Abstract
Cyberattacks on both databases and critical infrastructure have threatened public and private sectors. Ubiquitous tracking and wearable computing have infringed upon privacy. Advocates and engineers have recently proposed using defensive deception as a means to leverage the information asymmetry typically enjoyed by attackers as a tool for defenders. The term deception, however, has been employed broadly and with a variety of meanings. In this article, we survey 24 articles from 2008 to 2018 that use game theory to model defensive deception for cybersecurity and privacy. Then, we propose a taxonomy that defines six types of deception: perturbation, moving target defense, obfuscation, mixing, honey-x, and attacker engagement. These types are delineated by their information structures, agents, actions, and duration: precisely concepts captured by game theory. Our aims are to rigorously define types of defensive deception, to capture a snapshot of the state of the literature, to provide a menu of models that can be used for applied research, and to identify promising areas for future work. Our taxonomy provides a systematic foundation for understanding different types of defensive deception commonly encountered in cybersecurity and privacy.
- George A. Akerlof and Robert J. Shiller. 2015. Phishing for Phools: The Economics of Manipulation and Deception. Princeton University Press.Google Scholar
- Tansu Alpcan and Tamer Basar. 2003. A game theoretic approach to decision and analysis in network intrusion detection. In Proceedings of the IEEE Conference on Decision and Control, vol. 3. IEEE, 2595--2600.Google ScholarCross Ref
- Mário S. Alvim, Konstantinos Chatzikokolakis, Yusuke Kawamoto, and Catuscia Palamidessi. 2017. Information leakage games. In Decision and Game Theory for Security. Springer, 437--457.Google Scholar
- Sharon Astyk, Aaron Newton, and Colin F. Camerer. 2010. Pinocchio’s pupil: Using eyetracking and pupil dilation to understand truth telling and deception in sender-receiver games. Amer. Econ. Rev. 100, 3 (2010), 984--1007.Google ScholarCross Ref
- Tamer Basar. 1983. The Gaussian test channel with an intelligent jammer. IEEE Trans. Info. Theory 29, 1 (1983), 152--157. Google ScholarDigital Library
- J. Bowyer Bell and Barton Whaley. 2017. Cheating and Deception. Routledge.Google Scholar
- Michael Bennett and Edward Waltz. 2007. Counterdeception Principles and Applications for National Security. Artech House.Google Scholar
- Sean Bodmer, Max Kilger, Gregory Carpenter, and Jade Jones. 2012. Reverse Deception: Organized Cyber Threat Counter-exploitation. McGraw Hill Professional.Google Scholar
- Charles F. Bond Jr. and Bella M. DePaulo. 2008. Individual differences in judging deception: Accuracy and bias. Psychol. Bull. 134, 4 (2008), 477.Google ScholarCross Ref
- Thomas E. Carroll and Daniel Grosu. 2011. A game theoretic investigation of deception in network security. Secur. Commun. Nets. 4, 10 (2011), 1162--1172.Google ScholarCross Ref
- Hayreddin Çeker, Jun Zhuang, Shambhu Upadhyaya, Quang Duy La, and Boon-Hee Soong. 2016. Deception-based game theoretical approach to mitigate DoS attacks. In Decision and Game Theory for Security. Springer, 18--38. Google ScholarDigital Library
- Michela Chessa, Jens Grossklags, and Patrick Loiseau. 2015. A game-theoretic study on non-monetary incentives in data analytics projects with privacy implications. In Proceedings of the IEEE Computer Security Foundations Symposium. 90--104. Google ScholarDigital Library
- Hugh Chisholm. 1911. Predicables. In Encyclopedia Britannica (11th ed.). Cambridge University Press.Google Scholar
