Skip to main content
SpringerLink
Log in

Dynamic Bayesian Games for Adversarial and Defensive Cyber Deception

  • Chapter
  • First Online:
Autonomous Cyber Deception

Abstract

Security challenges accompany the efficiency. The pervasive integration of information and communications technologies (ICTs) makes cyber-physical systems vulnerable to targeted attacks that are deceptive, persistent, adaptive, and strategic. Attack instances such as Stuxnet, Dyn, and WannaCry ransomware have shown the insufficiency of off-the-shelf defensive methods including the firewall and intrusion detection systems. Hence, it is essential to design up-to-date security mechanisms that can mitigate the risks despite the successful infiltration and the strategic response of sophisticated attackers.

In this chapter, we use game theory to model competitive interactions between defenders and attackers. First, we use the static Bayesian game to capture the stealthy and deceptive characteristics of the attacker. A random variable called the type characterizes users’ essences and objectives, e.g., a legitimate user or an attacker. The realization of the user’s type is private information due to the cyber deception. Then, we extend the one-shot simultaneous interaction into the one-shot interaction with asymmetric information structure, i.e., the signaling game. Finally, we investigate the multi-stage transition under a case study of Advanced Persistent Threats (APTs) and Tennessee Eastman (TE) process. Two-sided incomplete information is introduced because the defender can adopt defensive deception techniques such as honeyfiles and honeypots to create sufficient amount of uncertainties for the attacker. Throughout this chapter, the analysis of the Nash equilibrium (NE), Bayesian Nash equilibrium (BNE), and perfect Bayesian Nash equilibrium (PBNE) enables the policy prediction of the adversary and the design of proactive and strategic defenses to deter attackers and mitigate losses.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 59.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD 79.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Change history

  • 01 February 2020

    This book was inadvertently published as an authored work with the chapter authors mentioned in the footnotes of the chapter opening pages. This has now been updated and the chapter authors have been mentioned in the respective chapter opening pages as mentioned below:

Notes

  1. 1.

    https://en.wikipedia.org/wiki/List_of_cyberattacks.

  2. 2.

    https://yalmip.github.io/.

  3. 3.

    https://www.mathworks.com/help/optim/ug/fmincon.html.

References

  1. Aghassi, M., Bertsimas, D.: Robust game theory. Mathematical Programming 107(1–2), 231–273 (2006)

    Article  MathSciNet  Google Scholar 

  2. Akerlof, G.A., Shiller, R.J.: Phishing for phools: The economics of manipulation and deception. Princeton University Press (2015)

    Google Scholar 

  3. Axelsson, S.: Intrusion detection systems: A survey and taxonomy. Tech. rep., Technical report (2000)

    Google Scholar 

  4. Chen, J., Zhu, Q.: Security investment under cognitive constraints: A gestalt Nash equilibrium approach. In: Information Sciences and Systems (CISS), 2018 52nd Annual Conference on, pp. 1–6. IEEE (2018)

    Google Scholar 

  5. Coppolino, L., D’Antonio, S., Romano, L., Spagnuolo, G.: An intrusion detection system for critical information infrastructures using wireless sensor network technologies. In: Critical Infrastructure (CRIS), 2010 5th International Conference on, pp. 1–8. IEEE (2010)

    Google Scholar 

  6. Corporation, S.: Advanced persistent threats: A symantec perspective. URL https://www.symantec.com/content/en/us/enterprise/white_papers/b-advanced_persistent_threats_WP_21215957.en-us.pdf

  7. Farhang, S., Manshaei, M.H., Esfahani, M.N., Zhu, Q.: A dynamic Bayesian security game framework for strategic defense mechanism design. In: Decision and Game Theory for Security, pp. 319–328. Springer (2014)

    Google Scholar 

  8. Harsanyi, J.C.: Games with incomplete information played by “Bayesian” players, i–iii part i. the basic model. Management science 14(3), 159–182 (1967)

    Article  MathSciNet  Google Scholar 

  9. Horák, K., Zhu, Q., Bošanskỳ, B.: Manipulating adversary’s belief: A dynamic game approach to deception by design for proactive network security. In: International Conference on Decision and Game Theory for Security, pp. 273–294. Springer (2017)

    Google Scholar 

  10. Huang, L., Chen, J., Zhu, Q.: A large-scale Markov game approach to dynamic protection of interdependent infrastructure networks. In: International Conference on Decision and Game Theory for Security, pp. 357–376. Springer (2017)

    Google Scholar 

  11. Huang, L., Zhu, Q.: Adaptive strategic cyber defense for advanced persistent threats in critical infrastructure networks. In: ACM SIGMETRICS Performance Evaluation Review (2018)

    Google Scholar 

  12. Huang, L., Zhu, Q.: Analysis and computation of adaptive defense strategies against advanced persistent threats for cyber-physical systems. In: International Conference on Decision and Game Theory for Security (2018)

    Google Scholar 

  13. Jajodia, S., Ghosh, A.K., Swarup, V., Wang, C., Wang, X.S.: Moving target defense: creating asymmetric uncertainty for cyber threats, vol. 54. Springer Science & Business Media (2011)

    Google Scholar 

  14. Jajodia, S., Shakarian, P., Subrahmanian, V., Swarup, V., Wang, C.: Cyber warfare: building the scientific foundation, vol. 56. Springer (2015)

