Towards a Cognitive Theory of Cyber Deception.
ACT-R
Cognitive model
Cybersecurity
Deception
Decision making
Instance-based learning theory
Signaling
Stackelberg security game
Journal
Cognitive science
ISSN: 1551-6709
Titre abrégé: Cogn Sci
Pays: United States
ID NLM: 7708195
Informations de publication
Date de publication:
07 2021
07 2021
Historique:
revised:
28
02
2021
received:
25
06
2020
accepted:
07
06
2021
entrez:
2
7
2021
pubmed:
3
7
2021
medline:
5
10
2021
Statut:
ppublish
Résumé
This work is an initial step toward developing a cognitive theory of cyber deception. While widely studied, the psychology of deception has largely focused on physical cues of deception. Given that present-day communication among humans is largely electronic, we focus on the cyber domain where physical cues are unavailable and for which there is less psychological research. To improve cyber defense, researchers have used signaling theory to extended algorithms developed for the optimal allocation of limited defense resources by using deceptive signals to trick the human mind. However, the algorithms are designed to protect against adversaries that make perfectly rational decisions. In behavioral experiments using an abstract cybersecurity game (i.e., Insider Attack Game), we examined human decision-making when paired against the defense algorithm. We developed an instance-based learning (IBL) model of an attacker using the Adaptive Control of Thought-Rational (ACT-R) cognitive architecture to investigate how humans make decisions under deception in cyber-attack scenarios. Our results show that the defense algorithm is more effective at reducing the probability of attack and protecting assets when using deceptive signaling, compared to no signaling, but is less effective than predicted against a perfectly rational adversary. Also, the IBL model replicates human attack decisions accurately. The IBL model shows how human decisions arise from experience, and how memory retrieval dynamics can give rise to cognitive biases, such as confirmation bias. The implications of these findings are discussed in the perspective of informing theories of deception and designing more effective signaling schemes that consider human bounded rationality.
Types de publication
Journal Article
Research Support, U.S. Gov't, Non-P.H.S.
Langues
eng
Sous-ensembles de citation
IM
Pagination
e13013Informations de copyright
© 2021 Cognitive Science Society LLC.
Références
Abbasi, Y. D., Ben-Asher, N., Gonzalez, C., Kar, D., Morrison, D., Sintov, N., & Tambe, M. (2016). Know your adversary: Insights for a better adversarial behavioral model. In A. Papafragou, Daniel J. Grodner, D. Mirman & J. Trueswell (Eds.), Proceeding of the 38th annual conference of cognitive science society (pp. 1391-1396). Austin, TX: Cognitive Science Society.
Aggarwal, P., Gonzalez, C., & Dutt, V. (2016). Cyber-security: Role of deception in cyber-attack detection. In D. Nicholson (Ed.), Advances in human factors in cybersecurity (Vol. 501, pp. 85-96). Cham: Springer. https://doi.org/10.1007/978-3-319-41932-9_8
Aggarwal, P., Thakoor, O., Mate, A., Tambe, M., Cranford, E. A., Lebiere, C., & Gonzalez, C. (2020). An exploratory study of a masking strategy of cyberdeception using CyberVAN. Proceedings of the Human Factors and Ergonomics Society Annual Meeting, 64(1), 446-450. https://doi.org/10.1177/1071181320641100
Almeshekah, M. H., & Spafford, E. H. (2016). Cyber security deception. In S. Jajodia, V. Subrahmanian, V. Swarup & C. Wang (Eds.), Cyber deception (pp. 25-52). Cham: Springer. https://doi.org/10.1007/978-3-319-32699-3_2
Al-Shaer, E., Wei, J., Hamlen, K. W., & Wang, C. (Eds.). (2019). Autonomous cyber deception: Reasoning, adaptive planning, and evaluation of honey things. Cham: Springer. https://doi.org/10.1007/978-3-030-02110-8
Anderson, J. R. (1991). Is human cognition adaptive? Behavioral and Brain Sciences, 14(3), 471-517. https://doi.org/10.1017/S0140525X00070801
