Linked e-resources
Details
Table of Contents
Intro
Preface
Organization
Contents
Deception in Security
The Risk of Attacker Behavioral Learning: Can Attacker Fool Defender Under Uncertainty?
1 Introduction
2 Related Work
3 Background
4 Attacker Behavior Deception Under Uncertainty
4.1 A Polynomial-Time Deception Algorithm
4.2 Solution Quality Analysis
5 Defender Counter-Deception
5.1 Analyzing Attacker Deception Adaptation
5.2 Finding Optimal Defense Function HI Given Fixed I: Divide-and-Conquer
5.3 Completing the Proof of Theorem 3
6 Experimental Evaluation
7 Summary
References
Casino Rationale: Countering Attacker Deception in Zero-Sum Stackelberg Security Games of Bounded Rationality
1 Introduction
2 Related Work
3 Model and Preliminaries
4 Bounds and Analysis on Optimal Defender Behaviors
5 Generalized Multi-round Game of Deception
5.1 Single Round, No Deception
5.2 Single Round, Deception
5.3 Multi-round Game
6 Conclusion
A Proof of Lemma 3
References
Cyber Deception Against Zero-Day Attacks: A Game Theoretic Approach
1 Introduction
2 Related Work
2.1 Cyber Deception GT
2.2 Games on AG
2.3 Zero-Day
3 System Model
3.1 Defender Model
3.2 Attacker Model
3.3 Reward Function
4 Zero-Day Vulnerability Analysis
5 Zero-Day Mitigating Strategies
5.1 Impact-Based Mitigation (Alpha-Mitigation)
5.2 Capture-Based Mitigation (LP-Mitigation)
5.3 Critical Point Mitigation
6 Numerical Results
6.1 Experiment
6.2 Impact of Zero-Days Vulnerability
6.3 Mitigation
7 Conclusion
References
Planning and Learning in Dynamic Environments
On Almost-Sure Intention Deception Planning that Exploits Imperfect Observers
1 Introduction
2 Problem Formulation
3 Main Results
3.1 Nonrevealing Intention Deception Attack Planning Against Action-Visible Defender
3.2 Non-revealing Intention Deception Against Action-Invisible Defender
3.3 Complexity Analysis
4 Examples
4.1 Illustrative Examples
4.2 Intention Deception Planning Against a Security Monitoring System
5 Conclusion and Future Work
A Proof of Proposition 2 and the Construction of ASW Region and ASW Strategies
B Proof of Theorem 2
References
Using Deception in Markov Game to Understand Adversarial Behaviors Through a Capture-The-Flag Environment
1 Introduction
2 Background
2.1 Capture-The-Flag Setup
2.2 Vulnerabilities and Exploits
2.3 Defense Strategies and Analysis Tools
2.4 Attack Graph
2.5 Markov Game
3 Methodology
3.1 Hypotheses
3.2 User Study
3.3 Markov Game Modeling
4 Experimental Evaluation and Results
4.1 iCTF User Studies
4.2 Markov Game Strategy Evaluation
4.3 Discussion
5 Related Work
6 Conclusion and Future Work
References
Robust Moving Target Defense Against Unknown Attacks: A Meta-reinforcement Learning Approach
1 Introduction
2 The MTD Game Model
2.1 System Model
2.2 Threat Model
Preface
Organization
Contents
Deception in Security
The Risk of Attacker Behavioral Learning: Can Attacker Fool Defender Under Uncertainty?
1 Introduction
2 Related Work
3 Background
4 Attacker Behavior Deception Under Uncertainty
4.1 A Polynomial-Time Deception Algorithm
4.2 Solution Quality Analysis
5 Defender Counter-Deception
5.1 Analyzing Attacker Deception Adaptation
5.2 Finding Optimal Defense Function HI Given Fixed I: Divide-and-Conquer
5.3 Completing the Proof of Theorem 3
6 Experimental Evaluation
7 Summary
References
Casino Rationale: Countering Attacker Deception in Zero-Sum Stackelberg Security Games of Bounded Rationality
1 Introduction
2 Related Work
3 Model and Preliminaries
4 Bounds and Analysis on Optimal Defender Behaviors
5 Generalized Multi-round Game of Deception
5.1 Single Round, No Deception
5.2 Single Round, Deception
5.3 Multi-round Game
6 Conclusion
A Proof of Lemma 3
References
Cyber Deception Against Zero-Day Attacks: A Game Theoretic Approach
1 Introduction
2 Related Work
2.1 Cyber Deception GT
2.2 Games on AG
2.3 Zero-Day
3 System Model
3.1 Defender Model
3.2 Attacker Model
3.3 Reward Function
4 Zero-Day Vulnerability Analysis
5 Zero-Day Mitigating Strategies
5.1 Impact-Based Mitigation (Alpha-Mitigation)
5.2 Capture-Based Mitigation (LP-Mitigation)
5.3 Critical Point Mitigation
6 Numerical Results
6.1 Experiment
6.2 Impact of Zero-Days Vulnerability
6.3 Mitigation
7 Conclusion
References
Planning and Learning in Dynamic Environments
On Almost-Sure Intention Deception Planning that Exploits Imperfect Observers
1 Introduction
2 Problem Formulation
3 Main Results
3.1 Nonrevealing Intention Deception Attack Planning Against Action-Visible Defender
3.2 Non-revealing Intention Deception Against Action-Invisible Defender
3.3 Complexity Analysis
4 Examples
4.1 Illustrative Examples
4.2 Intention Deception Planning Against a Security Monitoring System
5 Conclusion and Future Work
A Proof of Proposition 2 and the Construction of ASW Region and ASW Strategies
B Proof of Theorem 2
References
Using Deception in Markov Game to Understand Adversarial Behaviors Through a Capture-The-Flag Environment
1 Introduction
2 Background
2.1 Capture-The-Flag Setup
2.2 Vulnerabilities and Exploits
2.3 Defense Strategies and Analysis Tools
2.4 Attack Graph
2.5 Markov Game
3 Methodology
3.1 Hypotheses
3.2 User Study
3.3 Markov Game Modeling
4 Experimental Evaluation and Results
4.1 iCTF User Studies
4.2 Markov Game Strategy Evaluation
4.3 Discussion
5 Related Work
6 Conclusion and Future Work
References
Robust Moving Target Defense Against Unknown Attacks: A Meta-reinforcement Learning Approach
1 Introduction
2 The MTD Game Model
2.1 System Model
2.2 Threat Model