In the context of team Cornet’s seminars, Olivier Tsemogne (LIA) will present his research work on Game Theory for Cyber Deception against Network SIR Epidemics, on December 12, 2022, at 11:35 in the meeting room.
Abstract: One of the deleterious aspects of the evolution of information and communication technologies is the combination of efficiency and effectiveness in the malware spread, which clearly constitutes a threat to the security of the users of these technologies. The term “user” here covers individuals, companies, governmental or non-governmental organizations, states, in short, any person or group of persons who communicate using the new technologies. Among these threats, we can cite rumors in a social network and the stealthy recruitment of naive users into a cyber terrorist army capable, for example, of causing serious damage to a company whose services are used by these same users. In these two cases, as in many others, users, tricked by skilled experts, participate against their will and against their own interest in a cyber attack of which they are not aware, the bearer of the attack being deception. Moreover, cybercriminals, unlike cyber defenders, violate the rules of privacy and are therefore the best, if not the only, informed of the vulnerability of the target of influence. Various game models have been proposed in the literature that approach epidemic control from a game theory perspective. Stochastic games (SGs) are the most appropriate for two main reasons: (1) they focus on the global outcome, called utility, rather than the reward of the current game stage; (2) they assume the inability of the players to control the evolution of the system, which reflects the naivety of the users. When they also take into account the asymmetry related to the fact that the attackers are the only ones to know about the vulnerability of the potential targets, they are said to be partially observable (POSGs). The existence of the epidemic can be explained by the naivety of the users, which is exploited by cheaters. The only way to stop the cheaters is to ambush them. Since the process is open-ended and the attackers know the result of their evaluation at each move, we propose to use a subtle ambush whose positioning strategy will not be inferred by the attackers. This assumption sets us apart from classical two-player zero-sum POSGs, in which the player who knows the state of the system can infer the action of his opponent. We propose a game model between a defender cyber deceiving an attacker who cyber deceives naive users.This is a two-player zero-sum POSG in which only one player has complete information and no player has perfect information. We also address the utility by taking into account that players are not interested in the sum of the step outcomes, but rather in the most critical outcome of the process. We also address the notion of utility by taking into account that players are not interested in the sum of step outcomes, but rather in the most critical outcome of the process. Finally, we propose a Bayesian game model (BG) that is based on the topology of the network to solve the active and stealthy propagation of the epidemic. We show that the algorithm for solving classical POSGs holds for our new POSG model, even when utility is seen as the most critical value of the process, and then we significantly increase the scalability of the solution by solving the Bayesian game. In addition to improving cybersecurity by integrating cyber deception into epidemic control, this work proposes, on the one hand, a novel idea for solving stochastic games whose utility is the extremum, on the other hand, one to improve the scalability of the value iteration algorithm by transforming an SG on a network into a centrality game.