Anderson, J. R., & Lebiere, C. (1998). The atomic components of thought. Mahwah, NJ: Erlbaum. https://doi.org/10.4324/9781315805696
Anderson, J. R., Bothell, D., Byrne, M. D., Douglass, S., Lebiere, C., & Qin, Y. (2004). An integrated theory of the mind. Psychological Review, 111(4), 1036-1060. https://doi.org/10.1037/0033-295X.111.4.1036
Battigalli, P. (2006). Rationalization in signaling games: Theory and applications. International Game Theory Review, 8(01), 67-93. https://doi.org/10.2139/ssrn.635244
Bond, C. F. Jr. & DePaulo, B. M. (2008). Individual differences in judging deception: Accuracy and bias. Psychological Bulletin, 134(4), 477-492. https://doi.org/10.1037/0033-2909.134.4.477
Cho, I. -K., & Kreps, D. M. (1987). Signaling games and stable equilibria. The Quarterly Journal of Economics, 102(2), 179-221. https://doi.org/10.2307/1885060
Cooney, S., Wang, K., Bondi, E., Nguyen, T., Vayanos, P., Winetrobe, H., Cranford, E. A., Gonzalez, C., Lebiere, C. & Tambe, M. (2019). Learning to signal in the Goldilocks Zone: Improving adversary compliance in security games. In Brefeld U., Fromont E., Hotho A., Knobbe A., Maathuis M., Robardet C. (Eds.), Machine learning and knowledge discovery in databases (pp. 725-740). Cham: Springer. https://doi.org/10.1007/978-3-030-46150-8_42
Cranford, E. A., Gonzalez, C., Aggarwal, P., Cooney, S., Tambe, M., & Lebiere, C. (2020a). Toward personalized deceptive signaling for cyber defense using cognitive models. Topics in Cognitive Science, 12(3), 992-1011. https://doi.org/10.1111/tops.12513
Cranford, E. A., Gonzalez, C., Aggarwal, P., Cooney, S., Tambe, M., & Lebiere, C. (2020b). Adaptive cyber deception: Cognitively informed signaling for cyber defense. In Proceedings of the 53rd Hawaii International Conference on System Sciences, Maui, HI, USA (pp. 1885-1894). https://doi.org/10.24251/HICSS.2020.232
Cranford, E. A., Lebiere, C., Gonzalez, C., Cooney, S., Vayanos, P., & Tambe, M. (2018). Learning about cyber deception through simulations: Predictions of human decision making with deceptive signals in Stackelberg Security Games. Proceedings of the 40th Annual Conference of the Cognitive Science Society, Madison, WI, USA (pp. 258-263).
Cranford, E. A., Somers, S., Mitsopoulos, K., & Lebiere, C. (2020). Cognitive salience of features in cyber-attacker decision making. In T. C. Stewart (Ed.), Proceedings of the 18th annual meeting of the international conference on cognitive modeling. University Park, PA: Applied Cognitive Science Lab, Penn State.
Ekroll, V., & Wagemans, J. (2016). Conjuring deceptions: Fooling the eye or fooling the mind? Trends in Cognitive Sciences, 20(7), 486-489. https://doi.org/10.1016/j.tics.2016.04.006
Eliason, C. M. (2018). How do complex animal signals evolve? PLoS Biology, 16(12), e3000093. https://doi.org/10.1371/journal.pbio.3000093
Gonzalez, C. (2013). The boundaries of instance-based learning theory for explaining decisions from experience. Progress in Brain Research, 202, 73-98. https://doi.org/10.1016/B978-0-444-62604-2.00005-8
Gonzalez, C., Aggarwal, P., Cranford, E. A., & Lebiere, C. (2020). Design of dynamic and personalized deception: A research framework and new insights. Proceedings of the 53rd Hawaii International Conference on System Sciences, Maui, HI, USA (pp. 1825-1834). https://doi.org/10.24251/HICSS.2020.226
Gonzalez, C., Ben-Asher, N., Martin, J. M., & Dutt, V. (2015). A cognitive model of dynamic cooperation with varied inter-dependency information. Cognitive Science, 39(3), 457-495. https://doi.org/10.1111/cogs.12170
Gonzalez, C., & Dutt, V. (2011). Instance-based learning: Integrating decisions from experience in sampling and repeated choice paradigms. Psychological Review, 118(4), 523-551. https://doi.org/10.1037/a0024558
Gonzalez, C., & Lebiere, C. (2005). Instance-based cognitive models of decision making. In D. Zizzo & A. Courakis (Eds.), Transfer of knowledge in economic decision-making. New York: Macmillan (Palgrave Macmillan.
