Lie Another Day: Demonstrating Bias in a Multi-round Cyber Deception Game of Questionable Veracity

Prior work has explored the use of defensive cyber deception to manipulate the information available to attackers and to proactively lie on behalf of both real and decoy systems. Such approaches can provide advantages to defenders by delaying attacker forward progress and thereby decreasing or eliminating attacker payoffs. In this work, we expand previous work by incorporating new parameters relating to attacker costs and choices. The extended model includes attacker costs for probing a system to learn its declared type (“real” or “fake”) and allows an attacker to proactively choose to leave the game early by walking away. While these additional parameters represent extensions to our prior model, they are key to understanding attacker behavior when confronted with deceptive cyber defenses. We first present the extended model and an analysis of the expected rewards for rational players. We then present the behavior of an adaptive attacker in a Markov Decision Process (MDP) simulation. Lastly, we relate our analytic and empirical findings to cognitive bias effects and speculate on how the manipulation of game parameters may be used in future work to both estimate and trigger bias effects during defender-attacker interactions.