Game Theory for Cyber Deception: From Theory to Applications

Preface
Contents
Notation
Part I Fundamentals
1 Introduction
1.1 Cybersecurity
1.1.1 The Internet of Things
1.1.2 The IoT and Cyber-Physical Systems
1.1.3 Broad Features of the IoT/IoCT
1.2 Deception
1.2.1 Deception Across Disciplines
1.2.2 Defensive Deception in Cybersecurity and Privacy
1.3 Systems Sciences
1.3.1 Systems Science Methodology
1.3.2 Applications of Systems Sciences
1.4 Game Theory
1.5 Outline of the Book
2 Nash and Stackelberg Games
2.1 Zero-Sum Matrix Games
2.1.1 Pure Strategies
2.1.2 Mixed-Strategies
2.2 Nonzero-Sum Games
2.3 Extensive-Form Games
2.3.1 Representation Using Graphs
2.3.2 Information Sets
2.3.3 Behavioral Strategies
2.3.4 Perfect Equilibria
2.4 Stackelberg Games
2.4.1 Stackelberg Game with Non-unique Best Responses
2.5 Notes
3 Introduction to Incomplete Information
3.1 Bayesian Games
3.1.1 N-Person Bayesian Nash Equilibrium Problem
3.1.2 Two-Bidder Auction as an Example
3.2 Signaling Games
3.2.1 Signaling-Game Model
3.2.2 Signaling-Game Equilibrium Concept
3.3 Notes
Part II Defensive Deception
4 A Taxonomy of Defensive Deception
4.1 Introduction
4.2 Description of Existing Literature
4.2.1 Broad Clusters of Deception Techniques
4.2.2 Broad Modeling Trends
4.3 Taxonomy: Prescriptive Modeling Approach
4.3.1 Private Information
4.3.2 Actors
4.3.3 Actions
4.3.4 Duration
4.4 Taxonomy: Results
4.5 Looking Forward
4.6 Notes
5 Obfuscation
5.1 Introduction to Obfuscation
5.2 Model
5.2.1 Empirical Risk Minimization
5.2.2 Differential Privacy
5.2.3 Bi-level Game
5.2.4 Equilibrium Requirements
5.3 Mean-Field Game Analysis
5.4 Stackelberg Game
5.4.1 Status Quo Equilibrium
5.4.2 Equilibrium Outside of the Status Quo
5.4.3 Summary of Results
5.5 Discussion of Results
5.6 Related Work
6 Honey-X
6.1 Introduction to Honey-X
6.1.1 Signaling Games for Mimesis
6.1.2 Cost and Detection in Signaling Games
6.1.3 Model Overview
6.2 Model
6.2.1 Types, Messages, Evidence, Actions, and Beliefs
6.2.2 Utility Functions
6.2.3 Equilibrium Concept
6.3 Equilibrium Results
6.3.1 Prior Probability Regimes
6.3.2 Optimality Condition for S
6.3.3 Pooling PBNE
6.3.4 Partially Separating PBNE
6.4 Comparative Statics
6.4.1 Equilibrium Strategies Versus Detector Characteristics
6.4.2 Truth-Induction
6.4.3 Equilibrium Utility
6.5 Case Study
6.5.1 Motivation
6.5.2 Signaling and Detection
6.5.3 Model Description
6.5.4 Equilibrium Results
6.5.5 Numerical Experiments and Insights
6.6 Discussion of Results
6.7 Related Work
6.8 Derivations
6.8.1 Separating PBNE
6.8.2 Optimal Actions of R in Pooling PBNE
6.8.3 Optimal Actions of S in Pooling PBNE
6.8.4 Partially Separating Equilibria
6.8.5 Truth-Induction Proof
6.8.6 Robustness Proof
6.9 Notes
7 Attacker Engagement
7.1 Introduction to Attacker Engagement
7.1.1 Timing in Attacker Engagement
7.2 Problem Formulation
7.2.1 State Space mathbbX
7.2.2 One-Stage Actions mathbbA
7.2.3 Reward Function u
7.2.4 Transition Kernel q
7.2.5 Infinite-Horizon, Undiscounted Reward
7.3 Analysis and Results
7.3.1 Reduced Action Spaces
7.3.2 Value Function Structure
7.3.3 Value Function Threshold
7.3.4 Optimal Policy Function
7.4 Robustness Evaluation
7.4.1 Equilibrium Concept
7.4.2 Equilibrium Analysis
7.5 Simulation
7.6 Discussion of Results
7.7 Related Work
7.8 Derivations
7.8.1 Proof of Finite Expected Value
7.8.2 Derivation of Value Function and Optimal Policy
7.8.3 Derivation of k[ω] and ω
7.8.4 Derivation of barJσ*(barTA)
7.9 Notes
Part III Mitigation of Malicious Deception
8 Strategic Trust
8.1 Strategic Trust for Mitigation of APTs
8.1.1 Advanced Persistent Threats in the Cloud-Enabled IoCT
8.1.2 Strategic Trust
8.1.3 Game-Theoretic iSTRICT Model
8.2 iSTRICT Overview
8.2.1 Cloud Layer
8.2.2 Communication Layer
8.2.3 Physical Layer
8.2.4 Coupling of the Cloud and Communication Layers
8.3 Detailed iSTRICT Model
8.3.1 Cloud Layer: FlipIt Game
8.3.2 Communication Layer: Signaling Game
8.3.3 Physical Layer: Optimal Control
8.3.4 Definition of Gestalt Nash Equilibrium
8.4 Equilibrium Analysis
8.4.1 Assumptions
8.4.2 GNE Existence Proof
8.4.3 Adaptive Algorithm
8.5 Application to Autonomous Vehicle Control
8.5.1 Autonomous Vehicle Security
8.5.2 Physical-Layer Implementation
8.5.3 Signaling Game Results
8.5.4 Results of the FlipIt Games
8.5.5 GNE for Different Parameters
8.6 Discussion of Results
8.7 Related Work
8.8 Notes
9 Active Crowd Defense
9.1 Active Defense Against PDoS Attacks
9.1.1 Modeling the PDoS Recruitment Stage
9.2 Signaling Games and Poisson Games
9.2.1 Signaling Games with Evidence
9.2.2 Poisson Games
9.3 Poisson Signaling Games
9.3.1 Types, Actions, and Evidence, and Utility
9.3.2 Mixed-Strategies and Expected Utility
9.3.3 Perfect Bayesian Nash Equilibrium
9.4 Application of PSG to PDoS
9.4.1 Messages, Evidence Thresholds, and Actions
9.4.2 Characteristics of PDoS Utility Functions
9.4.3 Modeling the Physical Impact of PDoS Attacks
9.5 Equilibrium Analysis
9.5.1 PSG Parameter Regime
9.5.2 Equilibrium Strategies
9.6 Mechanism Design
9.6.1 Legislating Basic Security
9.6.2 Incentivizing Active Defense
9.7 Discussion of Results
9.8 Related Work
9.9 Derivations
9.9.1 Simplified Sender Expected Utility
9.9.2 Proof of Theorem 9.3
9.10 Notes
Part IV Challenges and Opportunities in Cyber Deception
10 Insights and Future Directions
10.1 Broader Insights
10.2 Future Directions
11 Current Challenges in Cyber Deception
11.1 Open Problems in Existing Literature
11.1.1 Mimesis
11.1.2 Theoretical Advances
11.1.3 Practical Implementations
11.1.4 Interdisciplinary Security
11.2 Closing Remarks
Appendix References
Index