Game-Theoretic Analysis of Cyber Deception: Evidence-Based Strategies and Dynamic Risk Mitigation

Abstract: Deception is a technique to mislead human or computer systems by manipulating beliefs and information. For the applications of cyber deception, non-cooperative games become a natural choice of models to capture the adversarial interactions between the players and quantitatively characterizes the conflicting incentives and strategic responses. In this chapter, we provide an overview of deception games in three different environments and extend the baseline signaling game models to include evidence through side-channel knowledge acquisition to capture the information asymmetry, dynamics, and strategic behaviors of deception. We analyze the deception in binary information space based on a signaling game framework with a detector that gives off probabilistic evidence of the deception when the sender acts deceptively. We then focus on a class of continuous one-dimensional information space and take into account the cost of deception in the signaling game. We finally explore the multi-stage incomplete-information Bayesian game model for defensive deception for advanced persistent threats (APTs). We use the perfect Bayesian Nash equilibrium (PBNE) as the solution concept for the deception games and analyze the strategic equilibrium behaviors for both the deceivers and the deceivees.