REVIEW
Not yet reviewed by Pith; the record is open.
This paper has not been read by Pith yet. Machine review is queued; the pith claim, tier, and objections will appear here once it completes.
SPECIMEN: schema-true, not a live event
T0 review · schema-true
One-sentence machine reading of the paper's core claim.
pith:XXXXXXXX · record.json · timestamp
When to Deceive: A Cross-Layer Stackelberg Game Framework for Strategic Timing of Cyber Deception
read the original abstract
Cyber deception is an emerging proactive defense strategy to counter increasingly sophisticated attacks such as Advanced Persistent Threats (APTs) by misleading and distracting attackers from critical assets. However, since deception techniques incur costs and may lose effectiveness over time, defenders must strategically time and select them to adapt to the dynamic system and the attacker's responses. In this study, we propose a Stackelberg game-based framework to design strategic timing for cyber deception: the lower tactical layer (follower) captures the evolving attacker-defender dynamics under a given deception through a one-sided information Markov game, while the upper strategic layer (leader) employs a stopping-time decision process to optimize the timing and selection of deception techniques. We also introduce a computational algorithm that integrates dynamic programming and belief-state updates to account for the attacker's adaptive behavior and limited deception resources. Numerical experiments validate the framework, showing that strategically timed deceptions can enhance the defender's expected utility and reduce the risk of asset compromise compared to baseline strategies.
discussion (0)
Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.