Cyber-Security: Role of Deception in Cyber-Attack Detection

  • Palvi Aggarwal
  • Cleotilde Gonzalez
  • Varun Dutt
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 501)


Cyber-attacks are increasing in the real-world and cause widespread damage to cyber-infrastructure and loss of information. Deception, i.e., actions to promote the beliefs of things that are not true, could be a way of countering cyber-attacks. In this paper, we propose a deception game, which we use to evaluate the decision making of a hacker in the presence of deception. In an experiment, using the deception game, we analyzed the effect of two between-subjects factors in Hacker’s decisions to attack a computer network (N = 100 participants): amount of deception used and the timing of deception. The amount of deception used was manipulated at 2-levels: low and high. The timing of deception use was manipulated at 2-levels: early and late. Results revealed that using late and high deception condition, proportion of not attack actions by hackers are higher. Our results suggest that deception acts as a deterrence strategy for hacker.


Deception Cyber-attacks IBL Security analyst Cyber defence 



We are very grateful to Indian Institute of Technology, Mandi and Department of Electronics and Information Technology, Ministry of Communication & IT, Government of India as a part of Visvesverya Ph.D. scheme for Electronics and IT for their support.


  1. 1.
  2. 2.
    Symantec Corporation. Internet security threat report Retrieved from (2014)
  3. 3.
    Whaley, B.: Toward a general theory of deception. J. Strateg. Stud. Frank Cass Lond. 5(1), 178–192 (1982)Google Scholar
  4. 4.
    Glantz, D.: Military Deception in the Second World War. Cass Series on Soviet Military Theory & Practice. Routledge, London. ISBN 978-0-714-63347-3 (1989)Google Scholar
  5. 5.
    Denning, D.: Information warfare and security. AddisonWesley, New York (1999)Google Scholar
  6. 6.
    Mitnick, K.D., Simon, W.L.: The art of deception: controlling the human element of security. Wiley, New York City (2011)Google Scholar
  7. 7.
    Rowe, N.C., Custy, E.J.: Deception in cyber attacks. In Janczewski L.J., Colarik A.M. (Eds.), Cyber Warfare and Cyber Terrorism, Hershey, PA, Inf. Sci. Ref. pp. 91–93 (2008)Google Scholar
  8. 8.
    Dutt, V., Ahn, Y.S., Gonzalez, C.: Cyber situation awareness modeling detection of cyber-attacks with instance-based learning theory. Hum. Factors J. Hum. Factors Ergon. Soc. 55(3), 605–618 (2013)CrossRefGoogle Scholar
  9. 9.
    Arora, A., Dutt, V.: Cyber security: evaluating the effects of attack strategy and base rate through instance based learning. In: 12th International Conference on Cognitive Modeling. Ottawa, Canada (2013)Google Scholar
  10. 10.
    Kaur, A., Dutt, V.: Cyber situation awareness: modeling the effects of similarity and scenarios on cyber attack detection. Paper presented at the 12th International Conference on Cognitive Modeling. Ottawa, Canada (2013)Google Scholar
  11. 11.
    Gonzalez, C., Dutt, V.: Instance-based learning: integrating sampling and repeated decisions from experience. Psychol. Rev. 118(4), 523 (2011)CrossRefGoogle Scholar
  12. 12.
    Roy, S., Ellis, C., Shiva, S., Dasgupta, D., Shandilya, V., Wu, Q.: A survey of game theory as applied to network security. In: 2010 43rd Hawaii International Conference on System Sciences (HICSS), (pp. 1-10). IEEE (2010)Google Scholar
  13. 13.
    Camerer, C.: Behavioral game theory: experiments in strategic interaction. Princeton University Press, Princeton (2003)Google Scholar
  14. 14.
    Alpcan, T., Başar, T.: Network security: a decision and game-theoretic approach. Cambridge University Press, Cambridge (2010)Google Scholar
  15. 15.
    Crouse, M.: Performance Analysis of Cyber Deception Using Probabilistic Models (2012)Google Scholar
  16. 16.
    Garg, N., Daniel, G.: Deception in honeynets: a game-theoretic analysis. Information Assurance and Security Workshop. IAW’07. IEEE SMC. IEEE, 2007Google Scholar
  17. 17.
    Dutt, V., Gonzalez, C.: Making instance-based learning theory usable and understandable: the instance-based learning tool. Comput. Hum. Behav. 28(4), 1227–1240 (2012). doi: 10.1016/j.chb.2012.02.006 CrossRefGoogle Scholar
  18. 18.
    Gonzalez, C., Lerch, J.F., Lebiere, C.: Instance-based learning in dynamic decision making. Cogn. Sci. 27(4), 591–635 (2003). doi: 10.1016/S0364-0213(03)00031-4 CrossRefGoogle Scholar
  19. 19.
    Kahneman, D., Tversky, A.: Prospect theory: an analysis of decision under risk. Econometrica 263–291, (1979)Google Scholar
  20. 20.
    Tversky, A., Kahneman, D.: Advances in prospect theory: cumulative representation of uncertainty. J Risk Uncertainty 5(4), 297–323 (1992)CrossRefzbMATHGoogle Scholar
  21. 21.
    Nevo, I., Ido, E.: On surprise, change, and the effect of recent outcomes. Frontiers in psychology 3 (2012)Google Scholar
  22. 22.
    George, L.: Cyber-physical attacks. Retrieved from (2015)
  23. 23.
    Dutt, V., Ahn, Y.S., Gonzalez, C.: Cyber situation awareness modeling detection of cyber-attacks with instance-based learning theory. Hum. Factors J. Hum. Factors Ergon. Soc. 55(3), 605–618 (2013)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  • Palvi Aggarwal
    • 1
  • Cleotilde Gonzalez
    • 2
  • Varun Dutt
    • 1
  1. 1.Applied Cognitive Science LaboratoryIndian Institute of TechnologyMandiIndia
  2. 2.Dynamic Decision Making LaboratoryCarnegie Mellon UniversityPittsburghUSA

Personalised recommendations