A Differentially Private Game Theoretic Approach for Deceiving Cyber Adversaries
This work addresses cyber security challenges for network defenders by providing a more robust deception method, though it appears incremental as it builds on existing game theory and differential privacy concepts.
The paper tackles the problem of cyber deception by addressing limitations in existing approaches, such as fixed system numbers and simplified attacker strategies, proposing a differentially private game theoretic method that reduces security impacts from dynamic system changes and resists attacks regardless of attacker power, with experimental results showing effectiveness.
Cyber deception is one of the key approaches used to mislead attackers by hiding or providing inaccurate system information. There are two main factors limiting the real-world application of existing cyber deception approaches. The first limitation is that the number of systems in a network is assumed to be fixed. However, in the real world, the number of systems may be dynamically changed. The second limitation is that attackers' strategies are simplified in the literature. However, in the real world, attackers may be more powerful than theory suggests. To overcome these two limitations, we propose a novel differentially private game theoretic approach to cyber deception. In this proposed approach, a defender adopts differential privacy mechanisms to strategically change the number of systems and obfuscate the configurations of systems, while an attacker adopts a Bayesian inference approach to infer the real configurations of systems. By using the differential privacy technique, the proposed approach can 1) reduce the impacts on network security resulting from changes in the number of systems and 2) resist attacks regardless of attackers' reasoning power. The experimental results demonstrate the effectiveness of the proposed approach.