Pith. sign in

REVIEW

Not yet reviewed by Pith; the record is open.

This paper has not been read by Pith yet. Machine review is queued; the pith claim, tier, and objections will appear here once it completes.

SPECIMEN: schema-true, not a live event

T0 review · schema-true

One-sentence machine reading of the paper's core claim.

pith:XXXXXXXX · record.json · timestamp

arxiv 2505.21244 v1 pith:MZXRJIYU submitted 2025-05-27 cs.GT

When to Deceive: A Cross-Layer Stackelberg Game Framework for Strategic Timing of Cyber Deception

classification cs.GT
keywords deceptioncyberframeworkstrategictimingattackerdynamicgame
verification ladder T0 review T1 audit T2 compute T3 formal T4 reserved
0 comments
read the original abstract

Cyber deception is an emerging proactive defense strategy to counter increasingly sophisticated attacks such as Advanced Persistent Threats (APTs) by misleading and distracting attackers from critical assets. However, since deception techniques incur costs and may lose effectiveness over time, defenders must strategically time and select them to adapt to the dynamic system and the attacker's responses. In this study, we propose a Stackelberg game-based framework to design strategic timing for cyber deception: the lower tactical layer (follower) captures the evolving attacker-defender dynamics under a given deception through a one-sided information Markov game, while the upper strategic layer (leader) employs a stopping-time decision process to optimize the timing and selection of deception techniques. We also introduce a computational algorithm that integrates dynamic programming and belief-state updates to account for the attacker's adaptive behavior and limited deception resources. Numerical experiments validate the framework, showing that strategically timed deceptions can enhance the defender's expected utility and reduce the risk of asset compromise compared to baseline strategies.

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.