Game Theory for Cyber Deception

This book introduces game theory as a means to conceptualize, model, and analyze cyber deception. Drawing upon a collection of deception research from the past 10 years, the authors develop a taxonomy of six species of defensive cyber deception. Three of these six species are highlighted in the context of emerging problems such as privacy against ubiquitous tracking in the Internet of things (IoT), dynamic honeynets for the observation of advanced persistent threats (APTs), and active defense against physical denial-of-service (PDoS) attacks. Because of its uniquely thorough treatment of cyber deception, this book will serve as a timely contribution and valuable resource in this active field. The opening chapters introduce both cybersecurity in a manner suitable for game theorists and game theory as appropriate for cybersecurity professionals. Chapter Four then guides readers through the specific field of defensive cyber deception. A key feature of the remaining chapters is the development of a signaling game model for the species of leaky deception featured in honeypots and honeyfiles. This model is expanded to study interactions between multiple agents with varying abilities to detect deception. Game Theory for Cyber Deception will appeal to advanced undergraduates, graduate students, and researchers interested in applying game theory to cybersecurity. It will also be of value to researchers and professionals working on cybersecurity who seek an introduction to game theory.

Introduces game theory as a means to conceptualize, analyze, and model cyber deception Develops a thorough game-theoretic taxonomy to identify and investigate emerging problems in cybersecurity Includes a broad range of game-theoretic models, such as large-population games and games of incomplete information

Inhalt
Part I Fundamentals.- Introduction.- Nash and Stackelberg Games.- Introduction to Incomplete Information.- Part II Defensive Deception.- A Taxonomy of Defensive Deception.- Obfuscation.- Honey-X.- Attacker Engagement.- Part III Mitigation of Malicious Deception.- Strategic Trust.- Active Crowd Defense.- Part IV Challenges and Opportunities in Cyber Deception.- Insights and Future Directions.- Current Challenges in Cyber Deception.