Imitative Follower Deception in Stackelberg Games

Information uncertainty is one of the major challenges facing applications of game theory. In the context of Stackelberg games, various approaches have been proposed to deal with the leader's incomplete knowledge about the follower's payoffs, typically by gathering information from the leader's interaction with the follower. Unfortunately, these approaches rely crucially on the assumption that the follower will not strategically exploit this information asymmetry, i.e., the follower behaves truthfully during the interaction according to their actual payoffs. As we show in this paper, the follower may have strong incentives to deceitfully imitate the behavior of a different follower type and, in doing this, benefit significantly from inducing the leader into choosing a highly suboptimal strategy. This raises a fundamental question: how to design a leader strategy in the presence of a deceitful follower? To answer this question, we put forward a basic model of Stackelberg games with (imitative) follower deception and show that the leader is indeed able to reduce the loss due to follower deception with carefully designed policies. We then provide a systematic study of the problem of computing the optimal leader policy and draw a relatively complete picture of the complexity landscape; essentially matching positive and negative complexity results are provided for natural variants of the model. Our intractability results are in sharp contrast to the situation with no deception, where the leader's optimal strategy can be computed in polynomial time, and thus illustrate the intrinsic difficulty of handling follower deception. Through simulations we also examine the benefit of considering follower deception in randomly generated games

Markov Decision Process for Modeling Social Engineering Attacks and Finding Optimal Attack Strategies

It is important to comprehend the attacker\u27s behavior and capacity in order to build a stronger fortress and thus be able to protect valuable assets more effectively. Prior to launching technical and physical attacks, an attacker may enter the reconnaissance stage and gather sensitive information. To collect such valuable data, one of the most effective approaches is through conducting social engineering attacks, borrowing techniques from deception theory. As a result, it is of utmost importance to understand when an attacker behaves truthfully and when the attacker opts to be deceitful. This paper models attacker\u27s states using the Markov Decision Process (MDP) and studies the attacker\u27s decision for launching deception attacks in terms of cooperation and deception costs. The study is performed through MDP modeling, where the states of attackers are modeled along with the permissible actions that can be taken. We found that the optimal policy regarding being deceitful or truthful depends on the cost associated with deception and how much the attacker can afford to take the risk of launching deception attacks. More specifically, we observed that when the cost of cooperation is low (e.g., 10%), by taking MDP optimal policy, the attacker cooperates with the victim as much as possible in order to gain their trust; whereas, when the cost of cooperation is high (e.g., 50%), the attacker takes deceptive action earlier in order to minimize the cost of interactions while maximizing the impact of the attack. We report four case studies and simulations through which we demonstrate the trade-off between cooperative and deceptive actions in accordance with their costs to attackers

Experimental Case Studies for Investigating E-Banking Phishing Techniques and Attack Strategies

Phishing is a form of electronic identity theft in which a combination of social engineering and web site spoofing techniques are used to trick a user into revealing confidential information with economic value. The problem of social engineering attack is that there is no single solution to eliminate it completely, since it deals largely with the human factor. This is why implementing empirical experiments is very crucial in order to study and to analyze all malicious and deceiving phishing website attack techniques and strategies. In this paper, three different kinds of phishing experiment case studies have been conducted to shed some light into social engineering attacks, such as phone phishing and phishing website attacks for designing effective countermeasures and analyzing the efficiency of performing security awareness about phishing threats. Results and reactions to our experiments show the importance of conducting phishing training awareness for all users and doubling our efforts in developing phishing prevention techniques. Results also suggest that traditional standard security phishing factor indicators are not always effective for detecting phishing websites, and alternative intelligent phishing detection approaches are needed

Exploring Online Fraudsters’ Decision-Making Processes

A growing body of evidence suggests the situational context influences the social engineer (SE) characteristics and tactics offenders (i.e., fraudsters) deploy during the development of an online fraud event. Several attempts have been made to examine online the macro-social development of an online fraud event. Nevertheless, macro-level social examinations have been largely unsuccessful in combating online fraud because offenders and victims, including offender victims, are not computers; therefore, offenders’ interactions, motives, and tactics are very difficult to surmise. To address online fraud, three independent studies were conducted to explore what is known about online fraudsters and investigate what is not accounted. Specifically, a scoping review of offenders SE characteristics and tactics is conducted. In addition, two empirical investigations examining linguistic cues used by offender and offender victims are conducted. for that present day literature or governmental reports do not address. Together, these studies examine the influence of the situational context on offenders’ decision-making process, like their SE characteristics and tactics. The results and limitations associated with each study, along with recommendations for further research are discussed

