A Hypergame Analysis for ErsatzPasswords

Gutierrez, Christopher; Almeshekah, Mohammed H.; Bagchi, Saurabh; Spafford, Eugene H.

doi:10.1007/978-3-319-99828-2_4

Cited by 4 publications

(2 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A cyberdeception game can be formulated as a sequential game, (G, G A , G D ), where G is an original game and G A and G D are games perceived by an attacker and a defender, respectively [11]. When G = G A = G D , we obtain a conventional game as both players play the same game G. However, when the players play a hypergame with G A ̸ = G D , they view the game differently and take action accordingly [11,12,13]. To the best of our knowledge, no prior work has considered a cyberdeception hypergame dealing with multiple APT attackers.…”

Section: Introductionmentioning

confidence: 99%

Resisting Multiple Advanced Persistent Threats via Hypergame-Theoretic Defensive Deception

Wan

Cho

Zhu

et al. 2023

IEEE Trans. Netw. Serv. Manage.

View full text Add to dashboard Cite

Existing defensive deception (DD) approaches apply game theory, assuming that an attacker and defender play the same, full game with all possible strategies. However, in deceptive settings, players may have different beliefs about the game itself. Such structural uncertainty is not naturally handled in traditional game theory. In this work, we formulate an attackdefense hypergame where multiple advanced persistent threat (APT) attackers and a single defender play a repeated game with different perceptions. The hypergame model systematically evaluates how various DD strategies can defend proactively against APT attacks. We present an adaptive method to select an optimal defense strategy using hypergame theory for strategic defense as well as machine learning for adaptive defense. We conducted in-depth experiments to analyze the performance of the eight schemes including ours, baselines, and existing counterparts. We found the DD strategies showed their highest advantages when the hypergame and machine learning are considered in terms of reduced false positives and negatives of the NIDS, system lifetime, and players' perceived uncertainties and utilities. We also analyze the Hyper Nash Equilibrium of given hypergames and discuss the key findings and insights behind them.

show abstract

Section: Introductionmentioning

confidence: 99%

Resisting Multiple Advanced Persistent Threats via Hypergame-Theoretic Defensive Deception

Wan

Cho

Zhu

et al. 2023

IEEE Trans. Netw. Serv. Manage.

View full text Add to dashboard Cite

show abstract

“…Cyber conflicts can be divided into three kernels: misinterpretation, over-perception, and under-perception, which are the building blocks of modeling deception. These have been used in order to model the ErsatzPassword scheme, a security control that protects hashed passwords against brute force password-cracking [69]. The study delved into two techniques: triggering an alarm if an attacker uses a cracked password or redirecting the attacker to a honeynet.…”

Section: Optimisationmentioning

confidence: 99%

Computable Analysis and Game Theory: From Foundations to Applications

Crook

View full text Add to dashboard Cite

This body of research showcases several facets of the intersection between computer science and game theory. On the foundational side, we explore the obstructions to the computability of Nash equilibria in the setting of computable analysis. In particular, we study the Weihrauch degree of the problem of ﬁnding a Nash equilibrium for a multiplayer game in normal form. We conclude that the Weihrauch degree Nash for multiplayer games lies between AoUC∗[0,1] and AoUC⋄[0,1] (Theorem 5.3). As a slight detour, we also explore the demarcation between computable and non-computable computational problems pertaining to the veriﬁcation of machine learning. We demonstrate that many veriﬁcation questions are computable without the need to specify a machine learning framework (Section 7.2). As well as looking into the theory of learners, robustness and sparisty of training data. On the application side, we study the use of Hypergames in Cybersecurity. We look into cybersecurity AND/OR attack graphs and how we could turn them into a hypergame (8.1). Hyper Nash equilibria is not an ideal solution for these games, however, we propose a regret-minimisation based solution concept. In Section 8.2, we survey the area of Hypergames and their connection to cybersecurity, showing that even if there is a small overlap, the reach is limited. We suggest new research directions such as adaptive games, generalisation and transferability (Section 8.3).

show abstract

HoneyHash: Honeyword Generation Based on Transformed Hashes

Shi

Sun

2021

Secure IT Systems

View full text Add to dashboard Cite

A Hypergame Analysis for ErsatzPasswords

Cited by 4 publications

References 9 publications

Resisting Multiple Advanced Persistent Threats via Hypergame-Theoretic Defensive Deception

Resisting Multiple Advanced Persistent Threats via Hypergame-Theoretic Defensive Deception

Computable Analysis and Game Theory: From Foundations to Applications

HoneyHash: Honeyword Generation Based on Transformed Hashes

Contact Info

Product

Resources

About