@article{d47f4b25927e49a3a8804ceab0589316,
title = "A game-theoretic taxonomy and survey of defensive deception for cybersecurity and privacy",
abstract = "Cyberattacks on both databases and critical infrastructure have threatened public and private sectors. Ubiquitous tracking and wearable computing have infringed upon privacy. Advocates and engineers have recently proposed using defensive deception as a means to leverage the information asymmetry typically enjoyed by attackers as a tool for defenders. The term deception, however, has been employed broadly and with a variety of meanings. In this article, we survey 24 articles from 2008 to 2018 that use game theory to model defensive deception for cybersecurity and privacy. Then, we propose a taxonomy that defines six types of deception: perturbation, moving target defense, obfuscation, mixing, honey-x, and attacker engagement. These types are delineated by their information structures, agents, actions, and duration: precisely concepts captured by game theory. Our aims are to rigorously define types of defensive deception, to capture a snapshot of the state of the literature, to provide a menu of models that can be used for applied research, and to identify promising areas for future work. Our taxonomy provides a systematic foundation for understanding different types of defensive deception commonly encountered in cybersecurity and privacy.",
keywords = "Attacker engagement, Cybersecurity, Deception, Game theory, Honeypot, Mix network, Moving target defense, Obfuscation, Perturbation, Privacy, Survey, Taxonomy",
author = "Jeffrey Pawlick and Edward Colbert and Quanyan Zhu",
note = "Funding Information: This work is partially supported by an NSF IGERT grant through the Center for Interdisciplinary Studies in Security and Privacy (CRISSP) at New York University, by the grant CNS-1544782, EFRI-1441140, and SES-1541164 from National Science Foundation (NSF) and DE-NE0008571 from the Department of Energy. Research was also sponsored by the Army Research Laboratory and was accomplished under Cooperative Agreement Number W911NF-17-2-0104. The views and conclusions contained in this document are those of the authors and should not be interpreted as representing the official policies, either expressed or implied, of the Army Research Laboratory or the U.S. Government. The U.S. Government is authorized to reproduce and distribute reprints for Government purposes notwithstanding any copyright notation herein. Finally, the authors thank visiting student Richard Minicus for his contributions to the literature survey. Authors{\textquoteright} addresses: J. Pawlick, Department of Electrical and Computer Engineering, New York University Tandon School of Engineering, 5 MetroTech Center, Brooklyn, NY, USA, and US Army Research Laboratory, 2800 Powder Mill Road, Adelphi, MD, USA; email: jpawlick@nyu.edu; E. Colbert, US Army Research Laboratory, and Virgina Tech Intelligent Systems Laboratory, Hume Center for National Security and Technology, 900 N. Glebe Road, Arlington, VA, USA; email: ecolbert@vt.edu; Q. Zhu, Department of Electrical and Computer Engineering, New York University Tandon School of Engineering; email: quanyan.zhu@nyu.edu. ACM acknowledges that this contribution was authored or co-authored by an employee, contractor, or affiliate of the United States government. As such, the United States government retains a nonexclusive, royalty-free right to publish or reproduce this article, or to allow others to do so, for government purposes only. {\textcopyright} 2019 Association for Computing Machinery. 0360-0300/2019/08-ART82 $15.00 https://doi.org/10.1145/3337772 Publisher Copyright: {\textcopyright} 2019 Association for Computing Machinery.",
year = "2019",
month = aug,
doi = "10.1145/3337772",
language = "English (US)",
volume = "52",
journal = "ACM Computing Surveys",
issn = "0360-0300",
publisher = "Association for Computing Machinery (ACM)",
number = "4",
}