{"title":"Modeling the effects of amount and timing of deception in simulated network scenarios","authors":"Palvi Aggarwal, Cleotilde González, V. Dutt","doi":"10.1109/CyberSA.2017.8073405","DOIUrl":null,"url":null,"abstract":"With the growth of digital infrastructure, cyber-attacks are increasing in the real-world. Cyber-attacks are deliberate exploitation of computer systems, technology-dependent enterprises, and networks. Deception, i.e., the act of making someone believe in something that is not true, could be a way of countering cyber-attacks. In this paper, we propose a real-time simulation environment (“Deception Game”), which we used to evaluate and model the decision making of hackers in the presence of deception. In an experiment, using a repeated Deception Game (N = 100 participants), we analyzed the effect of two factors on participants' decisions to attack a computer network: amount of deception used and the timing of deception. Across 10-attack trials, the amount of deception used was manipulated at 2-levels: low and high. The timing of deception was manipulated at 2-levels: early and late. Results revealed that using late and high deception caused a reduction in attacks on regular webserver compared to early and low deception. Furthermore, we developed a cognitive model of hacker's decision-making using Instance-Based Learning (IBL) Theory, a theory of decisions from experience. The parameters obtained from the model helped explain the reasons for our experimental results.","PeriodicalId":365296,"journal":{"name":"2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2017-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"11","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CyberSA.2017.8073405","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 11
Abstract
With the growth of digital infrastructure, cyber-attacks are increasing in the real-world. Cyber-attacks are deliberate exploitation of computer systems, technology-dependent enterprises, and networks. Deception, i.e., the act of making someone believe in something that is not true, could be a way of countering cyber-attacks. In this paper, we propose a real-time simulation environment (“Deception Game”), which we used to evaluate and model the decision making of hackers in the presence of deception. In an experiment, using a repeated Deception Game (N = 100 participants), we analyzed the effect of two factors on participants' decisions to attack a computer network: amount of deception used and the timing of deception. Across 10-attack trials, the amount of deception used was manipulated at 2-levels: low and high. The timing of deception was manipulated at 2-levels: early and late. Results revealed that using late and high deception caused a reduction in attacks on regular webserver compared to early and low deception. Furthermore, we developed a cognitive model of hacker's decision-making using Instance-Based Learning (IBL) Theory, a theory of decisions from experience. The parameters obtained from the model helped explain the reasons for our experimental results.