative framework of the game theory. We account for the sequential nature of an attack and investigate how attacker’s belief evolves and influences his actions. We show how the defender should manipulate this belief to prevent the attacker from achieving his goals and thus minimize the damage inflicted to the network. To design a successful defense based on cyber deception, it is crucial to employ strategic thinking and account explicitly for attacker’s belief that he is being exposed to deceptive attempts. By doing so, we can make the deception more believable from the perspective of the attacker.

Original languageEnglish (US)
Title of host publicationDecision and Game Theory for Security - 8th International Conference, GameSec 2017, Proceedings
PublisherSpringer Verlag
Pages273-294
Number of pages22
Volume10575 LNCS
ISBN (Print)9783319687100
DOIs
StatePublished - 2017
Event8th International Conference on Decision and Game Theory for Security, GameSec 2017 - Vienna, Austria
Duration: Oct 23 2017Oct 25 2017

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume10575 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other8th International Conference on Decision and Game Theory for Security, GameSec 2017
CountryAustria
CityVienna
Period10/23/1710/25/17

Fingerprint

Deception
Dynamic Games
Network Security
Network security
Computer systems
Computer system firewalls
Game theory
Intrusion detection
Firewall
Malware
Intrusion Detection
Game Theory
Scanner
Damage
Attack
Beliefs
Design
Minimise

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

Horák, K., Zhu, Q., & Bošanský, B. (2017). Manipulating Adversary’s Belief: A Dynamic Game Approach to Deception by Design for Proactive Network Security. In Decision and Game Theory for Security - 8th International Conference, GameSec 2017, Proceedings (Vol. 10575 LNCS, pp. 273-294). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10575 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-319-68711-7_15

Manipulating Adversary’s Belief : A Dynamic Game Approach to Deception by Design for Proactive Network Security. / Horák, Karel; Zhu, Quanyan; Bošanský, Branislav.

Decision and Game Theory for Security - 8th International Conference, GameSec 2017, Proceedings. Vol. 10575 LNCS Springer Verlag, 2017. p. 273-294 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 10575 LNCS).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Horák, K, Zhu, Q & Bošanský, B 2017, Manipulating Adversary’s Belief: A Dynamic Game Approach to Deception by Design for Proactive Network Security. in Decision and Game Theory for Security - 8th International Conference, GameSec 2017, Proceedings. vol. 10575 LNCS, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 10575 LNCS, Springer Verlag, pp. 273-294, 8th International Conference on Decision and Game Theory for Security, GameSec 2017, Vienna, Austria, 10/23/17. https://doi.org/10.1007/978-3-319-68711-7_15
Horák K, Zhu Q, Bošanský B. Manipulating Adversary’s Belief: A Dynamic Game Approach to Deception by Design for Proactive Network Security. In Decision and Game Theory for Security - 8th International Conference, GameSec 2017, Proceedings. Vol. 10575 LNCS. Springer Verlag. 2017. p. 273-294. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). https://doi.org/10.1007/978-3-319-68711-7_15
Horák, Karel ; Zhu, Quanyan ; Bošanský, Branislav. / Manipulating Adversary’s Belief : A Dynamic Game Approach to Deception by Design for Proactive Network Security. Decision and Game Theory for Security - 8th International Conference, GameSec 2017, Proceedings. Vol. 10575 LNCS Springer Verlag, 2017. pp. 273-294 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
@inproceedings{a8b8337e93fb4150ad985c44f1de1a68,
title = "Manipulating Adversary’s Belief: A Dynamic Game Approach to Deception by Design for Proactive Network Security",
abstract = "Due to the sophisticated nature of current computer systems, traditional defense measures, such as firewalls, malware scanners, and intrusion detection/prevention systems, have been found inadequate. These technological systems suffer from the fact that a sophisticated attacker can study them, identify their weaknesses and thus get an advantage over the defender. To prevent this from happening a proactive cyber defense is a new defense mechanism in which we strategically engage the attacker by using cyber deception techniques, and we influence his actions by creating and reinforcing his view of the computer system. We apply the cyber deception techniques in the field of network security and study the impact of the deception on attacker’s beliefs using the quantitative framework of the game theory. We account for the sequential nature of an attack and investigate how attacker’s belief evolves and influences his actions. We show how the defender should manipulate this belief to prevent the attacker from achieving his goals and thus minimize the damage inflicted to the network. To design a successful defense based on cyber deception, it is crucial to employ strategic thinking and account explicitly for attacker’s belief that he is being exposed to deceptive attempts. By doing so, we can make the deception more believable from the perspective of the attacker.",
author = "Karel Hor{\'a}k and Quanyan Zhu and Branislav Bošansk{\'y}",
year = "2017",
doi = "10.1007/978-3-319-68711-7_15",
language = "English (US)",
isbn = "9783319687100",
volume = "10575 LNCS",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer Verlag",
pages = "273--294",
booktitle = "Decision and Game Theory for Security - 8th International Conference, GameSec 2017, Proceedings",
address = "Germany",