Gonzalez, C., Lerch, J. F., & Lebiere, C. (2003). Instance based learning in dynamic decision making. Cognitive Science, 27(4), 591-635. https://doi.org/10.1007/978-3-319-11391-3_6
Hertwig, R. (2015). Decisions from experience. In G. Keren & G. Wu (Eds.), Blackwell handbook of judgment and decision making (pp. 239-267). Chichester: Wiley-Blackwell. https://doi.org/10.1002/9781118468333.ch8
Hyman, R. (1989). The psychology of deception. Annual Review of Psychology, 40, 133-154. https://doi.org/10.1146/annurev.ps.40.020189.001025
Jenkins, A., Zhu, L., & Hsu, M. (2016). Cognitive neuroscience of honesty and deception: A signaling framework. Current Opinion in Behavioral Sciences, 11, 130-137. https://doi.org/10.1016/j.cobeha.2016.09.005
Juvina, I., Saleem, M., Martin, J. M., Gonzalez, C., & Lebiere, C. (2013). Reciprocal trust mediates deep transfer of learning between games of strategic interaction. Organizational Behavior and Human Decision Processes, 120(2), 206-215. https://doi.org/10.1016/j.obhdp.2012.09.004
Lebiere, C. (1999). A blending process for aggregate retrievals. Proceedings of the 6th ACT-R Workshop, George Mason University, Fairfax, VA
Lebiere, C., Gonzalez, C., & Martin, M. (2007). Instance-based decision making model of repeated binary choice. Proceedings of the Eighth International Conference on Cognitive Modeling, Ann Harbor, MI, USA (pp. 67-72). https://doi.org/10.1184/R1/6571190.v1
Lebiere, C., Pirolli, P., Thomson, R., Paik, J., Rutledge-Taylor, M., Staszewski, J., & Anderson, J. R. (2013). A Functional model of sensemaking in a neurocognitive architecture. Computational Intelligence and Neuroscience, 2013, 921695. http://doi.org/10.1155/2013/921695
Lebiere, C., Wallach, D., & West, R. L. (2000). A memory-based account of the prisoner's dilemma and other 2x2 games. Proceedings of International Conference on Cognitive Modeling, Groningen, the Netherlands (pp. 185-193).
Martin, M., Lebiere, C., Fields, M. A., & Lennon, C. (2018). Learning features while learning to classify: A cognitive model for autonomous systems. Computational and Mathematical Organization Theory, 26, 23-54. https://doi.org/10.1007/s10588-018-9279-3
Moisan, F., & Gonzalez, C. (2017). Security under uncertainty: Adaptive attackers are more challenging to human defenders than random attackers. Frontiers in Psychology, 8, 982. https://doi.org/10.3389/fpsyg.2017.00982
Mokkonen, M., & Lindstedt, C. (2016). The evolutionary ecology of deception. Biological Reviews, 91(4), 1020-1035. https://doi.org/10.1111/brv.12208
Morgan, C. J., LeSage, J. B., & Kosslyn, S. M. (2009). Types of deception revealed by individual differences in cognitive abilities. Social Neuroscience, 4(6), 554-569. https://doi.org/10.1080/17470910802299987
Morgulev, E., Azar, O. H., Lidor, R., Sabag, E., & Bar-Eli, M. (2014). Deception and decision making in professional basketball: Is it beneficial to flop? Journal of Economic Behavior & Organization, 102, 108-118. https://doi.org/10.1016/j.jebo.2014.03.022
Newell, A. (1990). Unified theories of cognition. Cambridge, MA: Harvard University Press.
