Deception-Based Mitigation of Cyber Threats Under Game and Prospect Theoretic Considerations
Recently, researchers and practitioners have started to investigate the use of deception for designing secure networks. Deception strategies can help to reduce the likelihood of an attacker’s success and cost of defense from scenarios without deception. At the same time, attackers can also adopt strategies to optimize against the deception strategies exhibited by a system, requiring consideration of the strategic interactions between the system and the attacker in designing defense tactics. Moreover, the interactions between the system and the attacker can also be influenced by their behavioral biases which can stem from various factors such as limited availability of information and subjective perception of uncertainties involved in decision making under risk. In this thesis, to defend a computation task against an attacker, a model is proposed that uses multiple computing devices for deceiving an attacker into attacking an unused computing device while having the system deploy defense resources on certain nodes to lure attackers. The thesis uses Game Theory to model the strategic interactions between the system and the attacker, and Prospect Theory to model their behavioral biases that can make them deviate from rational behavior. Under such considerations, this thesis characterizes the Nash Equilibrium (NE) strategy for deception-based attack-defense that defines how the system can strategically determine a device to perform a computation task while seeking to deceive an attacker into attacking an unused device. Further, this thesis also proposes a technique called ‘deceptive routing’ that can strategically advertise falsified routing information to mislead an attacker toward a path that leads toward a fake target in a network. The deception-based defense strategies presented in this thesis has applications in various adversarial scenarios, such as to defend a certain target device in human-in-the-loop Internet-of-Battlefield-Things (IoBT). Extensive simulation results are provided that show the performance advantages of the developed techniques and give important insights.
"Deception-Based Mitigation of Cyber Threats Under Game and Prospect Theoretic Considerations"
ETD Collection for Tennessee State University.