- Andrew Clark, Quanyan Zhu, Radha Poovendran, and Tamer Başar. 2012. Deceptive routing in relay networks. In Decision and Game Theory for Security. Springer, 171--185.Google Scholar
- Hugh Cott. 1940. Adaptive Coloration in Animals. Methuen.Google Scholar
- Vincent P. Crawford and Joel Sobel. 1982. Strategic information transmission. Econometrica: J of the Econometric Soc. (1982), 1431--1451.Google Scholar
- Cuong T. Do, Nguyen H. Tran, Choongseon Hong, Charles A. Kamhoua, Kevin A. Kwiat, Erik Blasch, Shaolei Ren, Niki Pissinou, and Sundaraja Sitharama Iyengar. 2017. Game theory for cyber security and privacy. ACM Comput. Surveys 50, 2 (2017), 30. Google ScholarDigital Library
- Karel Durkota, Viliam Lisỳ, Branislav Bošanský, and Christopher Kiekintveld. 2015. Optimal network security hardening using attack graph games. In Proceedings of the International Joint Conference on Artificial Intelligence. 526--532. Google ScholarDigital Library
- Benjamin Edwards, Steven Hofmeyr, and Stephanie Forrest. 2016. Hype and heavy tails: A closer look at data breaches. J. Cybersecur. 2, 1 (2016), 3--14.Google ScholarCross Ref
- Xiaotao Feng, Zizhan Zheng, Prasant Mohapatra, and Derya Cansever. 2017. A Stackelberg game and Markov modeling of moving target defense. In Decision and Game Theory for Security. Springer, 315--335.Google Scholar
- K. J. Ferguson-Walter, D. S. LaFon, and T. B. Shade. 2017. Friend or “Faux”: Deception for cyber defense. J. Info. Warfare 16, 2 (2017), 28--42. https://www.jstor.org/stable/26502755.Google Scholar
- Jerzy Filar and Koos Vrieze. 2012. Competitive Markov Decision Processes. Springer Science 8 Business Media, New York.Google Scholar
- Urs Fischbacher and Franziska Föllmi-Heusi. 2013. Lies in disguise-an experimental study on cheating. J. Euro. Econ. Assoc. 11, 3 (2013), 525--547.Google ScholarCross Ref
- Julien Freudiger, Mohammad Hossein Manshaei, Jean-Pierre Hubaux, and David C. Parkes. 2009. On non-cooperative location privacy: A game-theoretic analysis. In Proceedings of the ACM Conference on Computer and Community Security. ACM, 324--337. Google ScholarDigital Library
- D. Fudenberg and J. Tirole. 1991. Game Theory. MIT Press.Google Scholar
- R. Edward Geiselman. 2012. The cognitive interview for suspects (CIS). Amer. Coll. Forensic Psychol. 30, 3 (2012), 1--16.Google Scholar
- Uri Gneezy. 2005. Deception: The role of consequences. Amer. Econ. Rev. 95, 1 (2005), 384--394.Google ScholarCross Ref
- Roy Godson and James J. Wirtz. 2011. Strategic Denial and Deception: The Twenty-first Century Challenge. Transaction Publishers.Google Scholar
- Benjamin Grosser. 2014. Privacy through visibility: Disrupting NSA surveillance with algorithmically generated “scary” stories. University of Wisconsin-Milwaukee. Retrieved from https://bengrosser.com/projects/scaremail/.Google Scholar
- Kristin E. Heckman, Frank J. Stech, Roshan K. Thomas, Ben Schmoker, and Alexander W. Tsow. 2015. Cyber Denial, Deception and Counter Deception. Springer. Google ScholarDigital Library
- Karel Horák, Quanyan Zhu, and Branislav Bošanský. 2017. Manipulating adversary’s belief: A dynamic game approach to deception by design in network security. In Decision and Game Theory for Security. Springer, 273--294.Google Scholar
- Daniel C. Howe and Helen Nissenbaum. 2009. TrackMeNot: Resisting surveillance in web search. Lessons Ident. Trail: Anon., Priv., Ident. Netw. Soc. 23 (2009), 417--436. Retrieved from http://www.nyu.edu/pages/projects/nissenbaum/papers/ch23(HoweNissenbaum)Web.pdf.Google Scholar
