Abstract
Achieving a level of dynamic and adaptive autonomy in cyber defense is highly desirable to advance the capabilities of cyber defense to a whole new level of effectiveness. In such a futuristic cyber defense framework, human defenders, autonomy (Artificial Intelligence, AI), and cognitive models collaborate in a team to deploy the most effective defense strategies utilizing cyber deception. AI defenders have significantly larger capabilities than humans analysts, they can rapidly obtain activity throughout the network and predict potential vulnerabilities; cognitive models “clone” human memory (end users, attackers, and defenders) by tracing human actions and predict the next human decision. These capabilities are then transformed into explicit cyber defense strategies that the human defender can decide to deploy in the network. Such an ideal cyber defense framework is a vision of the future, and our current research program has achieved significant theoretical and empirical progress towards developing Human–AI teaming using cognitive models integrated into an Adaptive Cyber defense framework. In this chapter, we summarize our advances to the current generic and static techniques of cyber defense toward adaptive cyber defense using deception. We provide a high-level overview of the advances we have achieved by using a cognitive approach for modeling the attacker’s and end-user’s decisions; exploring various deception techniques; and performing empirical demonstrations of these deception techniques in tasks of increasing complexity and realism. We conclude with a discussion of the visionary framework of Human–AI Cognitive teaming for cyber defense, where we highlight the most important challenges ahead to achieve this vision.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Aggarwal, P., Gautam, A., Agarwal, V., Gonzalez, C., Dutt, V.: HackIT: a human-in-the-loop simulation tool for realistic cyber deception experiments. In: International Conference on Applied Human Factors and Ergonomics, pp. 109–121. Springer (2019)
Aggarwal, P., Thakoor, O., Mate, A., Tambe, M., Cranford, E.A., Lebiere, C., Gonzalez, C.: An exploratory study of a masking strategy of cyberdeception using cybervan. In: Proceedings of the Human Factors and Ergonomics Society Annual Meeting, vol. 64, pp. 446–450. SAGE Publications Sage CA, Los Angeles, CA (2020)
Aggarwal, P., Du, Y., Singh, K., Gonzalez, C.: Decoys in cybersecurity: An exploratory study to test the effectiveness of 2-sided deception. Preprint (2021a). arXiv:2108.11037
Aggarwal, P., Du, Y., Singh, K., Uttrani, S., Dutt, V., Gonzalez, C.: Effectiveness of deploying honeypots in different network topologies (2021b)
Aggarwal, P., Gutierrez, M., Kiekintveld, C.D., Bošanskỳ, B., Gonzalez, C.: Evaluating adaptive deception strategies for cyber defense with human adversaries. Game Theory and Machine Learning for Cyber Security, pp. 77–96 (2021c)
Aggarwal, P., Thakoor, O., Jabbari, S., Tambe, M., Cranford, E.A., Lebiere, C., Gonzalez, C.: Designing effective masking strategies for cyberdefense through human experimentation and cognitive models. Computers and Security (2021d)
Al-Shaer, E., Wei, J., Hamlen, K.W., Wang, C.: Honeypot deception tactics. In: Autonomous Cyber Deception, pp. 35–45. Springer (2019)
Almeshekah, M.H., Spafford, E.H.: Cyber security deception. In: Cyber Deception, pp. 23–50. Springer (2016)
Anderson, J.R., Lebiere, C.J.: The Atomic Components of Thought. Psychology Press (2014)
Buchler, N., Rajivan, P., Marusich, L.R., Lightner, L., Gonzalez, C.: Sociometrics and observational assessment of teaming and leadership in a cyber security defense competition. Comput. Secur. 73, 114–136 (2018)
Chadha, R., Bowen, T., Chiang, C.Y.J., Gottlieb, Y.M., Poylisher, A., Sapello, A., Serban, C., Sugrim, S., Walther, G., Marvel, L.M., et al.: Cybervan: A cyber security virtual assured network testbed. In: MILCOM 2016-2016 IEEE Military Communications Conference, pp. 1125–1130. IEEE (2016)
Cooney, S., Vayanos, P., Nguyen, T.H., Gonzalez, C., Lebiere, C., Cranford, E.A., Tambe, M.: Warning time: Optimizing strategic signaling for security against boundedly rational adversaries. In: Proceedings of the 18th International Conference on Autonomous Agents and MultiAgent Systems, pp. 1892–1894. International Foundation for Autonomous Agents and Multiagent Systems (2019)
Cooney, S., Wang, K., Bondi, E., Nguyen, T., Vayano, P., Winetrobe, H., Cranford, E.A., Gonzalez, C., Lebiere, C., Tambe, Milind: Learning to signal in the goldilocks zone: Improving adversary compliance in security games. In: Joint European Conference on Machine Learning and Knowledge Discovery in Databases. Springer (2019)
Cranford, E.A., Lebiere, C., Gonzalez, C., Cooney, S., Vayanos, P., Tambe, M.: Learning about cyber deception through simulations: Predictions of human decision making with deceptive signals in Stackelberg security games. In: CogSci (2018)
