Optimal Resource Allocation for Proactive Defense with Deception in Probabilistic Attack Graphs

This paper investigates the problem of synthesizing proactive defense systems with deception. We model the interaction between the attacker and the system using a formal security model: a probabilistic attack graph. By allocating fake targets/decoys, the defender aims to distract the attacker from compromising true targets. By increasing the cost of some attack actions, the defender aims to discourage the attacker from committing to certain policies. To optimally deploy limited decoy resources and modify attack action costs with operational constraints, we formulate the synthesis problem as a bi-level optimization problem, while the defender designs the system, in anticipation of the attacker's best response given that the attacker has disinformation about the system due to the use of decoys. We investigate the bi-level optimization formulation against both rational and bounded rational attackers. We show the problem against a rational attacker can be formulated as a bi-level linear program. For attackers with bounded rationality, we show that under certain assumptions, the problem can be transformed into a constrained optimization problem. We proposed an algorithm to approximately solve this constrained optimization problem using a novel projected gradient ascent based on the idea of incentive-design. We demonstrate the effectiveness of the proposed methods using experiments and provide our insights in defense design against rational and bounded rational attackers.