Pawlick, J., Colbert, E., & Zhu, Q. (2019). A game-theoretic taxonomy and survey of defensive deception for cybersecurity and privacy. ACM Computing Surveys, 52(4), 1-28. https://doi.org/10.1145/3337772
Pita, J., Jain, M., Ordónez, F., Portway, C., Tambe, M., Western, C., & Kraus, S. (2008). ARMOR security for Los Angeles International Airport. Proceeding of the Twenty-Third AAAI Conference on Artificial Intelligence, Chicago, IL (pp. 1884-1885).
Riggio, R. E., & Friedman, H. S. (1983). Individual differences and cues to deception. Journal of Personality and Social Psychology, 45(4), 899-915. https://doi.org/10.1037/0022-3514.45.4.899
Rowe, N. C., & Rrushi, J. (2016). Introduction to cyberdeception. Cham: Springer. https://doi.org/10.1007/978-3-319-41187-3
Sanner, S., Anderson, J. R., Lebiere, C., & Lovett, M. C. (2000). Achieving efficient and cognitively plausible learning in Backgammon. In P. Langley (Ed.), Proceedings of the seventeenth international conference on machine learning. San Francisco: Morgan Kaufmann. https://doi.org/10.1184/R1/6613298.v1
Shieh, E., An, B., Yang, R., Tambe, M., Baldwin, C., & Meyer, G. (2012). PROTECT: A deployed game theoretic system to protect the ports of the United States. In Proceedings of the 11th International Conference on Autonomous Agents and Multiagent Systems (AAMAS), Valencia, Spain (pp. 13-20).
Simon, H. A. (1956). Rational choice and the structure of the environment. Psychological Review, 63(2), 129-138. https://doi.org/10.1037/h0042769
Sinha, A., Fang, F., An, B., Kiekintveld, C., & Tambe, M. (2018). Stackelberg Security Games: Looking beyond a decade of success. Proceedings of the 27th international joint conference on artificial intelligence, Stockholm, Sweden (pp. 5494-5501). https://doi.org/10.24963/ijcai.2018/775
Somers, S., Mitsopoulos, K., Lebiere, C., & Thomson, R. (2019). Cognitive-level salience for explainable artificial intelligence. Proceedings of the 17th Annual Meeting of the International Conference on Cognitive Modeling, Montreal, Quebec, Canada.
Stech, F. J., Heckman, K. E., & Strom, B. E. (2016). Integrating cyber-D&D into adversary modeling for active cyber defense. In S. Jajodia, V. Subrahmanian, V. Swarup & C. Wang (Eds.), Cyber deception (pp. 1-22). Cham: Springer. https://doi.org/10.1007/978-3-319-32699-3_1
Tambe, M. (2011). Security and game theory: Algorithms, deployed systems, lessons learned. Cambridge: Cambridge University Press. https://doi.org/10.1017/CBO9780511973031
Thakoor, O., Jabbari, S., Aggarwal, P., Gonzalez, C., Tambe, M., & Vayanos, P. (2020). Exploiting bounded rationality in risk-based cyber camouflage games. In Q. Zhu, J. S. Baras, R. Poovendran & J. Chen (Eds.), Decision and game theory for security. GameSec 2020. Lecture Notes in Computer Science, 12513 (pp. 103-124). Cham: Springer. https://doi.org/10.1007/978-3-030-64793-3_6
West, R. L., & Lebiere, C. (2001). Simple games as dynamic, coupled systems: Randomness and other emergent properties. Journal of Cognitive Systems Research, 1(4), 221-239. https://doi.org/10.1016/S1389-0417(00)00014-0
Xu, H., Rabinovich, Z., Dughmi, S., & Tambe, M. (2015). Exploring information asymmetry in two-stage security games. Proceedings of the National Conference on Artificial Intelligence, Austin, TX, USA (pp. 1057-1063).