    Google Scholar 

  15. Lei, C., Ma, D.H., Zhang, H.Q.: Optimal strategy selection for moving target defense based on Markov game. IEEE Access 5, 156–169 (2017)

    Article  Google Scholar 

  16. Mahon, J.E.: The definition of lying and deception. In: E.N. Zalta (ed.) The Stanford Encyclopedia of Philosophy, winter 2016 edn. Metaphysics Research Lab, Stanford University (2016)

    Google Scholar 

  17. Maleki, H., Valizadeh, S., Koch, W., Bestavros, A., van Dijk, M.: Markov modeling of moving target defense games. In: Proceedings of the 2016 ACM Workshop on Moving Target Defense, pp. 81–92. ACM (2016)

    Google Scholar 

  18. Manshaei, M.H., Zhu, Q., Alpcan, T., Bacşar, T., Hubaux, J.P.: Game theory meets network security and privacy. ACM Computing Surveys (CSUR) 45(3), 25 (2013)

    Article  Google Scholar 

  19. Miao, F., Zhu, Q., Pajic, M., Pappas, G.J.: A hybrid stochastic game for secure control of cyber-physical systems. Automatica 93, 55–63 (2018)

    Article  MathSciNet  Google Scholar 

  20. Pawlick, J., Colbert, E., Zhu, Q.: A game-theoretic taxonomy and survey of defensive deception for cybersecurity and privacy. arXiv preprint arXiv:1712.05441 (2017)

    Google Scholar 

  21. Pawlick, J., Colbert, E., Zhu, Q.: Modeling and analysis of leaky deception using signaling games with evidence. arXiv preprint arXiv:1804.06831 (2018)

    Google Scholar 

  22. Pawlick, J., Zhu, Q.: Deception by design: evidence-based signaling games for network defense. arXiv preprint arXiv:1503.05458 (2015)

    Google Scholar 

  23. Pawlick, J., Zhu, Q.: A Mean-Field Stackelberg Game Approach for Obfuscation Adoption in Empirical Risk Minimization. arXiv preprint arXiv:1706.02693 (2017). URL https://arxiv.org/abs/1706.02693

  24. Pawlick, J., Zhu, Q.: Proactive defense against physical denial of service attacks using Poisson signaling games. In: International Conference on Decision and Game Theory for Security, pp. 336–356. Springer (2017)

    Google Scholar 

  25. Rass, S., Alshawish, A., Abid, M.A., Schauer, S., Zhu, Q., De Meer, H.: Physical intrusion games–optimizing surveillance by simulation and game theory. IEEE Access 5, 8394–8407 (2017)

    Article  Google Scholar 

  26. Ricker, N.L.: Tennessee Eastman Challenge Archive. http://depts.washington.edu/control/LARRY/TE/download.html (2013)

  27. Xu, Z., Zhu, Q.: A Game-Theoretic Approach to Secure Control of Communication-Based Train Control Systems Under Jamming Attacks. In: Proceedings of the 1st International Workshop on Safe Control of Connected and Autonomous Vehicles, pp. 27–34. ACM (2017). URL http://dl.acm.org/citation.cfm?id=3055381

  28. Zhang, T., Zhu, Q.: Strategic defense against deceptive civilian GPS spoofing of unmanned aerial vehicles. In: International Conference on Decision and Game Theory for Security, pp. 213–233. Springer (2017)

    Google Scholar 

  29. Zhu, Q., Başar, T.: Game-theoretic approach to feedback-driven multi-stage moving target defense. In: International Conference on Decision and Game Theory for Security, pp. 246–263. Springer (2013)

    Google Scholar 

  30. Zhu, Q., Clark, A., Poovendran, R., Basar, T.: Deployment and exploitation of deceptive honeybots in social networks. In: Decision and Control (CDC), 2013 IEEE 52nd Annual Conference on, pp. 212–219. IEEE (2013)

    Google Scholar 

  31. Zhu, Q., Rass, S.: On multi-phase and multi-stage game-theoretic modeling of advanced persistent threats. IEEE Access 6, 13958–13971 (2018)

    Article  Google Scholar 

  32. Zhuang, J., Bier, V.M., Alagoz, O.: Modeling secrecy and deception in a multiple-period attacker–defender signaling game. European Journal of Operational Research 203(2), 409–418 (2010)

    Article  MathSciNet  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Electrical and Computer Engineering, New York University, Brooklyn, NY, USA

    Linan Huang & Quanyan Zhu

Authors
  1. Linan Huang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Quanyan Zhu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Quanyan Zhu .

Editor information

Editors and Affiliations

  1. Department of Software & Information System, University of North Carolina Charlotte, Charlotte, NC, USA

    Ehab Al-Shaer

  2. Department of Software and Information System, University of North Carolina, Charlotte, NC, USA

    Jinpeng Wei

  3. Computer Science Department, University of Texas at Dallas, Richardson, TX, USA

    Kevin W. Hamlen

  4. Computing and Information Science Division, Army Research Office, Durham, NC, USA

    Cliff Wang

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Huang, L., Zhu, Q. (2019). Dynamic Bayesian Games for Adversarial and Defensive Cyber Deception. In: Al-Shaer, E., Wei, J., Hamlen, K., Wang, C. (eds) Autonomous Cyber Deception. Springer, Cham. https://doi.org/10.1007/978-3-030-02110-8_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-02110-8_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-02109-2

  • Online ISBN: 978-3-030-02110-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation