Deception in Game Theory: A Survey and Multiobjective Model

Game theory is the study of mathematical models of conflict. It provides tools for analyzing dynamic interactions between multiple agents and (in some cases) across multiple interactions. This thesis contains two scholarly articles. The first article is a survey of game-theoretic models of deception. The survey describes the ways researchers use game theory to measure the practicality of deception, model the mechanisms for performing deception, analyze the outcomes of deception, and respond to, or mitigate the effects of deception. The survey highlights several gaps in the literature. One important gap concerns the benefit-cost-risk trade-off made during deception planning. To address this research gap, the second article introduces a novel approach for modeling these trade-offs. The approach uses a game theoretic model of deception to define a new multiobjective optimization problem called the deception design problem (DDP). Solutions to the DDP provide courses of deceptive action that are efficient in terms of their benefit, cost, and risk to the deceiver. A case study based on the output of an air-to-air combat simulator demonstrates the DDP in a 7 x 7 normal form game. This approach is the first to evaluate benefit, cost, and risk in a single game theoretic model of deception

A Comprehensive Insight into Game Theory in relevance to Cyber Security

The progressively ubiquitous connectivity in the present information systems pose newer challenges tosecurity. The conventional security mechanisms have come a long way in securing the well-definedobjectives of confidentiality, integrity, authenticity and availability. Nevertheless, with the growth in thesystem complexities and attack sophistication, providing security via traditional means can beunaffordable. A novel theoretical perspective and an innovative approach are thus required forunderstanding security from decision-making and strategic viewpoint. One of the analytical tools whichmay assist the researchers in designing security protocols for computer networks is game theory. Thegame-theoretic concept finds extensive applications in security at different levels, including thecyberspace and is generally categorized under security games. It can be utilized as a robust mathematicaltool for modelling and analyzing contemporary security issues. Game theory offers a natural frameworkfor capturing the defensive as well as adversarial interactions between the defenders and the attackers.Furthermore, defenders can attain a deep understanding of the potential attack threats and the strategiesof attackers by equilibrium evaluation of the security games. In this paper, the concept of game theoryhas been presented, followed by game-theoretic applications in cybersecurity including cryptography.Different types of games, particularly those focused on securing the cyberspace, have been analysed andvaried game-theoretic methodologies including mechanism design theories have been outlined foroffering a modern foundation of the science of cybersecurity

Strategic Learning for Active, Adaptive, and Autonomous Cyber Defense

The increasing instances of advanced attacks call for a new defense paradigm that is active, autonomous, and adaptive, named as the \texttt{`3A'} defense paradigm. This chapter introduces three defense schemes that actively interact with attackers to increase the attack cost and gather threat information, i.e., defensive deception for detection and counter-deception, feedback-driven Moving Target Defense (MTD), and adaptive honeypot engagement. Due to the cyber deception, external noise, and the absent knowledge of the other players' behaviors and goals, these schemes possess three progressive levels of information restrictions, i.e., from the parameter uncertainty, the payoff uncertainty, to the environmental uncertainty. To estimate the unknown and reduce uncertainty, we adopt three different strategic learning schemes that fit the associated information restrictions. All three learning schemes share the same feedback structure of sensation, estimation, and actions so that the most rewarding policies get reinforced and converge to the optimal ones in autonomous and adaptive fashions. This work aims to shed lights on proactive defense strategies, lay a solid foundation for strategic learning under incomplete information, and quantify the tradeoff between the security and costs.Comment: arXiv admin note: text overlap with arXiv:1906.1218

A Temporal Framework for Hypergame Analysis of Cyber Physical Systems in Contested Environments

Game theory is used to model conflicts between one or more players over resources. It offers players a way to reason, allowing rationale for selecting strategies that avoid the worst outcome. Game theory lacks the ability to incorporate advantages one player may have over another player. A meta-game, known as a hypergame, occurs when one player does not know or fully understand all the strategies of a game. Hypergame theory builds upon the utility of game theory by allowing a player to outmaneuver an opponent, thus obtaining a more preferred outcome with higher utility. Recent work in hypergame theory has focused on normal form static games that lack the ability to encode several realistic strategies. One example of this is when a player’s available actions in the future is dependent on his selection in the past. This work presents a temporal framework for hypergame models. This framework is the first application of temporal logic to hypergames and provides a more flexible modeling for domain experts. With this new framework for hypergames, the concepts of trust, distrust, mistrust, and deception are formalized. While past literature references deception in hypergame research, this work is the first to formalize the definition for hypergames. As a demonstration of the new temporal framework for hypergames, it is applied to classical game theoretical examples, as well as a complex supervisory control and data acquisition (SCADA) network temporal hypergame. The SCADA network is an example includes actions that have a temporal dependency, where a choice in the first round affects what decisions can be made in the later round of the game. The demonstration results show that the framework is a realistic and flexible modeling method for a variety of applications

Anti-war and the cyber triangle : strategic implications of cyber operations and cyber security for the state

[From the introduction:]The main driver for this choice of research was the growing influence of Internet-related issues in contemporary politics in various fields. 2009 saw an intensification of this link between information and communication technologies and international relations, particularly in the field of intelligence and military, with the revelation of notorious cyber operations such as AURORA, Ghostnet and Night Dragon (see chapter II). While those events started to attract the broader attention of academics, it was not until the discovery of the Stuxnet malware in 2010 (see chapter IV) that the issue gained momentum in other fields as well. A computer malware targeting a nuclear enrichment facility in a foreign country amidst a latent conflict certainly raised a lot of questions that demanded answers. Its sophisticated design and potential implications for international relations as well as strategic studies was one of the main inspirations for this research.While the emergence of literature on espionage and sabotage in conjunction with the Internet can be traced back to the 1990's, Kello recognises that even in 2013 it remains a weakly developed area, stating that '[t]he range of conceivable cyber conflict is poorly understood by scholars and decision-makers, and it is unclear how conventional security mechanisms, such as deterrence and collective defence apply to this phenomenon' (Kello, 2013: 7). Thus, the aim of this research is to contribute to the literature in this way '[…] in addition to elucidating empirical cyber events, scholars can guide the design of policies to affect them' (Kello, 2013: 38-39). Undertaking research in a field which is state-of-the-art and therefore, highly volatile, presents a particular academic challenge. It does also however enable a researcher to make a potentially crucial contribution, a dent, in the current debate. In areas of research in a vacuum exists, it is imperative for scholars to contribute to filling up that academic lacuna. The main outcome therefore is supposed to be a contribution to the academic debate on the strategic relevance and conduct of cyber operations and the state’s response to it. The intellectual tools developed as part of this research may be of future use for policy-makers. The underlying question for the research is: What are the strategic implications of cyber operations for the state?The Economist recently saw 'intensifying cyber threats' as one of the top challenges for 2014 (The Economist, 2014). The revelations of the past years, starting with Stuxnet, Operation AURORA, APT-1, Red October and activities derived from the NSA Documents revealed by whistleblower Edward Snowden indicate that this threat will not abate soon. More and more states are readying themselves for future conflicts by developing defensive as well offensive cyber operations capabilities (Lewis, 2013b: 9-55). The latest domain for conflict resolution is currently being explored and exploited too by a growing number of different stakeholders. Based on the increased number of stakeholders and the intensity and number of occurrences of said events (see section 3.5 and appendix), its contemporary relevance is high and has been increasing for several years and looks set to continue. Guiding principles in the field of strategy is an important part of this development. Though the debate on strategic implications of cyber operations started in the early 1990's, and promoted under the auspices of the RAND Corporation, '[i]ntellectually, we are in a position not unlike that faced 65 years ago as we began to develop our thinking about nuclear weapons' (Kramer, 2012: I). Nye agrees, stating that 'in comparison to the nuclear revolution in military affairs, strategic studies of the cyber domain are chronologically equivalent to 1960 but conceptually more equivalent to 1950. Analysts are still not clear about the lessons of offense, defense, deterrence, escalation, norms, arms control, or how they fit together into a national strategy' (Nye, 2011: 19). Thus, an intensive academic analysis of this field is pivotal, especially within the framework of strategic studies, in order to enable strategic adaptation and decision-making (Kello, 2013: 14). The timeliness of events, paired with the lack of a properly developed strategic framework, signify the increased contemporary relevance for research of the strategic implications of cyber operations for the state.Definitions are very important in political science, and only more so for research in the field of cyber operations. In the absence of commonly agreed upon definitions for cyber operations, and a multitude of other terms such as cyber warfare, digital warfare, information warfare, electronic warfare (see sub-sections 3.1 and 3.2 as well as section 4) which are at once related and disparate, mean that clarity in definitions is centrally important. While definitions might normally differ slightly, all elements included in the definition of cyber operations might vary. This includes the stakeholders (and their representation as entity in the cyber domain), the means to conduct cyber operations, the platform where it is conducted (for example all digital devices, Internet only, electromagnetic spectrum) and the operations through which it is conducted (for example, if cyber espionage is included or not).Therefore, the coherent and comprehensive definition is of vital importance for the understanding of the research and more so for its outcomes. The terminology of this research applies for the state in the cyber domain, cyber operations and cyber strategy. Thus, the three key definitions which are developed in this research can be found below.The state and its representation in the cyber domain is defined in chapter I: The state’s representation of the cyber domain is the Critical National Information Infrastructure (CNII). The CNII is composed of a particular part of the information infrastructure which is vital to the function of the state according to the state-teachings of Jellinek: territory, people and legitimate use of violence.The definition of cyber operations as developed in chapter II: A cyber operation is the targeted use and hack of digital code by any individual, group, organization or state using digital networks, systems and connected devices, which is directed against CNII in order to steal, alter, destroy information or disrupt and deny functionality with the ultimate aim to weaken and/ or harm a targeted political unit.Subsequently, the definition of a cyber strategy in chapter IV: The development and employment of cyber operations, potentially integrated and coordinated with other operational domains and forms of information operations, to achieve or support the achievement of political objectives

On Proportionate and Truthful International Alliance Contributions: An Analysis of Incentive Compatible Cost Sharing Mechanisms to Burden Sharing

Burden sharing within an international alliance is a contentious topic, especially in the current geopolitical environment, that in practice is generally imposed by a central authority\u27s perception of its members\u27 abilities to contribute. Instead, we propose a cost sharing mechanism such that burden shares are allocated to nations based on their honest declarations of the alliance\u27s worth. Specifically, we develop a set of multiobjective nonlinear optimization problem formulations that respectively impose Bayesian Incentive Compatible (BIC), Strategyproof (SP), and Group Strategyproof (GSP) mechanisms based on probabilistic inspection efforts and deception penalties that are budget balanced and in the core. Any feasible solution to these problems corresponds to a single stage Bayesian stochastic game wherein a collectively honest declaration is a Bayes-Nash equilibrium, a Nash Equilibrium in dominant strategies, or a collusion resistant Nash equilibrium, respectively, but the optimal solution considers the alliance\u27s central authority preferences. Each formulation is shown to be a nonconvex optimization problem. The solution quality and computational effort required for three heuristic algorithms as well as the BARON global solver are analyzed to determine the superlative solution methodology for each problem. The Pareto fronts associated with each multiobjective optimization problem are examined to determine the tradeoff between inspection frequency and penalty severity required to obtain truthfulness under stronger assumptions. Memory limitations are examined to ascertain the size of alliances for which the proposed methodology can be utilized. Finally, a full block design experiment considering the clustering of available alliance valuations and the member nations\u27 probability distributions therein is executed on an intermediate-sized alliance motivated by the South American alliance UNASUR