Cyber Camouflage Games for Strategic Deception

Citation:

Omkar Thakoor, Milind Tambe, Phebe Vayanos, Haifeng Xu, Christopher Kiekintveld, and Fei Feng. 2019. “Cyber Camouflage Games for Strategic Deception.” In Conference on Decision and Game Theory for Security, 2019.

Abstract:

 The rapid increase in cybercrime, causing a reported annual economic
loss of $600 billion (Lewis, 2018), has prompted a critical need for effective cyber defense. Strategic criminals conduct network reconnaissance prior to executing attacks to avoid detection and establish situational awareness via scanning
and fingerprinting tools. Cyber deception attempts to foil these reconnaissance
efforts by camouflaging network and system attributes to disguise valuable information. Game-theoretic models can identify decisions about strategically deceiving attackers, subject to domain constraints. For effectively deploying an optimal
deceptive strategy, modeling the objectives and the abilities of the attackers, is a
key challenge. To address this challenge, we present Cyber Camouflage Games
(CCG), a general-sum game model that captures attackers which can be diversely
equipped and motivated. We show that computing the optimal defender strategy is
NP-hard even in the special case of unconstrained CCGs, and present an efficient
approximate solution for it. We further provide an MILP formulation accelerated
with cut-augmentation for the general constrained problem. Finally, we provide
experimental evidence that our solution methods are efficient and effective.
See also: 2019