Cranford, E.A., Gonzalez, C., Aggarwal, P., Cooney, S., Tambe, M., Lebiere, C.: Towards personalized deceptive signaling for cyber defense using cognitive models. In: 17th Annual Meeting of the International Conference on Cognitive Modelling, Montreal, CA (2019)
Cranford, E.A., Lebiere, C., Rajivan, P., Aggarwal, P., Gonzalez, C.: Modeling cognitive dynamics in end-user response to phishing emails. In: 17th Annual Meeting of the International Conference on Cognitive Modelling, Montreal, CA (2019)
Cranford, E.A., Gonzalez, C., Aggarwal, P., Tambe, M., Lebiere, C.: What attackers know and what they have to lose: Framing effects on cyber-attacker decision making. In: Proceedings of the Human Factors and Ergonomics Society Annual Meeting, vol. 64, pp. 456–460. SAGE Publications Sage CA, Los Angeles, CA (2020)
Cranford, E.A., Lebiere, C., Aggarwal, P., Gonzalez, C., Tambe, M.: Adaptive cyber deception: Cognitively-informed signaling for cyber defense. In: Proceedings of the 53rd Hawaii International Conference on System Sciences (submitted). IEEE (2020)
Cranford, E.A., Gonzalez, C., Aggarwal, P., Tambe, M., Cooney, S., Lebiere, C.: Towards a cognitive theory of cyber deception. Cognitive Science 45(7), e13013 (2021)
Dutt, V., Ahn, Y.S., Gonzalez, C.: Cyber situation awareness: modeling detection of cyber attacks with instance-based learning theory. Human Factors 55(3), 605–618 (2013)
Gambetta, D.: Signaling, p. 168–194. Oxford University Press (2011). https://doi.org/10.1093/oxfordhb/9780199215362.013.8
Gonzalez, C., Dutt, V.: Instance-based learning: Integrating sampling and repeated decisions from experience. Psychological Review 118(4), 523 (2011)
Gonzalez, C., Lerch, J.F., Lebiere, C.: Instance-based learning in dynamic decision making. Cognitive Science 27(4), 591–635 (2003)
Gonzalez, C., Ben-Asher, N., Oltramari, A., Lebiere, C.: Cognition and technology. In: Cyber Defense and Situational Awareness, pp. 93–117. Springer (2014)
Gonzalez, C., Aggarwal, P., Lebiere, C., Cranford, E.: Design of dynamic and personalized deception: A research framework and new insights (2020)
Gutierrez, M., Cernỳ, J., Ben-Asher, N., Aharonov-Majar, E., Bosanskỳ, B., Kiekintveld, C., Gonzalez, C.: Evaluating models of human behavior in an adversarial multi-armed bandit problem. In: CogSci, pp. 394–400 (2019)
Lejarraga, T., Dutt, V., Gonzalez, C.: Instance-based learning: A general model of repeated binary choice. J. Behav. Decis. Mak. 25(2), 143–153 (2012)
Pawlick, J., Colbert, E., Zhu, Q.: A game-theoretic taxonomy and survey of defensive deception for cybersecurity and privacy. Preprint (2017). arXiv:1712.05441
Rajivan, P., Gonzalez, C.: Creative persuasion: A study on adversarial behaviors and strategies in phishing attacks. Front. Psychol. 9, 135 (2018)
Schlenker, A., Thakoor, O., Xu, H., Tambe, M., Vayanos, P., Fang, F., Tran-Thanh, L., Vorobeychik, Y.: Deceiving cyber adversaries: A game theoretic approach. In: International Conference on Autonomous Agents and Multiagent Systems (2018)
Singh, K., Aggarwal, P., Rajivan, P., Gonzalez, C.: Training to detect phishing emails: Effects of the frequency of experienced phishing emails. In: Proceedings of the Human Factors and Ergonomics Society Annual Meeting, vol. 63, pp. 453–457. SAGE Publications Sage CA, Los Angeles, CA (2019)
Singh, K., Aggarwal, P., Rajivan, P., Gonzalez, C.: What makes phishing emails hard for humans to detect? In: Proceedings of the Human Factors and Ergonomics Society Annual Meeting, vol. 64, pp. 431–435. SAGE Publications Sage CA, Los Angeles, CA (2020)
Somers, S., Oltramari, A., Lebiere, C.: Cognitive twin: A cognitive approach to personalized assistants (2020)
Thakoor, O., Jabbari, S., Aggarwal, P., Gonzalez, C., Tambe, M., Vayanos, P.: Exploiting bounded rationality in risk-based cyber camouflage games. In: International Conference on Decision and Game Theory for Security, pp. 103–124. Springer (2020)
Xu, H., Rabinovich, Z., Dughmi, S., Tambe, M.: Exploring information asymmetry in two-stage security games. In: Twenty-Ninth AAAI Conference on Artificial Intelligence (2015)
Acknowledgements
This research was sponsored by the Army Research Office and accomplished under grant number W911NF-17-1-0370 (MURI Cyberdeception). Some of the work discussed in this chapter was sponsored by the Combat Capabilities Development Command Army Research Laboratory and was accomplished under Cooperative Agreement Number W911NF-13-2-0045 (ARL Cyber Security CRA).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 This is a U.S. government work and not under copyright protection in the U.S.; foreign copyright protection may apply
About this chapter
Cite this chapter
Gonzalez, C., Aggarwal, P., Cranford, E.A., Lebiere, C. (2023). Adaptive Cyberdefense with Deception: A Human–AI Cognitive Approach. In: Bao, T., Tambe, M., Wang, C. (eds) Cyber Deception. Advances in Information Security, vol 89. Springer, Cham. https://doi.org/10.1007/978-3-031-16613-6_3
Download citation
DOI: https://doi.org/10.1007/978-3-031-16613-6_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-16612-9
Online ISBN: 978-3-031-16613-6
eBook Packages: Computer ScienceComputer Science (R0)