An important way cyber adversaries find vulnerabilities in modern networks is through reconnaissance, in which they attempt to identify configuration specifics of network hosts. To increase uncertainty of adversarial reconnaissance, the network administrator (henceforth, defender) can introduce deception into responses to network scans, such as obscuring certain system characteristics. We introduce a novel game-theoretic model of deceptive interactions of this kind between a defender and a cyber attacker, which we call the Cyber Deception Game. We consider both a powerful (rational) attacker, who is aware of the defender's exact deception strategy, and a naive attacker who is not. We show that computing the optimal deception strategy is NP-...
Allocating resources to defend targets from attack is often complicated by uncertainty about the att...
Honeypots are fundamentally means to detect adversary probing and to observe their tactics, techniqu...
Increasingly, more administrators (defenders) are using defense strategies with deception such as ho...
An important way cyber adversaries find vulnerabilities in modern networks is through reconnaissance...
Recently, researchers and practitioners have started to investigate the use of deception for designi...
In this day and age, adversaries in the cybersecurity space have become alarmingly capable of identi...
Traditional cyber security techniques have led to an asymmetric disadvantage for defenders. The defe...
In this day and age, adversaries in the cybersecurity space have become alarmingly capable of identi...
2018-10-24Protecting an organization’s cyber assets from intrusions and breaches due to attacks by m...
This paper studies defender patrol deception in general Stackelberg security games (SSGs), where a d...
An increasingly important tool for securing computer networks is the use of deceptive decoy objects ...
Entities of physical presence have always been susceptible to attacks. Entities of online presence a...
The increased reliance on the Internet has made information and communication systems more vulnerabl...
My research addresses the problem faced by a defender who must screen objects for potential threats ...
Computer network attackers currently benefit from an asymmetric advantage, leveraging both features ...
Allocating resources to defend targets from attack is often complicated by uncertainty about the att...
Honeypots are fundamentally means to detect adversary probing and to observe their tactics, techniqu...
Increasingly, more administrators (defenders) are using defense strategies with deception such as ho...
An important way cyber adversaries find vulnerabilities in modern networks is through reconnaissance...
Recently, researchers and practitioners have started to investigate the use of deception for designi...
In this day and age, adversaries in the cybersecurity space have become alarmingly capable of identi...
Traditional cyber security techniques have led to an asymmetric disadvantage for defenders. The defe...
In this day and age, adversaries in the cybersecurity space have become alarmingly capable of identi...
2018-10-24Protecting an organization’s cyber assets from intrusions and breaches due to attacks by m...
This paper studies defender patrol deception in general Stackelberg security games (SSGs), where a d...
An increasingly important tool for securing computer networks is the use of deceptive decoy objects ...
Entities of physical presence have always been susceptible to attacks. Entities of online presence a...
The increased reliance on the Internet has made information and communication systems more vulnerabl...
My research addresses the problem faced by a defender who must screen objects for potential threats ...
Computer network attackers currently benefit from an asymmetric advantage, leveraging both features ...
Allocating resources to defend targets from attack is often complicated by uncertainty about the att...
Honeypots are fundamentally means to detect adversary probing and to observe their tactics, techniqu...
Increasingly, more administrators (defenders) are using defense strategies with deception such as ho...