- Sjaak Hurkens and Navin Kartik. 2009. Would I lie to you? On social preferences and lying aversion. Exper. Econ. 12, 2 (2009), 180--192.Google ScholarCross Ref
- Manish Jain, Jason Tsai, James Pita, Christopher Kiekintveld, Shyamsunder Rathi, Milind Tambe, and Fernando Ordónez. 2010. Software assistants for randomized patrol planning for the LAX airport police and the Federal Air Marshal Service. Interfaces 40, 4 (2010), 267--290. Google ScholarDigital Library
- Navin Kartik. 2009. Strategic communication with lying costs. Rev. Econ. Studies 76, 4 (2009), 1359--1395.Google ScholarCross Ref
- Christopher Kiekintveld, Viliam Lisỳ, and Radek Píbil. 2015. Game-theoretic foundations for the strategic use of honeypots in network security. In Cyber Warfare. Springer, 81--101.Google Scholar
- Rongxing Lu, Xiaodong Lin, Tom H. Luan, Xiaohui Liang, and Xuemin Shen. 2012. Pseudonym changing at social spots: An effective strategy for location privacy in vanets. IEEE Trans Vehic. Technol. 61, 1 (2012), 86--96.Google ScholarCross Ref
- David T. Lykken. 1959. The GSR in the detection of guilt. J. Appl. Psychol. 43, 6 (1959), 385.Google ScholarCross Ref
- James Edwin Mahon. 2016. The definition of lying and deception. In The Stanford Encyclopedia of Philosophy (winter 2016 ed.), Edward N. Zalta (Ed.).Google Scholar
- Mohammad Hossein Manshaei, Quanyan Zhu, Tansu Alpcan, Tamer Bacşar, and Jean-Pierre Hubaux. 2013. Game theory meets network security and privacy. ACM Comput. Surveys 45, 3 (2013), 25. Google ScholarDigital Library
- Joseph Meyerowitz and Romit Roy Choudhury. 2009. Hiding stars with fireworks: Location privacy through camouflage. In Proceedings of the 15th annual International Conference on Mobile Computing and Networking. ACM, 345--356. Retrieved from http://dl.acm.org/citation.cfm?id=1614358. Google ScholarDigital Library
- Paul R. Milgrom. 1981. Good news and bad news: Representation theorems and applications. Bell J. Econ. 12, 2 (1981), 380--391.Google ScholarCross Ref
- MITRE. 2010. Science of cyber-security. https://fas.org/irp/agency/dod/jason/cyber.pdf.Google Scholar
- Amin Mohammadi, Mohammad Hossein Manshaei, Monireh Mohebbi Moghaddam, and Quanyan Zhu. 2016. A game-theoretic analysis of deception over social networks using fake avatars. In Decision and Game Theory for Security. Springer, 382--394. Google ScholarDigital Library
- Roger B. Myerson. 1991. Game Theory: Analysis of Conflict. Harvard University Press.Google Scholar
- John F. Nash. 1950. Equilibrium points in n-person games. Proc. Nat. Acad. Sci. U.S.A. 36, 1 (1950), 48--49.Google ScholarCross Ref
- NISO. 2005. Guidelines for the construction, format, and management of monolingual controlled vocabularies. https://groups.niso.org/apps/group_public/download.php/12591/z39-19-2005r2010.pdf.Google Scholar
- Helen Nissenbaum. 2004. Privacy as contextual integrity. Wash. Law Rev. 79 (2004), 119.Google Scholar
- Alessandro Oltramari, Lorrie Faith Cranor, Robert J. Walls, and Patrick D. McDaniel. 2014. Building an ontology of cyber security. In Proceedings of the Conference on Semantic Technology for Defense, Intelligence, and Security (STIDS’14). 54--61.Google Scholar
- Jeffrey Pawlick, Edward Colbert, and Quanyan Zhu. 2018. Modeling and analysis of leaky deception using signaling games with evidence. IEEE Trans. Inform. Forens. Secur. 14, 7 (2018), 1871--1886.Google ScholarCross Ref
- Jeffrey Pawlick, Sadegh Farhang, and Quanyan Zhu. 2015. Flip the cloud: Cyber-physical signaling games in the presence of advanced persistent threats. In Decision and Game Theory for Security. Springer, 289--308.Google Scholar
