Visible to the public General-Sum Cyber Deception Games under Partial Attacker Valuation InformationConflict Detection Enabled

TitleGeneral-Sum Cyber Deception Games under Partial Attacker Valuation Information
Publication TypeJournal Article
Year of Publication2019
AuthorsOmkar Thakoor, Milind Tambe, Phebe Vayanos, Haifeng Xu, Christopher Kiekintveld
JournalCais USC
KeywordsArticles of Interest, C3E 2019, Cognitive Security, Cognitive Security in Cyber, cyber deception, Partial Attacker Valuation

The rapid increase in cybercrime, causing a reported annual economic loss of $600 billion [20], has prompted a critical need for effective cyber defense. Strategic criminals conduct network reconnaissance prior to executing attacks to avoid detection and establish situational awareness via scanning and fingerprinting tools. Cyber deception attempts to foil these reconnaissance efforts; by disguising network and system attributes, among several other techniques. Cyber Deception Games (CDG) is a game-theoretic model for optimizing strategic deception, and can apply to various deception methods. Recently introduced initial model for CDGs assumes zero-sum payoffs, implying directly conflicting attacker motives, and perfect defender knowledge on attacker preferences. These unrealistic assumptions are fundamental limitations of the initial zero-sum model, which we address by proposing a general-sum model that can also handle uncertainty in the defender's knowledge.

Citation Keynode-62501