Skip to main content
SpringerLink
Log in

Adaptive Cyberdefense with Deception: A Human–AI Cognitive Approach

  • Chapter
  • First Online:
Cyber Deception

Part of the book series: Advances in Information Security ((ADIS,volume 89))

Abstract

Achieving a level of dynamic and adaptive autonomy in cyber defense is highly desirable to advance the capabilities of cyber defense to a whole new level of effectiveness. In such a futuristic cyber defense framework, human defenders, autonomy (Artificial Intelligence, AI), and cognitive models collaborate in a team to deploy the most effective defense strategies utilizing cyber deception. AI defenders have significantly larger capabilities than humans analysts, they can rapidly obtain activity throughout the network and predict potential vulnerabilities; cognitive models “clone” human memory (end users, attackers, and defenders) by tracing human actions and predict the next human decision. These capabilities are then transformed into explicit cyber defense strategies that the human defender can decide to deploy in the network. Such an ideal cyber defense framework is a vision of the future, and our current research program has achieved significant theoretical and empirical progress towards developing Human–AI teaming using cognitive models integrated into an Adaptive Cyber defense framework. In this chapter, we summarize our advances to the current generic and static techniques of cyber defense toward adaptive cyber defense using deception. We provide a high-level overview of the advances we have achieved by using a cognitive approach for modeling the attacker’s and end-user’s decisions; exploring various deception techniques; and performing empirical demonstrations of these deception techniques in tasks of increasing complexity and realism. We conclude with a discussion of the visionary framework of Human–AI Cognitive teaming for cyber defense, where we highlight the most important challenges ahead to achieve this vision.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 169.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Aggarwal, P., Gautam, A., Agarwal, V., Gonzalez, C., Dutt, V.: HackIT: a human-in-the-loop simulation tool for realistic cyber deception experiments. In: International Conference on Applied Human Factors and Ergonomics, pp. 109–121. Springer (2019)

    Google Scholar 

  2. Aggarwal, P., Thakoor, O., Mate, A., Tambe, M., Cranford, E.A., Lebiere, C., Gonzalez, C.: An exploratory study of a masking strategy of cyberdeception using cybervan. In: Proceedings of the Human Factors and Ergonomics Society Annual Meeting, vol. 64, pp. 446–450. SAGE Publications Sage CA, Los Angeles, CA (2020)

    Google Scholar 

  3. Aggarwal, P., Du, Y., Singh, K., Gonzalez, C.: Decoys in cybersecurity: An exploratory study to test the effectiveness of 2-sided deception. Preprint (2021a). arXiv:2108.11037

    Google Scholar 

  4. Aggarwal, P., Du, Y., Singh, K., Uttrani, S., Dutt, V., Gonzalez, C.: Effectiveness of deploying honeypots in different network topologies (2021b)

    Google Scholar 

  5. Aggarwal, P., Gutierrez, M., Kiekintveld, C.D., Bošanskỳ, B., Gonzalez, C.: Evaluating adaptive deception strategies for cyber defense with human adversaries. Game Theory and Machine Learning for Cyber Security, pp. 77–96 (2021c)

    Google Scholar 

  6. Aggarwal, P., Thakoor, O., Jabbari, S., Tambe, M., Cranford, E.A., Lebiere, C., Gonzalez, C.: Designing effective masking strategies for cyberdefense through human experimentation and cognitive models. Computers and Security (2021d)

    Google Scholar 

  7. Al-Shaer, E., Wei, J., Hamlen, K.W., Wang, C.: Honeypot deception tactics. In: Autonomous Cyber Deception, pp. 35–45. Springer (2019)

    Google Scholar 

  8. Almeshekah, M.H., Spafford, E.H.: Cyber security deception. In: Cyber Deception, pp. 23–50. Springer (2016)

    Google Scholar 

  9. Anderson, J.R., Lebiere, C.J.: The Atomic Components of Thought. Psychology Press (2014)

    Google Scholar 

  10. Buchler, N., Rajivan, P., Marusich, L.R., Lightner, L., Gonzalez, C.: Sociometrics and observational assessment of teaming and leadership in a cyber security defense competition. Comput. Secur. 73, 114–136 (2018)