- Jeffrey Pawlick and Quanyan Zhu. 2015. Deception by design: Evidence-based signaling games for network defense. In Proceedings of the Workshop on the Economics of Inform. Security and Privacy. Delft, The Netherlands. http://arxiv.org/abs/1503.05458Google Scholar
- Jeffrey Pawlick and Quanyan Zhu. 2016. A Stackelberg game perspective on the conflict between machine learning and data obfuscation. In Proceedings of the IEEE Workshop on Information Forensics and Security. https://arxiv.org/abs/1608.02546Google ScholarCross Ref
- Jeffrey Pawlick and Quanyan Zhu. 2017a. A mean-field Stackelberg game approach for obfuscation adoption in empirical risk minimization. In Proceedings of the Global Signal and Information Processing Workshop on Control and Game Theoretic Approaches to Security and Privacy.Google ScholarCross Ref
- Jeffrey Pawlick and Quanyan Zhu. 2017b. Strategic trust in cloud-enabled cyber-physical systems with an application to glucose control. IEEE Trans Inform. Forens. Secur. 12, 12 (2017), 2906--2919.Google ScholarDigital Library
- Scott R. Peppet. 2014. Regulating the Internet of things: First steps toward managing discrimination, privacy, security and consent. Tex. L. Rev. 93 (2014), 85. Retrieved from http://heinonlinebackup.com/hol-cgi-bin/getpdf.cgi?handle=hein.J.s/tlr938section=5.Google Scholar
- Radek Píbil, Viliam Lisỳ, Christopher Kiekintveld, Branislav Bošanskỳ, and Michal Pechoucek. 2012. Game theoretic model of strategic honeypot selection in computer networks. In Decision and Game Theory for Security. Springer, 201--220.Google Scholar
- James Pita, Manish Jain, Janusz Marecki, Fernando Ordóñez, Christopher Portway, Milind Tambe, Craig Western, Praveen Paruchuri, and Sarit Kraus. 2008. Deployed ARMOR protection: The application of a game theoretic model for security at the los angeles intl. airport. In Proceedings of the 7th International Joint Conference on Autonomous Agents and Multiagent Systems: Industrial Track. International Foundation for Autonomous Agents and Multiagent Systems, 125--132. Google ScholarDigital Library
- Stefan Rass, Sandra König, and Stefan Schauer. 2017. On the cost of game playing: How to control the expenses in mixed strategies. In Decision and Game Theory for Security. Springer, 495--505.Google Scholar
- Hy Rothstein and Barton Whaley. 2013. The Art and Science of Military Deception. Artech House.Google Scholar
- Neil C. Rowe. 2006. A taxonomy of deception in cyberspace. In Proceedings of the International Conference on Information Warfare and Security (2006).Google Scholar
- Neil C. Rowe and Julian Rrushi. 2016. Introduction to Cyberdeception. Springer. Google ScholarDigital Library
- Sankardas Roy, Charles Ellis, Sajjan Shiva, Dipankar Dasgupta, Vivek Shandilya, and Qishi Wu. 2010. A survey of game theory as applied to network security. In Proceedings of the IEEE International Conference on System Sciences. 1--10. Google ScholarDigital Library
- Sailik Sengupta, Ankur Chowdhary, Dijiang Huang, and Subbarao Kambhampati. 2018. Moving target defense for the placement of intrusion detection systems in the cloud. In Decision and Game Theory for Security. Springer, 326--345.Google Scholar
- Eric Shieh, Bo An, Rong Yang, Milind Tambe, Craig Baldwin, Joseph DiRenzo, Ben Maule, and Garrett Meyer. 2012. Protect: A deployed game theoretic system to protect the ports of the United States. In Proceedings of the 11th International Conference on Autonomous Agents and Multiagent Systems—Volume 1. International Foundation for Autonomous Agents and Multiagent Systems, 13--20. Google ScholarDigital Library
