A Probabilistic Logic of Cyber Deception.

We propose a Probabilistic Logic of Deception (PLD-Logic) and show that various computations are NP-hard. We model the attacker's state and show the effects of faked scan results. ... We develop a Naive-PLD algorithm and a Fast-PLD heuristic algorithm for the defender to use and show experimentally that the latter performs well in a fraction of the run-time of the former. ... grants W911NF1410358 and W911NF1310421, by ONR grants N000141512007, N000141612896, and N000141512742 (any opinions, findings, and conclusions or recommendations expressed in this material are those of ...

doi:10.1109/tifs.2017.2710945 fatcat:fmcmx5w6w5bthamuh4s56puoqy

Automated adversary emulation is becoming an indispensable tool of network security operators in testing and evaluating their cyber defenses. ... In this paper, we show that decoy generation can slow an automated agent's decision process, but that the degree to which it is inhibited is greatly dependent on the types of objects used. ... [22] define a probabilistic logic game between attacker and defender around a network scanning use case, where the defender must create fake network scan results to steer an attacker towards hosts which ...

arXiv:2104.10575v1 fatcat:ajvkqmekgve6ze5yo6eampcfjq

Open Access

We illustrate the effectiveness of the proposed methods using a cyber defense example. ... This paper studies the deployment of joint moving target defense (MTD) and deception against multi-stage cyberattacks. ... To the best of our knowledge, the combined effect of MTD and cyber deception has not been investigated in the literature. ...

arXiv:2210.07385v1 fatcat:shqwf45b4bdyrmezrtlwb2zexe

We demonstrate the correctness of our deceptive planning algorithm using robot motion planning examples with temporal logic objectives and design a detection mechanism to notify the agent of potential ... To synthesize a deceptive strategy, we introduce a class of hypergame models that capture the interaction between the agent and its adversary given asymmetric, incomplete information. ... We will also consider practical applications of the deceptive planning for security applications in cyber-physical systems. a probabilistic transition function defined as follows. ...

arXiv:2007.15726v1 fatcat:pl6kh7nz4jf47odj4sdfxsqley

In this paper, we introduce a formal reasoning system called the InCA (Intelligent Cyber Attribution) framework that is designed to aid an analyst in the attribution of a cyber-operation even when the ... Attributing a cyber-operation through the use of multiple pieces of technical evidence (i.e., malware reverse-engineering and source tracking) and conventional intelligence sources (i.e., human or signals ... Acknowledgments This work was supported by UK EPSRC grant EP/J008346/1 -"PrOQAW", ERC grant 246858 -"DIADEM", by NSF grant #1117761, by the National Security Agency under the Science of Security Lablet ...

doi:10.1007/978-3-319-14039-1_8 fatcat:ncb5tf4i7zaylaajupdxm5gqgu

into attacker actions, utilities of those actions, and ultimately decision points which cyber deception could thwart. ... This paper discusses methods for improving the realism and ecological validity of AI used for autonomous cyber defense by exploring the potential to use Inverse Reinforcement Learning (IRL) to gain insight ... Reward Modeling with IRL Deception can be leveraged as a cyber attack deterrent, but optimizing the placement and type of deception requires more than a "set and forget" deception policy. ...

arXiv:2109.00066v1 fatcat:to6ihgt6mvcmdo4tf6hv5qi6yq

The concepts of deception, counter-deception, and deception detection in the cyber-space domain have been the subject of little systematic analysis. ... , behavioral, or cognitive elements; these cyber-tactics are not mapped into the classic components of denial and deception tactics; there is no conventional terminology to describe the phenomenon of deception ... , and human frailty by Finding logically consistent resource-deception plans for defense in cyber-space Media selection for deceptive communication Renormalizable `deception' theory of weak interactions ...

dblp:journals/psychnology/StechHHB11 fatcat:xxmy5xgr5jfnlpm5uiwpglmrvm

DOAJ Szczepanski

framework called DeLP (Defeasible Logic Programming) designed to aid an analyst in attributing a cyber-attack. ... A major challenge in cyber-threat analysis is combining information from different sources to find the person or the group responsible for the cyber-attack. ... Machine learning approaches struggle in situations of deception, where similar attributes point towards multiple attackers-we propose to address this issue using a formal logical framework. ...

arXiv:1607.02171v1 fatcat:lhoyi4ivbzdrzkcbmz6rxboxui

In the article ''Event-triggered H ∞ filtering for networked systems under hybrid probability deception attacks,'' Lu et al. consider the deception attacks of wide concern in cyber-attacks and discuss ... Using the network aggregation approach, the stability of a largescale version of network pairing problem and the topological structure of large-scale probabilistic LNs are considered. ...