    Article  Google Scholar 

  11. Chadha, R., Bowen, T., Chiang, C.Y.J., Gottlieb, Y.M., Poylisher, A., Sapello, A., Serban, C., Sugrim, S., Walther, G., Marvel, L.M., et al.: Cybervan: A cyber security virtual assured network testbed. In: MILCOM 2016-2016 IEEE Military Communications Conference, pp. 1125–1130. IEEE (2016)

    Google Scholar 

  12. Cooney, S., Vayanos, P., Nguyen, T.H., Gonzalez, C., Lebiere, C., Cranford, E.A., Tambe, M.: Warning time: Optimizing strategic signaling for security against boundedly rational adversaries. In: Proceedings of the 18th International Conference on Autonomous Agents and MultiAgent Systems, pp. 1892–1894. International Foundation for Autonomous Agents and Multiagent Systems (2019)

    Google Scholar 

  13. Cooney, S., Wang, K., Bondi, E., Nguyen, T., Vayano, P., Winetrobe, H., Cranford, E.A., Gonzalez, C., Lebiere, C., Tambe, Milind: Learning to signal in the goldilocks zone: Improving adversary compliance in security games. In: Joint European Conference on Machine Learning and Knowledge Discovery in Databases. Springer (2019)

    Google Scholar 

  14. Cranford, E.A., Lebiere, C., Gonzalez, C., Cooney, S., Vayanos, P., Tambe, M.: Learning about cyber deception through simulations: Predictions of human decision making with deceptive signals in Stackelberg security games. In: CogSci (2018)

    Google Scholar 

  15. Cranford, E.A., Gonzalez, C., Aggarwal, P., Cooney, S., Tambe, M., Lebiere, C.: Towards personalized deceptive signaling for cyber defense using cognitive models. In: 17th Annual Meeting of the International Conference on Cognitive Modelling, Montreal, CA (2019)

    Google Scholar 

  16. Cranford, E.A., Lebiere, C., Rajivan, P., Aggarwal, P., Gonzalez, C.: Modeling cognitive dynamics in end-user response to phishing emails. In: 17th Annual Meeting of the International Conference on Cognitive Modelling, Montreal, CA (2019)

    Google Scholar 

  17. Cranford, E.A., Gonzalez, C., Aggarwal, P., Tambe, M., Lebiere, C.: What attackers know and what they have to lose: Framing effects on cyber-attacker decision making. In: Proceedings of the Human Factors and Ergonomics Society Annual Meeting, vol. 64, pp. 456–460. SAGE Publications Sage CA, Los Angeles, CA (2020)

    Google Scholar 

  18. Cranford, E.A., Lebiere, C., Aggarwal, P., Gonzalez, C., Tambe, M.: Adaptive cyber deception: Cognitively-informed signaling for cyber defense. In: Proceedings of the 53rd Hawaii International Conference on System Sciences (submitted). IEEE (2020)

    Google Scholar 

  19. Cranford, E.A., Gonzalez, C., Aggarwal, P., Tambe, M., Cooney, S., Lebiere, C.: Towards a cognitive theory of cyber deception. Cognitive Science 45(7), e13013 (2021)

    Article  Google Scholar 

  20. Dutt, V., Ahn, Y.S., Gonzalez, C.: Cyber situation awareness: modeling detection of cyber attacks with instance-based learning theory. Human Factors 55(3), 605–618 (2013)

    Article  Google Scholar 

  21. Gambetta, D.: Signaling, p. 168–194. Oxford University Press (2011). https://doi.org/10.1093/oxfordhb/9780199215362.013.8

  22. Gonzalez, C., Dutt, V.: Instance-based learning: Integrating sampling and repeated decisions from experience. Psychological Review 118(4), 523 (2011)

    Article  Google Scholar 

  23. Gonzalez, C., Lerch, J.F., Lebiere, C.: Instance-based learning in dynamic decision making. Cognitive Science 27(4), 591–635 (2003)

    Article  Google Scholar 

  24. Gonzalez, C., Ben-Asher, N., Oltramari, A., Lebiere, C.: Cognition and technology. In: Cyber Defense and Situational Awareness, pp. 93–117. Springer (2014)

    Google Scholar 

  25. Gonzalez, C., Aggarwal, P., Lebiere, C., Cranford, E.: Design of dynamic and personalized deception: A research framework and new insights (2020)

