A Differentially Private Game Theoretic Approach for Deceiving Cyber Adversaries

TL;DR

This paper introduces a game theoretic method using differential privacy to enhance cyber deception, allowing dynamic system changes and resisting powerful attackers, with proven effectiveness in experiments.

Contribution

It presents a novel differentially private game theoretic framework for cyber deception that addresses dynamic network sizes and sophisticated attacker strategies.

Findings

Reduces security risks from network changes

Resists attackers with advanced inference capabilities

Demonstrates effectiveness through experiments

Abstract

Cyber deception is one of the key approaches used to mislead attackers by hiding or providing inaccurate system information. There are two main factors limiting the real-world application of existing cyber deception approaches. The first limitation is that the number of systems in a network is assumed to be fixed. However, in the real world, the number of systems may be dynamically changed. The second limitation is that attackers' strategies are simplified in the literature. However, in the real world, attackers may be more powerful than theory suggests. To overcome these two limitations, we propose a novel differentially private game theoretic approach to cyber deception. In this proposed approach, a defender adopts differential privacy mechanisms to strategically change the number of systems and obfuscate the configurations of systems, while an attacker adopts a Bayesian inference approach to infer the real configurations of systems. By using the differential privacy technique, the proposed approach can 1) reduce the impacts on network security resulting from changes in the number of systems and 2) resist attacks regardless of attackers' reasoning power. The experimental results demonstrate the effectiveness of the proposed approach.