Game Theory for Cyber Deception
From Theory to Applications
- 2021
- Buch
- Verfasst von
- Jeffrey Pawlick
- Quanyan Zhu
- Verlag
- Springer International Publishing
Über dieses Buch
Dieses Buch führt in die Spieltheorie ein, um Cyber-Täuschungen zu konzipieren, zu modellieren und zu analysieren. Aufbauend auf einer Sammlung von Täuschungsforschungen der letzten 10 Jahre entwickeln die Autoren eine Taxonomie von sechs Arten defensiver Cyber-Täuschung. Drei dieser sechs Arten werden im Kontext sich abzeichnender Probleme hervorgehoben, wie Datenschutz gegen allgegenwärtiges Tracking im Internet der Dinge (IoT), dynamische Honignetze zur Beobachtung fortgeschrittener persistenter Bedrohungen (APTs) und aktive Verteidigung gegen physische Denial-of-Service-Angriffe (PDoS). Aufgrund seiner einzigartig gründlichen Behandlung der Cyber-Täuschung wird dieses Buch als zeitnaher Beitrag und wertvolle Ressource in diesem aktiven Bereich dienen. Die Eröffnungskapitel stellen sowohl die Cybersicherheit in einer Weise vor, die für Spieltheoretiker geeignet ist, als auch die Spieltheorie, die für Cybersicherheitsexperten geeignet ist. Kapitel Vier führt die Leser dann durch das spezifische Gebiet der defensiven Cyber-Täuschung. Ein zentrales Merkmal der verbleibenden Kapitel ist die Entwicklung eines Signalspielmodells für die Arten der undichten Täuschung in Honigtöpfen und Honigdateien. Dieses Modell wird erweitert, um Interaktionen zwischen mehreren Agenten mit unterschiedlichen Fähigkeiten zur Erkennung von Täuschungen zu untersuchen. Game Theory for Cyber Deception wird fortgeschrittene Studenten, Doktoranden und Forscher ansprechen, die daran interessiert sind, die Spieltheorie auf die Cybersicherheit anzuwenden. Es wird auch für Forscher und Fachleute, die sich mit Cybersicherheit beschäftigen und eine Einführung in die Spieltheorie suchen, von Nutzen sein.
Mit KI übersetzt
Über dieses Buch
This book introduces game theory as a means to conceptualize, model, and analyze cyber deception. Drawing upon a collection of deception research from the past 10 years, the authors develop a taxonomy of six species of defensive cyber deception. Three of these six species are highlighted in the context of emerging problems such as privacy against ubiquitous tracking in the Internet of things (IoT), dynamic honeynets for the observation of advanced persistent threats (APTs), and active defense against physical denial-of-service (PDoS) attacks. Because of its uniquely thorough treatment of cyber deception, this book will serve as a timely contribution and valuable resource in this active field.
The opening chapters introduce both cybersecurity in a manner suitable for game theorists and game theory as appropriate for cybersecurity professionals. Chapter Four then guides readers through the specific field of defensive cyber deception. A key feature of the remaining chapters is the development of a signaling game model for the species of leaky deception featured in honeypots and honeyfiles. This model is expanded to study interactions between multiple agents with varying abilities to detect deception.
Game Theory for Cyber Deception will appeal to advanced undergraduates, graduate students, and researchers interested in applying game theory to cybersecurity. It will also be of value to researchers and professionals working on cybersecurity who seek an introduction to game theory.
Anzeige
Inhaltsverzeichnis
-
Frontmatter
-
Fundamentals
-
Frontmatter
-
Chapter 1. Introduction
Jeffrey Pawlick, Quanyan ZhuAbstractIn 2008, the National Academy of Engineering (NAE) included among its 14 Engineering Grand Challenges the objective to “secure cyberspace” [1]. Since that time, increased awareness of threats to cyberspace has helped spur private and public investment in cyberdefense. Yet in the past 10 years, cyberthreats have not only continued to exist, but have also developed new forms based on the evolution of new technologies. This book can be seen as an attempt to confront that reality. -
Chapter 2. Nash and Stackelberg Games
Jeffrey Pawlick, Quanyan ZhuAbstractIn this chapter, we give an introduction to several game-theoretic solution concepts that will be used in this book. The chapter starts by introducing matrix-form strategic games and the concept of Nash equilibrium. We then present extensive-form games and the concept of information sets. Stackelberg games are an important type of extensive-form games. This chapter introduces the structure of the game and the solution concept of Stackelberg equilibrium.
