Defensive Deception in Network Security ‒ Concepts and Game ‒ Theoretic Approaches

Florea, Răzvan; Craus, Mitică

doi:10.2478/raft-2025-0063

Abstract

Defensive Deception is an advanced strategy in network security that aims to mislead, confuse, or delay cyber adversaries by introducing uncertainty and manipulating attacker perceptions. Unlike traditional defense mechanisms that focus on detection and prevention, deceptive techniques ‒ such as honeypots, honeytokens, moving target defense, and decoy systems ‒ proactively shape attacker behavior and create a more complex threat landscape. A critical aspect of modern defensive deception is the integration of game-theoretic models, which provide a rigorous mathematical framework for analyzing interactions between attackers and defenders. These models help in designing optimal deception strategies by anticipating adversary actions and balancing the trade-offs between risk, cost, and information gain. By leveraging deception and strategic reasoning, defenders can increase the attacker’s cognitive and operational burden, shift the asymmetry in cyber conflict, and significantly enhance the resilience of network systems.

References

Aggarwal, P., Gonzalez, C., & Dutt, V. (2016). Cyber-security: Role of deception in cyber-attack detection. In Marciniak R, editor. Advances in Human Factors in Cybersecurity. Cham: Springer; pp. 85-96. Available at: https://doi.org/10.1007/978-3-319-41932-9_8.
Search in Google Scholar Back to article
Almeshekah, M.H., & Spafford, E.H. (2014). Planning and integrating deception into computer security defenses. Proceedings of the New Security Paradigms Workshop, 127-138. Available at: https://doi.org/10.1145/2683467.2683482.
Search in Google Scholar Back to article
Almeshekah, M.H., & Spafford, E.H. (2016). Cyber security deception. In Almeshekah MH, Spafford EH, editors. Cyber Deception. Cham: Springer, 23-50. Available at: https://doi.org/10.1007/978-3-319-32699-3_2.
Search in Google Scholar Back to article
Anwar, A.H., & Kamhoua, C. (2020). Game theory on attack graph for cyber deception. Proceedings of the International Conference on Decision and Game Theory for Security, 445-456. Available at: https://doi.org/10.1007/978-3-030-64793-3_24.
Search in Google Scholar Back to article
Borello, J.M., & Mè L.(2008). Code obfuscation techniques for metamorphic viruses. J Com-put Virol, 4(3), 211-220. Available at: https://doi.org/10.1007/s11416-008-0084-2.
Search in Google Scholar Back to article
Chan, J.-T., & Yang, W. (2004). Advanced obfuscation techniques for Java bytecode. J Syst Softw, 71(1), 1-10. Available at: https://doi.org/10.1016/S0164-1212(02)00066-3.
Search in Google Scholar Back to article
Florea, R., & Craus, M. (2022a). Modeling an Enterprise Environment for Testing Openstack Cloud Platform against Low-Rate DDoS Attacks. 26th International Conference on System Theory, Control and Computing (ICSTCC). Available at: https://doi.org/10.1109/ICSTCC55426.2022.9931822.
Search in Google Scholar Back to article
Florea, R., & Craus, M. (2022b). A Game-Theoretic Approach for Network Security Using Honeypots. Future Internet, 14(12), 362. Available at: https://doi.org/10.3390/fi14120362.
Search in Google Scholar Back to article
Florea, R.; & Craus, M. (2025). Enhancing Network Security through Integration of Game Theory in Software-Defined Networking Framework. Springer Nature - International Journal of Information Security, Vol. 24. Available at: https://doi.org/10.1007/s10207-025-01012-4.
Search in Google Scholar Back to article
Jajodia, S, Ghosh, A.K., Subrahmanian, V.S., Swarup, V., Wang, C., & Wang, X. (2017). Aprobabilistic logic of cyber deception. IEEE Trans Inf Forensics Secure, 12(11), 2532-2544. Available at: https://doi.org/10.1109/TIFS.2017.2710945.
Search in Google Scholar Back to article
Jafarian, J.H., & Niakanlahiji, A. (2020). A deception planning framework for cyber defense. Proceedings of the 53rd Hawaii International Conference on System Sciences, 242. Available at: https://doi.org/10.24251/HICSS.2020.234.
Search in Google Scholar Back to article
Mao, D., Zhang, S., Zhang, L., & Feng, Y. (2019). Game theory based dynamic defense mechanism for SDN. Proceedings of the International Conference on Machine Learning for Cyber Security, 290-303. Available at: https://doi.org/10.1007/978-3-030-30619-9_21.
Search in Google Scholar Back to article
Nan, S., Brahma, S., Kamhoua, C.A., & Njilla, L.L. (2020). On Development of a Game-Theoretic Model for Deception-Based Security. In: Kamhoua CA, editor. Game Theory and Machine Learning for Cyber Security. Hoboken, NJ: Wiley. pp. 123-140. DOI: 10.1002/9781119593386.ch6.
Search in Google Scholar Back to article
Pawlick, J., & Zhu, Q. (2015). Deception by design: Evidence-based signaling games for network defense. Cornel University, Computer Science. Available at: https://doi.org/10.48550/arXiv.1503.05458.
Search in Google Scholar Back to article
Pawlick, J., Farhang, S., & Zhu, Q. (2015). Flip the cloud: Cyber-physical signaling games in the presence of advanced persistent threats. Proceedings of the International Conference on Decision and Game Theory for Security, 289-308. Available at: https://doi.org/10.48550/arXiv.1507.00576.
Search in Google Scholar Back to article
Rowe, N.C., & Rrushi, J.(2016). Introduction to Cyberdeception. Heidelberg: Springer Nature. Available at: https://doi.org/10.1007/978-3-319-41187-3.
Search in Google Scholar Back to article
Ward, B.C., et al. (2018). Survey of cyber moving targets second edition. MIT Lincoln Lab, Cambridge, MA, USA. Report No.: 1228.
Search in Google Scholar Back to article
You, I., & Yim, K. (2010). Malware obfuscation techniques: A brief survey. Proceedings of the International Conference on Broadband, Wireless Computing, Communication and Applications, 297-300. Available at: https://doi.rog/10.1109/BWCCA.2010.85.
Search in Google Scholar Back to article