    Google Scholar 

  26. Gutierrez, M., Cernỳ, J., Ben-Asher, N., Aharonov-Majar, E., Bosanskỳ, B., Kiekintveld, C., Gonzalez, C.: Evaluating models of human behavior in an adversarial multi-armed bandit problem. In: CogSci, pp. 394–400 (2019)

    Google Scholar 

  27. Lejarraga, T., Dutt, V., Gonzalez, C.: Instance-based learning: A general model of repeated binary choice. J. Behav. Decis. Mak. 25(2), 143–153 (2012)

    Article  Google Scholar 

  28. Pawlick, J., Colbert, E., Zhu, Q.: A game-theoretic taxonomy and survey of defensive deception for cybersecurity and privacy. Preprint (2017). arXiv:1712.05441

    Google Scholar 

  29. Rajivan, P., Gonzalez, C.: Creative persuasion: A study on adversarial behaviors and strategies in phishing attacks. Front. Psychol. 9, 135 (2018)

    Article  Google Scholar 

  30. Schlenker, A., Thakoor, O., Xu, H., Tambe, M., Vayanos, P., Fang, F., Tran-Thanh, L., Vorobeychik, Y.: Deceiving cyber adversaries: A game theoretic approach. In: International Conference on Autonomous Agents and Multiagent Systems (2018)

    Google Scholar 

  31. Singh, K., Aggarwal, P., Rajivan, P., Gonzalez, C.: Training to detect phishing emails: Effects of the frequency of experienced phishing emails. In: Proceedings of the Human Factors and Ergonomics Society Annual Meeting, vol. 63, pp. 453–457. SAGE Publications Sage CA, Los Angeles, CA (2019)

    Google Scholar 

  32. Singh, K., Aggarwal, P., Rajivan, P., Gonzalez, C.: What makes phishing emails hard for humans to detect? In: Proceedings of the Human Factors and Ergonomics Society Annual Meeting, vol. 64, pp. 431–435. SAGE Publications Sage CA, Los Angeles, CA (2020)

    Google Scholar 

  33. Somers, S., Oltramari, A., Lebiere, C.: Cognitive twin: A cognitive approach to personalized assistants (2020)

    Google Scholar 

  34. Thakoor, O., Jabbari, S., Aggarwal, P., Gonzalez, C., Tambe, M., Vayanos, P.: Exploiting bounded rationality in risk-based cyber camouflage games. In: International Conference on Decision and Game Theory for Security, pp. 103–124. Springer (2020)

    Google Scholar 

  35. Xu, H., Rabinovich, Z., Dughmi, S., Tambe, M.: Exploring information asymmetry in two-stage security games. In: Twenty-Ninth AAAI Conference on Artificial Intelligence (2015)

    Google Scholar 

Download references

Acknowledgements

This research was sponsored by the Army Research Office and accomplished under grant number W911NF-17-1-0370 (MURI Cyberdeception). Some of the work discussed in this chapter was sponsored by the Combat Capabilities Development Command Army Research Laboratory and was accomplished under Cooperative Agreement Number W911NF-13-2-0045 (ARL Cyber Security CRA).

Author information

Authors and Affiliations

  1. Carnegie Mellon University, Pittsburgh, PA, USA

    Cleotilde Gonzalez, Edward A. Cranford & Christian Lebiere

  2. University of Texas, El Paso, TX, USA

    Palvi Aggarwal

Authors
  1. Cleotilde Gonzalez
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Palvi Aggarwal
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Edward A. Cranford
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Christian Lebiere
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Cleotilde Gonzalez .

Editor information

Editors and Affiliations

  1. Arizona State University, Tempe, AZ, USA

    Tiffany Bao

  2. Harvard University, Cambridge, MA, USA

    Milind Tambe

  3. Army Research Office, Adelphi, MD, USA

    Cliff Wang

Rights and permissions

Reprints and permissions

Copyright information

© 2023 This is a U.S. government work and not under copyright protection in the U.S.; foreign copyright protection may apply

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Gonzalez, C., Aggarwal, P., Cranford, E.A., Lebiere, C. (2023). Adaptive Cyberdefense with Deception: A Human–AI Cognitive Approach. In: Bao, T., Tambe, M., Wang, C. (eds) Cyber Deception. Advances in Information Security, vol 89. Springer, Cham. https://doi.org/10.1007/978-3-031-16613-6_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-16613-6_3

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-16612-9

  • Online ISBN: 978-3-031-16613-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation