We gratefully acknowledge support from
the Simons Foundation and member institutions.
Full-text links:

Download:

Current browse context:

cs.CR

Change to browse by:

References & Citations

DBLP - CS Bibliography

Bookmark

(what is this?)
CiteULike logo BibSonomy logo Mendeley logo del.icio.us logo Digg logo Reddit logo ScienceWISE logo

Computer Science > Cryptography and Security

Title: Asymptotic Security using Bayesian Defense Mechanism with Application to Cyber Deception

Abstract: This paper addresses the question whether model knowledge can guide a defender to appropriate decisions, or not, when an attacker intrudes into control systems. The model-based defense scheme considered in this study, namely Bayesian defense mechanism, chooses reasonable reactions through observation of the system's behavior using models of the system's stochastic dynamics, the vulnerability to be exploited, and the attacker's objective. On the other hand, rational attackers take deceptive strategies for misleading the defender into making inappropriate decisions. In this paper, their dynamic decision making is formulated as a stochastic signaling game. It is shown that the belief of the true scenario has a limit in a stochastic sense at an equilibrium based on martingale analysis. This fact implies that there are only two possible cases: the defender asymptotically detects the attack with a firm belief, or the attacker takes actions such that the system's behavior becomes nominal after a finite time step. Consequently, if different scenarios result in different stochastic behaviors, the Bayesian defense mechanism guarantees the system to be secure in an asymptotic manner provided that effective countermeasures are implemented. As an application of the finding, a defensive deception utilizing asymmetric recognition of vulnerabilities exploited by the attacker is analyzed. It is shown that the attacker possibly stops the attack even if the defender is unaware of the exploited vulnerabilities as long as the defender's unawareness is concealed by the defensive deception.
Comments: 16 pages
Subjects: Cryptography and Security (cs.CR); Computer Science and Game Theory (cs.GT); Systems and Control (eess.SY)
Cite as: arXiv:2201.02351 [cs.CR]
  (or arXiv:2201.02351v2 [cs.CR] for this version)

Submission history

From: Hampei Sasahara [view email]
[v1] Fri, 7 Jan 2022 07:22:00 GMT (1574kb,D)
[v2] Tue, 8 Feb 2022 09:33:12 GMT (1578kb,D)

Link back to: arXiv, form interface, contact.