A game-theoretic taxonomy and survey of defensive deception for cybersecurity and privacy

Jeffrey Pawlick, Edward Colbert, Quanyan Zhu

Research output: Contribution to journalArticlepeer-review

Abstract

Cyberattacks on both databases and critical infrastructure have threatened public and private sectors. Ubiquitous tracking and wearable computing have infringed upon privacy. Advocates and engineers have recently proposed using defensive deception as a means to leverage the information asymmetry typically enjoyed by attackers as a tool for defenders. The term deception, however, has been employed broadly and with a variety of meanings. In this article, we survey 24 articles from 2008 to 2018 that use game theory to model defensive deception for cybersecurity and privacy. Then, we propose a taxonomy that defines six types of deception: perturbation, moving target defense, obfuscation, mixing, honey-x, and attacker engagement. These types are delineated by their information structures, agents, actions, and duration: precisely concepts captured by game theory. Our aims are to rigorously define types of defensive deception, to capture a snapshot of the state of the literature, to provide a menu of models that can be used for applied research, and to identify promising areas for future work. Our taxonomy provides a systematic foundation for understanding different types of defensive deception commonly encountered in cybersecurity and privacy.

Original languageEnglish (US)
Article number82
JournalACM Computing Surveys
Volume52
Issue number4
DOIs
StatePublished - Aug 2019

Keywords

  • Attacker engagement
  • Cybersecurity
  • Deception
  • Game theory
  • Honeypot
  • Mix network
  • Moving target defense
  • Obfuscation
  • Perturbation
  • Privacy
  • Survey
  • Taxonomy

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint Dive into the research topics of 'A game-theoretic taxonomy and survey of defensive deception for cybersecurity and privacy'. Together they form a unique fingerprint.

Cite this