doi:10.1109/access.2021.3087971 fatcat:zxlj7vjlsjfifist4ivjm3qfmy

DOAJ

Our findings suggest that unpredictability yields promise as a new approach to deception in laboratory settings. ... In this article, we propose a novel method that aims to improve upon existing moving-target defences by making them unpredictably reactive using probabilistic decision-making. ... ACKNOWLEDGMENT This document is the results of a research project on automated network defences funded by the UK Defence Science and Technology Laboratory (DSTL). ...

doi:10.1145/3450973 fatcat:dhgrtsr3fzagtaofeulkimogz4

Finally, a case of threat analysis of Zeus attack is given to demonstrate our approach. ... Accordingly, the present study proposes a new method for solving threat analysis and risk assessment problem by means of an improved Attack-Defense Tree (ADT) scheme. ... (ii) absence of the defense metrics for probabilistic analysis to real cyber-attack cases. ...

dblp:journals/jihmsp/WangL14 fatcat:btfzxyfmbrd6hpbitvissd52ym

For a variety of purposes, deceptive and anti-deceptive technologies have been created. ... Defensive Deception tactics are beneficial at introducing uncertainty for adversaries, increasing their learning costs, and, as a result, lowering the likelihood of successful attacks. ... Cyber Deception is one of the major techniques in cyber defense research. ...

doi:10.3390/s22062194 pmid:35336373 pmcid:PMC8952217 fatcat:hgtvnjuzxfgudpa76fke433qhy

DOAJ

In this landscape, cyber deception emerges as a critical component of our defense strategy against increasingly sophisticated attacks. ... This chapter aims to highlight the pivotal role of game-theoretic models and foundation models (FMs) in analyzing, designing, and implementing cyber deception tactics. ... In [77] , a taxonomy of cyber deception games is developed to connect each deception scenario with a fundamental class of game-theoretic models. ...

arXiv:2403.10570v1 fatcat:afvz6rfipffzxix7v7jdmzzrxe

Open Access

Defensive deception is a promising approach for cyber defense. Via defensive deception, the defender can anticipate attacker actions; it can mislead or lure attacker, or hide real resources. ... Although defensive deception is increasingly popular in the research community, there has not been a systematic investigation of its key components, the underlying principles, and its tradeoffs in various ... The views and conclusions contained in this document are those of the authors and should not be interpreted as representing the official policies, either expressed or implied, of the Army Research Laboratory ...

arXiv:2101.10121v2 fatcat:ko2mzzvyerehnfxbwgeuz72ilu

Open Access Multiple Versions

We model cyber deception as a sequential decision-making problem in a two-agent context. ... This paper presents an intelligent and adaptive agent that employs deception to recognize a cyber adversary's intent. ... [12] develop probabilistic logic to model deception during network scanning. ...

arXiv:2007.09512v1 fatcat:jmdtsezrfzaopaxacmmss4jzvu

A Probabilistic Logic of Cyber Deception

Preserved Fulltext

Towards Causal Models for Adversary Distractions [article]

Preserved Fulltext

Synthesis of Proactive Sensor Placement In Probabilistic Attack Graphs [article]

Preserved Fulltext

Dynamic Hypergames for Synthesis of Deceptive Strategies with Temporal Logic Objectives [article]

Preserved Fulltext

Cyber Attribution: An Argumentation-Based Approach [chapter]

Preserved Fulltext

Informing Autonomous Deception Systems with Cyber Expert Performance Data [article]

Preserved Fulltext

Scientometrics of Deception, Counter-deception, and Deception Detection in Cyber-space

Preserved Fulltext

Argumentation Models for Cyber Attribution [article]

Preserved Fulltext

IEEE Access Special Section Editorial: Recent Advances on Hybrid Complex Networks: Analysis and Control

Preserved Fulltext

Deception in Network Defences Using Unpredictability

Preserved Fulltext

Threat Analysis of Cyber Attacks with Attack Tree+

Preserved Fulltext

Leveraging Computational Intelligence Techniques for Defensive Deception: A Review, Recent Advances, Open Problems and Future Directions

Preserved Fulltext

Symbiotic Game and Foundation Models for Cyber Deception Operations in Strategic Cyber Warfare [article]

Preserved Fulltext

Game-Theoretic and Machine Learning-based Approaches for Defensive Deception: A Survey [article]

Preserved Fulltext

Other Versions

Active Deception using Factored Interactive POMDPs to Recognize Cyber Attacker's Intent [article]

Preserved Fulltext