Game Theoretic Cyber Deception to Foil Adversarial Network Reconnaissance
| Autor: | Aaron Schlenker, Omkar Thakoor, Haifeng Xu, Milind Tambe, Phebe Vayanos, Fei Fang |
|---|---|
| Rok vydání: | 2020 |
| Předmět: | |
| Zdroj: | Adaptive Autonomous Secure Cyber Systems ISBN: 9783030334314 Adaptive Autonomous Secure Cyber Systems |
| Popis: | Cyber adversaries are known to complete network attacks after lengthy reconnaissance phases where they map out the vulnerabilities present inside an enterprise network to find the best route of compromise. Using deceptive responses to alter the perceived configurations (system characteristics) of hosts observed from reconnaissance activities gives the network administrator the ability to increase uncertainty to an adversary attempting to compromise the network. We introduce a novel game-theoretic model of deceptive interactions of this kind between a defender and a cyber attacker, which we call the Cyber Deception Game. This work considers both a powerful (rational) attacker, who is aware of the deception and has a robust amount of information of the defender’s deception strategy, and a naive attacker who is not aware with fixed preferences over observed network hosts. We show that computing the optimal deception strategy for the network administrator is NP-hard for both types of attackers. For the case with a powerful attacker, we provide two solution techniques that use mixed-integer linear programming, a reformulation method and a bisection algorithm, as well as a fast and effective greedy algorithm. Similarly, we provide complexity results and propose exact and heuristic approaches when the attacker is naive. Our extensive experimental analysis demonstrates the effectiveness of our approaches. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|