Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Assessing the Influence of Different Types of Probing on Adversarial Decision-Making in a Deception Game

Md Abu Sayed, Mohammad Ariful Islam Khan, Bryant A Allsup, Joshua Zamora, Palvi Aggarwal

TL;DR

This study investigates how probing costs influence adversarial decisions in a deception game with honeypots, using an IBLT-based cognitive framework and delayed feedback. It evaluates three cost schemes ($No\ Cost$, $Set\ Cost$, $Incremental\ Cost$) across $30$ rounds, comparing model results with human data from prior work. The main finding is that probing costs do not meaningfully change the proportion of attacks, though they modestly affect probing behavior; overall attack decisions remain stable. The work supports deception as a practical defense in cybersecurity and demonstrates the utility of IBLT-based modeling for understanding sequential adversarial behavior in deception environments.

Abstract

Deception, which includes leading cyber-attackers astray with false information, has shown to be an effective method of thwarting cyber-attacks. There has been little investigation of the effect of probing action costs on adversarial decision-making, despite earlier studies on deception in cybersecurity focusing primarily on variables like network size and the percentage of honeypots utilized in games. Understanding human decision-making when prompted with choices of various costs is essential in many areas such as in cyber security. In this paper, we will use a deception game (DG) to examine different costs of probing on adversarial decisions. To achieve this we utilized an IBLT model and a delayed feedback mechanism to mimic knowledge of human actions. Our results were taken from an even split of deception and no deception to compare each influence. It was concluded that probing was slightly taken less as the cost of probing increased. The proportion of attacks stayed relatively the same as the cost of probing increased. Although a constant cost led to a slight decrease in attacks. Overall, our results concluded that the different probing costs do not have an impact on the proportion of attacks whereas it had a slightly noticeable impact on the proportion of probing.

Assessing the Influence of Different Types of Probing on Adversarial Decision-Making in a Deception Game

TL;DR

This study investigates how probing costs influence adversarial decisions in a deception game with honeypots, using an IBLT-based cognitive framework and delayed feedback. It evaluates three cost schemes (, , ) across rounds, comparing model results with human data from prior work. The main finding is that probing costs do not meaningfully change the proportion of attacks, though they modestly affect probing behavior; overall attack decisions remain stable. The work supports deception as a practical defense in cybersecurity and demonstrates the utility of IBLT-based modeling for understanding sequential adversarial behavior in deception environments.

Abstract

Deception, which includes leading cyber-attackers astray with false information, has shown to be an effective method of thwarting cyber-attacks. There has been little investigation of the effect of probing action costs on adversarial decision-making, despite earlier studies on deception in cybersecurity focusing primarily on variables like network size and the percentage of honeypots utilized in games. Understanding human decision-making when prompted with choices of various costs is essential in many areas such as in cyber security. In this paper, we will use a deception game (DG) to examine different costs of probing on adversarial decisions. To achieve this we utilized an IBLT model and a delayed feedback mechanism to mimic knowledge of human actions. Our results were taken from an even split of deception and no deception to compare each influence. It was concluded that probing was slightly taken less as the cost of probing increased. The proportion of attacks stayed relatively the same as the cost of probing increased. Although a constant cost led to a slight decrease in attacks. Overall, our results concluded that the different probing costs do not have an impact on the proportion of attacks whereas it had a slightly noticeable impact on the proportion of probing.
Paper Structure (11 sections, 10 figures, 2 tables)

This paper contains 11 sections, 10 figures, 2 tables.

Table of Contents

  1. Introduction
  2. Task Description
  3. Methodology
  4. Experimental Design
  5. Deception Game
  6. Results
  7. Influence of different cost conditions over the trials on adversarial decisions during probe stage
  8. Influence of different cost conditions over the trials on adversarial decisions during attack stage
  9. Analysis of human data
  10. Compare with previous work
  11. Conclusion

Figures (10)

  • Figure 1: Probe stage of Deception Game in increasing cost condition katakwar2022influence.
  • Figure 2: Response received form system at probe stage katakwar2022influence.
  • Figure 3: Attack stage katakwar2022influence.
  • Figure 4: Complete result of the round for increasing cost katakwar2022influence.
  • Figure 5: Impact different probing-cost at probe stage.
  • ...and 5 more figures