TY - GEN
T1 - Learning Generative Deception Strategies in Combinatorial Masking Games
AU - Wu, Junlin
AU - Kamhoua, Charles
AU - Kantarcioglu, Murat
AU - Vorobeychik, Yevgeniy
N1 - Publisher Copyright:
© 2021, Springer Nature Switzerland AG.
PY - 2021
Y1 - 2021
N2 - Deception is a crucial tool in the cyberdefence repertoire, enabling defenders to leverage their informational advantage to reduce the likelihood of successful attacks. One way deception can be employed is through obscuring, or masking, some of the information about how systems are configured, increasing attacker’s uncertainty about their targets. We present a novel game-theoretic model of the resulting defender-attacker interaction, where the defender chooses a subset of attributes to mask, while the attacker responds by choosing an exploit to execute. The strategies of both players have combinatorial structure with complex informational dependencies, and therefore even representing these strategies is not trivial. First, we show that the problem of computing an equilibrium of the resulting zero-sum defender-attacker game can be represented as a linear program with a combinatorial number of system configuration variables and constraints, and develop a constraint generation approach for solving this problem. Next, we present a novel highly scalable approach for approximately solving such games by representing the strategies of both players as neural networks. The key idea is to represent the defender’s mixed strategy using a deep neural network generator, and then using alternating gradient-descent-ascent algorithm, analogous to the training of Generative Adversarial Networks. Our experiments, as well as a case study, demonstrate the efficacy of the proposed approach.
AB - Deception is a crucial tool in the cyberdefence repertoire, enabling defenders to leverage their informational advantage to reduce the likelihood of successful attacks. One way deception can be employed is through obscuring, or masking, some of the information about how systems are configured, increasing attacker’s uncertainty about their targets. We present a novel game-theoretic model of the resulting defender-attacker interaction, where the defender chooses a subset of attributes to mask, while the attacker responds by choosing an exploit to execute. The strategies of both players have combinatorial structure with complex informational dependencies, and therefore even representing these strategies is not trivial. First, we show that the problem of computing an equilibrium of the resulting zero-sum defender-attacker game can be represented as a linear program with a combinatorial number of system configuration variables and constraints, and develop a constraint generation approach for solving this problem. Next, we present a novel highly scalable approach for approximately solving such games by representing the strategies of both players as neural networks. The key idea is to represent the defender’s mixed strategy using a deep neural network generator, and then using alternating gradient-descent-ascent algorithm, analogous to the training of Generative Adversarial Networks. Our experiments, as well as a case study, demonstrate the efficacy of the proposed approach.
KW - Deception games
KW - Generative adversarial networks
KW - Masking strategies
UR - https://www.scopus.com/pages/publications/85119332744
U2 - 10.1007/978-3-030-90370-1_6
DO - 10.1007/978-3-030-90370-1_6
M3 - Conference contribution
AN - SCOPUS:85119332744
SN - 9783030903695
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 98
EP - 117
BT - Decision and Game Theory for Security - 12th International Conference, GameSec 2021, Proceedings
A2 - Bošanský, Branislav
A2 - Gonzalez, Cleotilde
A2 - Rass, Stefan
A2 - Rass, Stefan
A2 - Sinha, Arunesh
PB - Springer Science and Business Media Deutschland GmbH
T2 - 12th International Conference on Decision and Game Theory for Security, GameSec 2021
Y2 - 25 October 2021 through 27 October 2021
ER -