-
-
Defensive Deception
-
Frontmatter
-
Chapter 4. A Taxonomy of Defensive Deception
Jeffrey Pawlick, Quanyan ZhuAbstractThe game theory described in Chaps. 2 and 3 offers versatile possibilities for quantifying cyber deception. Yet specific game-theoretic models must be carefully chosen in order to model different types of deception. In this chapter, therefore, we propose a taxonomy that classifies deception into six categories. We then propose game-theoretic models that fittingly describe each category. Our analysis is based on both theoretical considerations and an empirical study of 25 recent articles in game theory for defensive cyber deception. The taxonomy provides a systematic foundation for understanding the three types of defensive deception that we study in Chaps. 5–7. -
Chapter 5. Obfuscation
Jeffrey Pawlick, Quanyan ZhuAbstractAs data ecosystems grow in size due to the IoT, researchers are developing obfuscation techniques that issue fake search engine queries, undermine location tracking algorithms, or evade government surveillance. These techniques raise two conflicts: one between each user and the machine learning algorithms which track the users, and one between the users themselves. -
Chapter 6. Honey-X
Jeffrey Pawlick, Quanyan ZhuAbstractThe previous chapter discussed obfuscation, in which the defender’s goal is to hide valuable information within noise. Obfuscation, in other words, is a species of crypsis (Sect. 4.3). But in other species of deception, the defender aims to create a specific false belief. This is called mimesis. The present chapter studies static mimesis, or, honey-x, which takes its name from technologies related to honeypots, honeytokens, etc. -
Chapter 7. Attacker Engagement
Jeffrey Pawlick, Quanyan ZhuAbstractAdvanced persistent threats (APTs) are multistage attacks that make use of social engineering and deception to give adversaries insider access to networked systems. Against APTs, active defense technologies create and exploit information asymmetry for defenders. If these active defenses are also dynamic, then we have the species of deception that Chap. 4 calls attacker engagement.
-
-
Mitigation of Malicious Deception
-
Frontmatter
-
Chapter 8. Strategic Trust
Jeffrey Pawlick, Quanyan ZhuAbstractBecause of threats to the IoT, agents in the network must decide whether to trust other possibly-malicious agents, i.e., must assess their reliability and dependability. Unfortunately, the dynamic and plug-n-play nature of the IoT makes reputation-based trust systems insufficient. Hence, this chapter develops a framework for predictive or strategic trust in which agents make decisions in view of the incentives of the agents with whom they are communicating. -
Chapter 9. Active Crowd Defense
Jeffrey Pawlick, Quanyan ZhuAbstractThis chapter studies an emerging cyberattack called a “physical” denial-of-service (PDoS) attack, in which devices in the Internet of things overflow the “physical bandwidth” of a cyber-physical system. In order to model active defense used against a PDoS attack, we develop a “Poisson signaling game,” a signaling game with an unknown number of receivers, which have varying abilities to detect deception. Equilibrium results indicate that (1) defenders can bound botnet activity and (2) legal approaches to security have only a limited effect, while active defense can decrease botnet activity arbitrarily.
-
-
Challenges and Opportunities in Cyber Deception
-
Frontmatter
-
Chapter 10. Insights and Future Directions
Jeffrey Pawlick, Quanyan ZhuAbstractIn this chapter, we attempt to go beyond a restatement of the content of the book. First, we consider the broader impacts of this research and the lessons learned during its completion. These insights are situated within the current state of cybersecurity research, and more importantly, within current societal challenges. Second, we outline an ambitious range of future research which could be carried out using this book as a foundation. -
Chapter 11. Current Challenges in Cyber Deception
Jeffrey Pawlick, Quanyan ZhuAbstractWhile the previous chapter focused on insights and promising directions based upon the current book, this chapter examines challenges in cyber deception that are found more broadly in the existing literature. As a point of reference, we refer to the research works mentioned in Chap. 4. The literature discussed in Chap. 4 points towards four major challenges in cyber deception.
-
-
Backmatter
- Titel
- Game Theory for Cyber Deception
- Verfasst von
-
Jeffrey Pawlick
Quanyan Zhu
- Copyright-Jahr
- 2021
- Electronic ISBN
- 978-3-030-66065-9
- Print ISBN
- 978-3-030-66064-2
- DOI
- https://doi.org/10.1007/978-3-030-66065-9
Informationen zur Barrierefreiheit für dieses Buch folgen in Kürze. Wir arbeiten daran, sie so schnell wie möglich verfügbar zu machen. Vielen Dank für Ihre Geduld.