- Reza Shokri. 2015. Privacy games: Optimal user-centric data obfuscation. Proc. Priv. Enhanc. Technol. 2 (2015), 299--315.Google ScholarCross Ref
- George Theodorakopoulos, Reza Shokri, Carmela Troncoso, Jean-Pierre Hubaux, and Jean-Yves Le Boudec. 2014. Prolonging the hide-and-seek game: Optimal trajectory privacy for location-based services. In Proceedings of the ACM Workshop on Privacy in the Electronic Society. 73--82. Google ScholarDigital Library
- Heinrich Von Stackelberg. 1934. Marktform und Gleichgewicht. Springer.Google Scholar
- Aldert Vrij, Samantha A. Mann, Ronald P. Fisher, Sharon Leal, Rebecca Milne, and Ray Bull. 2008. Increasing cognitive load to facilitate lie detection: The benefit of recalling an event in reverse order. Law Hum. Behav. 32, 3 (2008), 253--265.Google ScholarCross Ref
- Barton Whaley. 2016. Practise to Deceive: Learning Curves of Military Deception Planners. Naval Institute Press.Google Scholar
- Nan Zhang, Wei Yu, Xinwen Fu, and Sajal K. Das. 2010. gPath: A game-theoretic path selection algorithm to protect tor’s anonymity. In Decision and Game Theory for Security. Springer, 58--71. Google ScholarDigital Library
- Rui Zhang and Quanyan Zhu. 2015. Secure and resilient distributed machine learning under adversarial environments. In Proceedings of the 18th International Conference on Information Fusion (Fusion’15). IEEE, 644--651.Google Scholar
- Rui Zhang and Quanyan Zhu. 2017. A game-theoretic analysis of label flipping attacks on distributed support vector machines. In Proceedings of the 51st Annual Conference on Information Sciences and Systems (CISS’17). IEEE, 1--6.Google ScholarCross Ref
- Quanyan Zhu and Tamer Başar. 2013. Game-theoretic approach to feedback-driven multi-stage moving target defense. In Decision and Game Theory for Security. Springer, 246--263. Google ScholarDigital Library
- Quanyan Zhu, Andrew Clark, Radha Poovendran, and Tamer Başar. 2012. Deceptive routing games. In Proceedings of the IEEE Conference on Decision and Control. 2704--2711.Google ScholarCross Ref
- J. Zhuang, V. M. Bier, and O. Alagoz. 2010. Modeling secrecy and deception in a multiple-period attacker-defender signaling game. Eur. J. Operation. Res. 203, 2 (2010), 409--418.Google ScholarCross Ref
Index Terms
- A Game-theoretic Taxonomy and Survey of Defensive Deception for Cybersecurity and Privacy
Recommendations
Deception-Based Game Theoretical Approach to Mitigate DoS Attacks
GameSec 2016: 7th International Conference on Decision and Game Theory for Security - Volume 9996Denial of Service DoS attacks prevent legitimate users from accessing resources by compromising availability of a system. Despite advanced prevention mechanisms, DoS attacks continue to exist, and there is no widely-accepted solution. We propose a ...
Insider Threat Mitigation Using Moving Target Defense and Deception
MIST '17: Proceedings of the 2017 International Workshop on Managing Insider Security ThreatsThe insider threat has been subject of extensive study and many approaches from technical perspective to behavioral perspective and psychological perspective have been proposed to detect or mitigate it. However, it still remains one of the most ...
Cyber Deception Against Zero-Day Attacks: A Game Theoretic Approach
Decision and Game Theory for SecurityAbstractReconnaissance activities precedent other attack steps in the cyber kill chain. Zero-day attacks exploit unknown vulnerabilities and give attackers the upper hand against conventional defenses. Honeypots have been used to deceive attackers by ...
Comments