Game Theory on Attack Graph for Cyber Deception

Abstract

Game Theory provides a set of tools and a framework suitable to study security problems. In this paper, a class of games is developed to study cyber deception and the interactions between the network defender who is deceiving an adversary to mitigate the damage of the attack. In order to capture network topology, each game is played over an attack graph that can be generated according to the vulnerabilities associated with each node. The defender’s goal is to take deceptive actions to prevent the attacker from taking control over the network resources exploiting the incomplete information of the attacker regarding the deceptive network gained through the attack reconnaissance stage. To this end, we present several games such as normal form static, dynamic, hypergame, and a partially observable stochastic game (POSG) to study the game dynamics at different information structures. For the most general class of games, (i.e., POSG), we provide multiple solution approaches to overcome the intractability of the game model and finally present numerical result samples to show the effectiveness of each solution approach.