Manipulating Adversary’s Belief: A Dynamic Game Approach to Deception by Design for Proactive Network Security
The result's identifiers
Result code in IS VaVaI
<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F68407700%3A21230%2F17%3A00315206" target="_blank" >RIV/68407700:21230/17:00315206 - isvavai.cz</a>
Result on the web
<a href="https://link.springer.com/chapter/10.1007/978-3-319-68711-7_15" target="_blank" >https://link.springer.com/chapter/10.1007/978-3-319-68711-7_15</a>
DOI - Digital Object Identifier
<a href="http://dx.doi.org/10.1007/978-3-319-68711-7_15" target="_blank" >10.1007/978-3-319-68711-7_15</a>
Alternative languages
Result language
angličtina
Original language name
Manipulating Adversary’s Belief: A Dynamic Game Approach to Deception by Design for Proactive Network Security
Original language description
Due to the sophisticated nature of current computer systems, traditional defense measures, such as firewalls, malware scanners, and intrusion detection/prevention systems, have been found inadequate. These technological systems suffer from the fact that a sophisticated attacker can study them, identify their weaknesses and thus get an advantage over the defender. To prevent this from happening a proactive cyber defense is a new defense mechanism in which we strategically engage the attacker by using cyber deception techniques, and we influence his actions by creating and reinforcing his view of the computer system. We apply the cyber deception techniques in the field of network security and study the impact of the deception on attacker’s beliefs using the quantitative framework of the game theory. We account for the sequential nature of an attack and investigate how attacker’s belief evolves and influences his actions. We show how the defender should manipulate this belief to prevent the attacker from achieving his goals and thus minimize the damage inflicted to the network. To design a successful defense based on cyber deception, it is crucial to employ strategic thinking and account explicitly for attacker’s belief that he is being exposed to deceptive attempts. By doing so, we can make the deception more believable from the perspective of the attacker.
Czech name
—
Czech description
—
Classification
Type
D - Article in proceedings
CEP classification
—
OECD FORD branch
10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)
Result continuities
Project
<a href="/en/project/GA15-23235S" target="_blank" >GA15-23235S: Abstractions and Extensive-Form Games with Imperfect Recall</a><br>
Continuities
P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)
Others
Publication year
2017
Confidentiality
S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů
Data specific for result type
Article name in the collection
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
ISBN
978-3-319-68710-0
ISSN
0302-9743
e-ISSN
—
Number of pages
22
Pages from-to
273-294
Publisher name
Springer VDI Verlag
Place of publication
Düsseldorf
Event location
Vienna
Event date
Oct 23, 2017
Type of event by nationality
WRD - Celosvětová akce
UT code for WoS article
—