A Game-Theoretic Analysis of Deception over Social Networks Using Fake Avatars

Mohammadi, Amin Malek; Manshaei, Mohammad Hossein; Moghaddam, Monireh Mohebbi; Zhu, Quanyan

doi:10.1007/978-3-319-47413-7_22

Cited by 16 publications

(16 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…In a follow-up study [53], the concept of artificial exposure has been improved as a signaling game framework that could probabilistically induce and make judgments to estimate evidence based on the sender type and transmitted message, thereby proving again that the concept is vulnerable to attackers who can analyze the signals. Mohammadi et al [54] have proposed a signaling game for identifying and deceiving external attackers using false defender avatars to optimize decoy strategies and alert thresholds. In that study, they defined the uncertainty of the judgment of the identity of the defender by the attacker who received signals from a real defender or a false defender avatar and considered the concept of insider authorization based on access control in the system architecture.…”

Section: Game-theoretic Defensive Deception With Non-mtdmentioning

confidence: 99%

SOD2G: A Study on a Social-Engineering Organizational Defensive Deception Game Framework through Optimization of Spatiotemporal MTD and Decoy Conflict

Seo

Kim

2021

Electronics

View full text Add to dashboard Cite

Existing moving target defense (MTD) and decoy systems are conceptually limited in avoiding and preventing attackers’ social-engineering real-time attacks by organization through either structural mutations or induction and isolation only using static traps. To overcome the practical limitations of existing MTD and decoy and to conduct a multi-stage deception decision-making in a real-time attack-defense competition, the current work presents a social-engineering organizational defensive deception game (SOD2G) as a framework, consi dering hierarchical topologies and fingerprint characteristics by organization. The present work proposed and applied deception concepts and zero-sum-based two-player game models as well as attacker and defender decision-making process based on deceivable organizational environments and vulnerability information. They were designed in consideration of limited organizational resources so that they could converge in the positive direction to secure organizational defender dominant share and optimal values of the defender deception formulated by both scenario and attribute. This framework could handle incomplete private information better than existing models and non-sequentially stratified, and also contributed to the configuration of the optimal defender deception strategy. As the experimental results, they could increase the deception efficiency within an organization by about 40% compared to existing models. Also, in the sensitivity analysis, the proposed MTD and decoy yielded improvements of at least 60% and 30% in deception efficiency, respectively, compared to the existing works.

show abstract

Section: Game-theoretic Defensive Deception With Non-mtdmentioning

confidence: 99%

SOD2G: A Study on a Social-Engineering Organizational Defensive Deception Game Framework through Optimization of Spatiotemporal MTD and Decoy Conflict

Seo

Kim

2021

Electronics

View full text Add to dashboard Cite

show abstract

“…9. Mohammadi et al [2016] use signaling games to model the use of fake avatars as a type of honey-x. The avatars observe suspicious or non-suspicious activity from other user accounts in the network, and must form a belief about whether the other users are legitimate accounts or compromised accounts.…”

Section: Honey-xmentioning

confidence: 99%

“…The authors derive a complete set of closed form solutions. Mohammadi et al [2016] use signaling games to model the decision processes of a fake avatar that is defending a social network from attack. Figure 9 depicts the model using the signaling game formulated in Fig.…”

Section: Honey-xmentioning

confidence: 99%

“…The avatar then decides whether to raise an alert. [Mohammadi et al 2016] is not a cheap-talk game, because raising an alert is assumed to be more costly than not raising an alert. But this extra cost of raising an alert applies regardless of the actual user type, so it does not take the form of a "lying cost," as is the case in [C ¸eker et al 2016].…”

Section: Honey-xmentioning

confidence: 99%

See 1 more Smart Citation

A Game-theoretic Taxonomy and Survey of Defensive Deception for Cybersecurity and Privacy

2019

Self Cite

View full text Add to dashboard Cite

Cyberattacks on both databases and critical infrastructure have threatened public and private sectors. Ubiquitous tracking and wearable computing have infringed upon privacy. Advocates and engineers have recently proposed using defensive deception as a means to leverage the information asymmetry typically enjoyed by attackers as a tool for defenders. The term deception, however, has been employed broadly and with a variety of meanings. In this paper, we survey 24 articles from 2008-2018 that use game theory to model defensive deception for cybersecurity and privacy. Then we propose a taxonomy that defines six types of deception: perturbation, moving target defense, obfuscation, mixing, honey-x, and attacker engagement. These types are delineated by their information structures, agents, actions, and duration: precisely concepts captured by game theory. Our aims are to rigorously define types of defensive deception, to capture a snapshot of the state of the literature, to provide a menu of models which can be used for applied research, and to identify promising areas for future work. Our taxonomy provides a systematic foundation for understanding different types of defensive deception commonly encountered in cybersecurity and privacy.

show abstract

“…The game-theoretic framework can be extended to reason about dynamical system properties and behavior traces. In [31], the authors formulate a deception with signaling game in networks in which the defender deploys a fake avatar for identification of the compromised internal user. In [32], the authors propose a selective and dynamic mechanism for counterfingerprinting.…”

Section: Signaling Games For Cybersecuritymentioning

confidence: 99%

Strategic Defense against Stealthy Link Flooding Attacks: A Signaling Game Approach

Aydeger¹,

Manshaei²,

Rahman³

et al. 2019

Preprint

Self Cite

View full text Add to dashboard Cite

With the increasing diversity of Distributed Denial-of-Service (DDoS) attacks, it is becoming extremely challenging to design a fully protected network. For instance, Stealthy Link Flooding Attack (SLFA) is a variant of DDoS attacks that strives to block access to a target area by flooding a small set of links, and it is shown that it can bypass traditional DDoS defense mechanisms. One potential solution to tackle such SLFAs is to apply Moving Target Defense (MTD) techniques in which network settings are dynamically changed to confuse/deceive attackers, thus making it highly expensive to launch a successful attack. However, since MTD comes with some overhead to the network, to find the best strategy (i.e., when and/or to what extent) of applying it has been a major challenge. The strategy is significantly influenced by the attacker's behavior that is often difficult to guess. In this work, we address the challenge of obtaining the optimal MTD strategy that effectively mitigates SLFAs while incurs a minimal overhead. We design the problem as a signaling game considering the network defender and the attacker as players. A belief function is established throughout the engagement of the attacker and the defender during this SLFA campaign, which is utilized to pick the best response/action for each player. We analyze the game model and derive a defense mechanism based on the equilibria of the game. We evaluate the technique on a Mininet-based network environment where an attacker is performing SLFAs and a defender applies MTD based on equilibria of the game. The results show that our signaling game-based dynamic defense mechanism can provide a similar level of protection against SLFAs like the extensive MTD solution, however, causing a significantly reduced overhead.

show abstract

A Game-Theoretic Analysis of Deception over Social Networks Using Fake Avatars

Cited by 16 publications

References 20 publications

SOD2G: A Study on a Social-Engineering Organizational Defensive Deception Game Framework through Optimization of Spatiotemporal MTD and Decoy Conflict

SOD2G: A Study on a Social-Engineering Organizational Defensive Deception Game Framework through Optimization of Spatiotemporal MTD and Decoy Conflict

A Game-theoretic Taxonomy and Survey of Defensive Deception for Cybersecurity and Privacy

Strategic Defense against Stealthy Link Flooding Attacks: A Signaling Game Approach

Contact Info

Product

Resources

About