TY - GEN
T1 - Manipulating Adversary’s Belief
T2 - 8th International Conference on Decision and Game Theory for Security, GameSec 2017
AU - Horák, Karel
AU - Zhu, Quanyan
AU - Bošanský, Branislav
N1 - Publisher Copyright:
© 2017, Springer International Publishing AG.
PY - 2017
Y1 - 2017
N2 - Due to the sophisticated nature of current computer systems, traditional defense measures, such as firewalls, malware scanners, and intrusion detection/prevention systems, have been found inadequate. These technological systems suffer from the fact that a sophisticated attacker can study them, identify their weaknesses and thus get an advantage over the defender. To prevent this from happening a proactive cyber defense is a new defense mechanism in which we strategically engage the attacker by using cyber deception techniques, and we influence his actions by creating and reinforcing his view of the computer system. We apply the cyber deception techniques in the field of network security and study the impact of the deception on attacker’s beliefs using the quantitative framework of the game theory. We account for the sequential nature of an attack and investigate how attacker’s belief evolves and influences his actions. We show how the defender should manipulate this belief to prevent the attacker from achieving his goals and thus minimize the damage inflicted to the network. To design a successful defense based on cyber deception, it is crucial to employ strategic thinking and account explicitly for attacker’s belief that he is being exposed to deceptive attempts. By doing so, we can make the deception more believable from the perspective of the attacker.
AB - Due to the sophisticated nature of current computer systems, traditional defense measures, such as firewalls, malware scanners, and intrusion detection/prevention systems, have been found inadequate. These technological systems suffer from the fact that a sophisticated attacker can study them, identify their weaknesses and thus get an advantage over the defender. To prevent this from happening a proactive cyber defense is a new defense mechanism in which we strategically engage the attacker by using cyber deception techniques, and we influence his actions by creating and reinforcing his view of the computer system. We apply the cyber deception techniques in the field of network security and study the impact of the deception on attacker’s beliefs using the quantitative framework of the game theory. We account for the sequential nature of an attack and investigate how attacker’s belief evolves and influences his actions. We show how the defender should manipulate this belief to prevent the attacker from achieving his goals and thus minimize the damage inflicted to the network. To design a successful defense based on cyber deception, it is crucial to employ strategic thinking and account explicitly for attacker’s belief that he is being exposed to deceptive attempts. By doing so, we can make the deception more believable from the perspective of the attacker.
UR - http://www.scopus.com/inward/record.url?scp=85032873787&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85032873787&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-68711-7_15
DO - 10.1007/978-3-319-68711-7_15
M3 - Conference contribution
AN - SCOPUS:85032873787
SN - 9783319687100
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 273
EP - 294
BT - Decision and Game Theory for Security - 8th International Conference, GameSec 2017, Proceedings
A2 - Kiekintveld, Christopher
A2 - Schauer, Stefan
A2 - An, Bo
A2 - Rass, Stefan
A2 - Fang, Fei
PB - Springer Verlag
Y2 - 23 October 2017 through 25 October 2017
ER -