Defensive Deception Based on Hyper Game Theory against Advanced Persistent Threats
DOI:
https://doi.org/10.32628/IJSRSET2512314Abstract
Defensive deception techniques have emerged as a promising proactive defense mechanism to mislead an attacker and thereby achieve attack failure. However, most game-theoretic defensive deception approaches have assumed that players maintain consistent views under uncertainty. They do not consider players’ possible, subjective beliefs formed due to a symmetric information given to them. In this work, we formulate a hyper game between an attacker and a defender where they can interpret the same game differently and accordingly choose their best strategy based on their respective beliefs. This gives a chance for defensive deception strategies to manipulate an attacker’s belief, which is the key to the attacker’s decision making. We consider advanced persistent threat (APT) attacks, which perform multiple attacks in the stages of the cyber killchain where both the attacker and the defender aim to select optimal strategies based on their beliefs. Through extensive simulation experiments, we demonstrated how effectively the defender can leverage defensive deception techniques while dealing with multi-staged APT attacks in a hypergame in which the imperfect information is reflected based on perceived uncertainty, cost, and expected utilities of both attacker and defender, the system lifetime (i.e., mean time tosecurity failure), and improved false positive rates indetecting attackers.
Downloads
References
“Commonvulnerabilityscoringsystem(CVSS).”[Online].Available: https://www.first.org/cvss/
Y.M.Aljefri,M.A.Bashar,L.Fang,andk.W.Hipel,“First-levelhypergame forinvestigatingmisperceptioninconflicts,”IEEETrans.Systems,Man,and Cybernetics: Systems, vol. 48, no. 12, pp. 2158–2175, 2017.
H.AlmeshekahandH.Spafford,“Cybersecuritydeception,” in Cyber Deception. Springer, 2016, pp. 25–52.
C. Bakker, A. Bhattacharya, S. Chatterjee, and D. L.Vrabie, “Learning and informationmanipulation:Repeatedhypergamesforcyber-physicalsecurity,” IEEE Control Systems Letters, vol. 4, no. 2, pp. 295–300, 2019.
P.G.Bennett,“Towardatheoryofhypergames,”Omega,vol.5,no.6,pp. 749–751, 1977.
E.BertinoandN.Islam,“BotnetsandInternetofThingssecurity,”Computer, vol. 50, no. 2, pp. 76–79, Feb. 2017.
M.Boussard,D.T.Bui,L.Ciavaglia,R.Douville,M.L.Pallec,N.L.Sauze, L.Noirie,S.Papillon,P.PelosoandF.Santoro,“Software-definedLANsfor interconnected smart environment,” in 2015 27th Int’l Teletraffic Congress, Sep. 2015, pp. 219–227.
U.Brandes,“Afasteralgorithmforbetweennesscentrality,”Jour.mathematical sociology, vol. 25, no. 2, pp.163–177, 2001.
J.W.Caddell,“Deception101-primerondeception,”DTICDocument,Tech. Rep., 2004.T. E. Carroll and D. Grosu, “A game theoretic investigation of deception in networksecurity,”SecurityandCommunicationNetworks,vol.4,no.10,pp. 1162–1172,2011.
W.Casey, A. Kellner, P. Memarmoshrefi, J. A. Morales,and B. Mishra, “Deception,identity,andsecurity:ThegametheoryofSybilattacks,”Comms. of the ACM, vol. 62, no. 1, pp. 85–93, 2018.
J.-H.Cho,M.Zhu,andM.P.Singh,ModelingandAnalysisofDeception GamesbasedonHypergameTheory.Cham,Switzerland:SpringerNature, 2019, ch. 4, pp.49–74.
K. Ferguson-Walter, S. Fugate, J. Mauger, and M. Major, “Game theory for adaptive defensivecyberdeception,”inProc.6thAnnualSymp.onHotTopicsintheScienceof Security. ACM, 2019, p. 4.
N.M.FraserandK.W.Hipel,ConflictAnalysis:ModelsandResolutions.North-Holland, 1984.
N.GargandD.Grosu,“Deceptioninhoneynets:Agame-theoreticanalysis,”inProc.IEEE Information Assurance and Security Workshop (IAW). IEEE, 2007, pp.107–113.
B. Gharesifard and J. Cort´es, “Evolution of the perception about the opponent in hypergames,”inProc.49thIEEEConf.DecisionandControl(CDC),Dec.2010,pp. 1076–1081.
“Evolutionofplayers’misperceptionsinhypergamesunderperfectobservations,”IEEE Trans. Automatic Control, vol. 57, no. 7, pp. 1627–1640, Jul. 2012.
I.GmbH.MindNode.[Online].Available:https://mindnode.com/
Jangid, J., & Malhotra, S. (2022). Optimizing software upgrades in optical transport networks: Challenges and best practices. Nanotechnology Perceptions, 18(2), 194–206. https://nano-ntp.com/index.php/nano/article/view/5169
Dixit, S. (2022). AI-powered risk modeling in quantum finance: Redefining enterprise decision systems. International Journal of Scientific Research in Science, Engineering and Technology, 9(4), 547–572. https://doi.org/10.32628/IJSRSET221656
J.Han,J.Pei,andM.Kamber,DataMining:ConceptsandTechniques.Elsevier, 2011.
J. T. House and G. Cybenko, “Hypergame theory applied to cyber attack and defense,” in Proc. SPIE Conf.Sensors, and Command, Control, Comms., and Intelligence (C3I) TechnologiesforHomelandSecurityandHomelandDefenseIX,vol.766604,May.2010.
T.Kanazawa, T. Ushio, and T. Yamasaki, “Replicator dynamics of evolutionary hypergames,” IEEE Trans.Systems, Man, and Cybernetics - Part A: Systems and Humans, vol. 37, no. 1, pp. 132–138, Jan. 2007.
N.S.Kovach,A.S.Gibson,andG.B.Lamont,“Hypergametheory:Amodelforconflict, misperception, and deception,” Game Theory, 2015, article ID 570639,20 pages.
K.Krombholz,H.Hobel,M.Huber,andE.Weippl,“Advancedsocialengineeringattacks,” Jour. Information Security and Applications, vol. 22, pp. 113–122, 2015.
Downloads
Published
Issue
Section
License
Copyright (c) 2025 International Journal of Scientific Research in Science, Engineering and Technology
This work is licensed under a Creative Commons Attribution 4.0 International License.