}

TY - GEN

T1 - Manipulating Adversary’s Belief

T2 - A Dynamic Game Approach to Deception by Design for Proactive Network Security

AU - Horák, Karel

AU - Zhu, Quanyan

AU - Bošanský, Branislav

PY - 2017

Y1 - 2017

N2 - Due to the sophisticated nature of current computer systems, traditional defense measures, such as firewalls, malware scanners, and intrusion detection/prevention systems, have been found inadequate. These technological systems suffer from the fact that a sophisticated attacker can study them, identify their weaknesses and thus get an advantage over the defender. To prevent this from happening a proactive cyber defense is a new defense mechanism in which we strategically engage the attacker by using cyber deception techniques, and we influence his actions by creating and reinforcing his view of the computer system. We apply the cyber deception techniques in the field of network security and study the impact of the deception on attacker’s beliefs using the quantitative framework of the game theory. We account for the sequential nature of an attack and investigate how attacker’s belief evolves and influences his actions. We show how the defender should manipulate this belief to prevent the attacker from achieving his goals and thus minimize the damage inflicted to the network. To design a successful defense based on cyber deception, it is crucial to employ strategic thinking and account explicitly for attacker’s belief that he is being exposed to deceptive attempts. By doing so, we can make the deception more believable from the perspective of the attacker.

AB - Due to the sophisticated nature of current computer systems, traditional defense measures, such as firewalls, malware scanners, and intrusion detection/prevention systems, have been found inadequate. These technological systems suffer from the fact that a sophisticated attacker can study them, identify their weaknesses and thus get an advantage over the defender. To prevent this from happening a proactive cyber defense is a new defense mechanism in which we strategically engage the attacker by using cyber deception techniques, and we influence his actions by creating and reinforcing his view of the computer system. We apply the cyber deception techniques in the field of network security and study the impact of the deception on attacker’s beliefs using the quantitative framework of the game theory. We account for the sequential nature of an attack and investigate how attacker’s belief evolves and influences his actions. We show how the defender should manipulate this belief to prevent the attacker from achieving his goals and thus minimize the damage inflicted to the network. To design a successful defense based on cyber deception, it is crucial to employ strategic thinking and account explicitly for attacker’s belief that he is being exposed to deceptive attempts. By doing so, we can make the deception more believable from the perspective of the attacker.

UR - http://www.scopus.com/inward/record.url?scp=85032873787&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85032873787&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-68711-7_15

DO - 10.1007/978-3-319-68711-7_15

M3 - Conference contribution

AN - SCOPUS:85032873787

SN - 9783319687100

VL - 10575 LNCS

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 273

EP - 294

BT - Decision and Game Theory for Security - 8th International Conference, GameSec 2017, Proceedings

PB - Springer Verlag

ER -