PsybORG+: Modeling and Simulation for Detecting Cognitive Biases in Advanced Persistent Threats

TL;DR

APTs pose persistent, stealthy cybersecurity challenges, and attackers' cognitive biases can significantly influence their decision-making in ways that traditional defenses miss. The authors present PsybORG+, a multi-agent simulation framework where APTs are modeled as a Hidden Markov Model with a cognitive-bias vector $\theta$, enabling bias-driven behavior and synthetic data generation; they also implement both model-driven and data-driven bias inference pipelines. Their results show the classifier achieves at least 0.83 accuracy in predicting cognitive vulnerabilities, and Bayesian inference attains about 0.965 accuracy for bias state inference, with synthetic data exhibiting close alignment to real parameter distributions for loss aversion and confirmation bias (but less so for sunk cost fallacy). Overall, PsybORG+ provides a cyberpsychology benchmarking platform that supports bias-aware defense design and large-scale synthetic data generation, aiding researchers and practitioners in understanding and mitigating cognitive biases in APTs. These capabilities enable more realistic testing and benchmarking of defensive strategies against cognitively biased adversaries, advancing practical cyber defense and security research.

Abstract

Advanced Persistent Threats (APTs) bring significant challenges to cybersecurity due to their sophisticated and stealthy nature. Traditional cybersecurity measures fail to defend against APTs. Cognitive vulnerabilities can significantly influence attackers' decision-making processes, which presents an opportunity for defenders to exploit. This work introduces PsybORG$^+$, a multi-agent cybersecurity simulation environment designed to model APT behaviors influenced by cognitive vulnerabilities. A classification model is built for cognitive vulnerability inference and a simulator is designed for synthetic data generation. Results show that PsybORG$^+$ can effectively model APT attackers with different loss aversion and confirmation bias levels. The classification model has at least a 0.83 accuracy rate in predicting cognitive vulnerabilities.

Figures (6)

• Figure 1: Base rate neglect of an APT attacker. In the attacker's view (black rectangle), all high-value files have 'SWIFT' in their filenames. This attacker may hold a belief that 'SWIFT' implies high value. However, these files only account for a small portion of the high-value files. To exploit this cognitive bias, the defender can deploy decoy files containing 'SWIFT' in their filenames to attract the attacker.
• Figure 2: Influence of sunk cost fallacy: The figure compares attack patterns of attackers with (blue) and without (orange) sunk cost fallacy across different targets. The attacker influenced by sunk cost fallacy shows a strong preference for target 7, investing significantly more attempts (about 15) compared to other targets. This behavior reflects the tendency to persist with a chosen path due to previous investment.
• Figure 3: An APT Hidden Markov Model: Attackers can take actions (blue and green lines) to transition between different life cycle stages. Each dotted box represents an APT attack life cycle. The transition between biases (black lines) happens if and only if the attacker is exposed to a trigger.
• Figure 4: State transition diagram of a red agent's life stage in PsybORG$^+$. An APT life stage starts when the IP of a host is known. Actions 1-7 are actions in CybORG, while actions 8-12 are newly added. The R stage is divided into 3 sub-stages: RD, RF, and RC, with overlapping action spaces. RD represents that the root shell is successfully built. RF indicates that some crackable files have been found on this host. RC means that at least one credential file has been validated.
• Figure 5: Data-driven Decision Tree. $p(u_a)$ denotes the rate of taking aggressive service discovery. $p(u_c)$ represents the rate of doing credential file confirming. $f$ represents the maximum attempts of file cracking applied to the same file in the action sequence.