Exploiting Large Language Models (LLMs) through Deception Techniques and Persuasion Principles

With the recent advent of Large Language Models (LLMs), such as ChatGPT from OpenAI, BARD from Google, Llama2 from Meta, and Claude from Anthropic AI, gain widespread use, ensuring their security and robustness is critical. The widespread use of these language models heavily relies on their reliability and proper usage of this fascinating technology. It is crucial to thoroughly test these models to not only ensure its quality but also possible misuses of such models by potential adversaries for illegal activities such as hacking. This paper presents a novel study focusing on exploitation of such large language models against deceptive interactions. More specifically, the paper leverages widespread and borrows well-known techniques in deception theory to investigate whether these models are susceptible to deceitful interactions. This research aims not only to highlight these risks but also to pave the way for robust countermeasures that enhance the security and integrity of language models in the face of sophisticated social engineering tactics. Through systematic experiments and analysis, we assess their performance in these critical security domains. Our results demonstrate a significant finding in that these large language models are susceptible to deception and social engineering attacks.Comment: 10 pages, 16 tables, 5 figures, IEEE BigData 2023 (Workshops

Facial Behavioral Analysis: A Case Study in Deception Detection

YesThe objective of every wind energy producer is to reduce operational costs associated to the production as a way to increase profits. One other issue that must be looked carefully is the equipment maintenance. Increase the availability of wind turbines by reducing the downtime associated to failures is a good strategy to achieve the main goal of increase profits. As a way to help in the definition of the best maintenance strategies, condition monitoring systems (CMS) have an important role to play. Informatics tools to make the condition monitoring of the wind turbines were developed and are now being installed as a way to help producers reducing the operational costs. There are a lot of developed systems to do the monitoring of a wind turbine or the whole wind park, in this paper will be made an overview of the most important systems

HOW RUSSIA DEFLECTS ACCUSATIONS OF CYBERATTACKS AND DISINFORMATION CAMPAIGNS: AN ANALYSIS OF THE RHETORICAL STRATEGIES OF RT

The government of the Russian Federation is using cyberattacks and information operations against other countries for geopolitical purposes1 . Despite being criticised by international communities, Russia deflects all accusations by justifying its behaviour. To better understand the strategic communication of Russia we analysed the ways in which the largest Russian state-funded international news portal RT.com portrays accusations of cyber- and disinformation attacks. According to our analysis, the articles in RT deflect blame from Russia primarily in four ways: (1) accusations are described as groundless and evidence non-existent; (2) accusers are portrayed as malignant and Russia as the victim; (3) accusers are portrayed as unreliable or ridiculous; and (4) the audience is distracted or made to question the accusations

Personalized Guidelines for Design, Implementation and Evaluation of Anti-phishing Interventions

Background: Current anti-phishing interventions, which typically involve one-size-fits-all solutions, suffer from limitations such as inadequate usability and poor implementation. Human-centric challenges in anti-phishing technologies remain little understood. Research shows a deficiency in the comprehension of end-user preferences, mental states, and cognitive requirements by developers and practitioners involved in the design, implementation, and evaluation of anti-phishing interventions. Aims: This study addresses the current lack of resources and guidelines for the design, implementation and evaluation of anti-phishing interventions, by presenting personalized guidelines to the developers and practitioners. Method: Through an analysis of 53 academic studies and 16 items of grey literature studies, we systematically identified the challenges and recommendations within the anti-phishing interventions, across different practitioner groups and intervention types. Results: We identified 22 dominant factors at the individual, technical, and organizational levels, that affected the effectiveness of anti-phishing interventions and, accordingly, reported 41 guidelines based on the suggestions and recommendations provided in the studies to improve the outcome of anti-phishing interventions. Conclusions: Our dominant factors can help developers and practitioners enhance their understanding of human-centric, technical and organizational issues in anti-phishing interventions. Our customized guidelines can empower developers and practitioners to counteract phishing attacks.Comment: This article is accepted for publication at the IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM) 202