{"title":"模拟网络场景中欺骗数量和时间的影响","authors":"Palvi Aggarwal, Cleotilde González, V. Dutt","doi":"10.1109/CyberSA.2017.8073405","DOIUrl":null,"url":null,"abstract":"With the growth of digital infrastructure, cyber-attacks are increasing in the real-world. Cyber-attacks are deliberate exploitation of computer systems, technology-dependent enterprises, and networks. Deception, i.e., the act of making someone believe in something that is not true, could be a way of countering cyber-attacks. In this paper, we propose a real-time simulation environment (“Deception Game”), which we used to evaluate and model the decision making of hackers in the presence of deception. In an experiment, using a repeated Deception Game (N = 100 participants), we analyzed the effect of two factors on participants' decisions to attack a computer network: amount of deception used and the timing of deception. Across 10-attack trials, the amount of deception used was manipulated at 2-levels: low and high. The timing of deception was manipulated at 2-levels: early and late. Results revealed that using late and high deception caused a reduction in attacks on regular webserver compared to early and low deception. Furthermore, we developed a cognitive model of hacker's decision-making using Instance-Based Learning (IBL) Theory, a theory of decisions from experience. The parameters obtained from the model helped explain the reasons for our experimental results.","PeriodicalId":365296,"journal":{"name":"2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA)","volume":"32 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"11","resultStr":"{\"title\":\"Modeling the effects of amount and timing of deception in simulated network scenarios\",\"authors\":\"Palvi Aggarwal, Cleotilde González, V. Dutt\",\"doi\":\"10.1109/CyberSA.2017.8073405\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"With the growth of digital infrastructure, cyber-attacks are increasing in the real-world. Cyber-attacks are deliberate exploitation of computer systems, technology-dependent enterprises, and networks. Deception, i.e., the act of making someone believe in something that is not true, could be a way of countering cyber-attacks. In this paper, we propose a real-time simulation environment (“Deception Game”), which we used to evaluate and model the decision making of hackers in the presence of deception. In an experiment, using a repeated Deception Game (N = 100 participants), we analyzed the effect of two factors on participants' decisions to attack a computer network: amount of deception used and the timing of deception. Across 10-attack trials, the amount of deception used was manipulated at 2-levels: low and high. The timing of deception was manipulated at 2-levels: early and late. Results revealed that using late and high deception caused a reduction in attacks on regular webserver compared to early and low deception. Furthermore, we developed a cognitive model of hacker's decision-making using Instance-Based Learning (IBL) Theory, a theory of decisions from experience. The parameters obtained from the model helped explain the reasons for our experimental results.\",\"PeriodicalId\":365296,\"journal\":{\"name\":\"2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA)\",\"volume\":\"32 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-06-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"11\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CyberSA.2017.8073405\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CyberSA.2017.8073405","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Modeling the effects of amount and timing of deception in simulated network scenarios
With the growth of digital infrastructure, cyber-attacks are increasing in the real-world. Cyber-attacks are deliberate exploitation of computer systems, technology-dependent enterprises, and networks. Deception, i.e., the act of making someone believe in something that is not true, could be a way of countering cyber-attacks. In this paper, we propose a real-time simulation environment (“Deception Game”), which we used to evaluate and model the decision making of hackers in the presence of deception. In an experiment, using a repeated Deception Game (N = 100 participants), we analyzed the effect of two factors on participants' decisions to attack a computer network: amount of deception used and the timing of deception. Across 10-attack trials, the amount of deception used was manipulated at 2-levels: low and high. The timing of deception was manipulated at 2-levels: early and late. Results revealed that using late and high deception caused a reduction in attacks on regular webserver compared to early and low deception. Furthermore, we developed a cognitive model of hacker's decision-making using Instance-Based Learning (IBL) Theory, a theory of decisions from experience. The parameters obtained from the model helped explain the reasons for our experimental results.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
