Cyber-Security: Role of Deception in Cyber-Attack Detection

摘要

Cyber-attacks are increasing in the real-world and cause widespread damage to cyber-infrastructure and loss of information. Deception, i.e., actions to promote the beliefs of things that are not true, could be a way of countering cyber-attacks. In this paper, we propose a deception game, which we use to evaluate the decision making of a hacker in the presence of deception. In an experiment, using the deception game, we analyzed the effect of two between-subjects factors in Hacker's decisions to attack a computer network (N= 100 participants): amount of deception used and the timing of deception. The amount of deception used was manipulated at 2-levels: low and high. The timing of deception use was manipulated at 2-levels: early and late. Results revealed that using late and high deception condition, proportion of not attack actions by hackers are higher. Our results suggest that deception acts as a deterrence strategy for hacker.