Coordinated Multi-Domain Deception: A Stackelberg Game Approach

• URL: http://arxiv.org/abs/2601.02596v1
• Date: Mon, 05 Jan 2026 23:04:13 GMT
• Title: Coordinated Multi-Domain Deception: A Stackelberg Game Approach
• Authors: Md Abu Sayed, Asif Rahman, Ahmed Hemida, Christopher Kiekintveld, Charles Kamhoua,
• Abstract summary: We introduce a Stackelberg game framework to model the strategic interaction between defenders and attackers.<n>We propose a CVE-based utility function to identify the most critical vulnerabilities.
• Score: 0.5499187928849247
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: This paper explores coordinated deception strategies by synchronizing defenses across coupled cyber and physical systems to mislead attackers and strengthen defense mechanisms. We introduce a Stackelberg game framework to model the strategic interaction between defenders and attackers, where the defender leverages CVSS-based exploit probabilities and real-world vulnerability data from the National Vulnerability Database (NVD) to guide the deployment of deception. Cyber and physical replicas are used to disrupt attacker reconnaissance and enhance defensive effectiveness. We propose a CVE-based utility function to identify the most critical vulnerabilities and demonstrate that coordinated multilayer deception outperforms single-layer and baseline strategies in improving defender utility across both CVSS versions.

Related papers

• Be Your Own Red Teamer: Safety Alignment via Self-Play and Reflective Experience Replay [19.431152130507648]
  Large Language Models (LLMs) have achieved remarkable capabilities but remain vulnerable to adversarial jailbreak'' attacks.<n>This paper introduces Safety Self- Play (SSP), a system that acts as both the Attacker (generating jailbreaks) and the Defender (refusing harmful requests)<n>SSP autonomously evolves robust defense capabilities, significantly outperforming baselines trained on static adversarial datasets.
  arXiv  Detail & Related papers  (2026-01-15T17:00:16Z)
• Adversarial Attack-Defense Co-Evolution for LLM Safety Alignment via Tree-Group Dual-Aware Search and Optimization [51.12422886183246]
  Large Language Models (LLMs) have developed rapidly in web services, delivering unprecedented capabilities while amplifying societal risks.<n>Existing works tend to focus on either isolated jailbreak attacks or static defenses, neglecting the dynamic interplay between evolving threats and safeguards in real-world web contexts.<n>We propose ACE-Safety, a novel framework that jointly optimize attack and defense models by seamlessly integrating two key innovative procedures.
  arXiv  Detail & Related papers  (2025-11-24T15:23:41Z)
• Debiased Dual-Invariant Defense for Adversarially Robust Person Re-Identification [52.63017280231648]
  Person re-identification (ReID) is a fundamental task in many real-world applications such as pedestrian trajectory tracking.<n>Person ReID models are highly susceptible to adversarial attacks, where imperceptible perturbations to pedestrian images can cause entirely incorrect predictions.<n>We propose a dual-invariant defense framework composed of two main phases.
  arXiv  Detail & Related papers  (2025-11-13T03:56:40Z)
• CyGATE: Game-Theoretic Cyber Attack-Defense Engine for Patch Strategy Optimization [73.13843039509386]
  This paper presents CyGATE, a game-theoretic framework modeling attacker-defender interactions.<n>CyGATE frames cyber conflicts as a partially observable game (POSG) across Cyber Kill Chain stages.<n>The framework's flexible architecture enables extension to multi-agent scenarios.
  arXiv  Detail & Related papers  (2025-08-01T09:53:06Z)
• Slot: Provenance-Driven APT Detection through Graph Reinforcement Learning [24.84110719035862]
  Advanced Persistent Threats (APTs) represent sophisticated cyberattacks characterized by their ability to remain undetected for extended periods.<n>We propose Slot, an advanced APT detection approach based on provenance graphs and graph reinforcement learning.<n>We show Slot's outstanding accuracy, efficiency, adaptability, and robustness in APT detection, with most metrics surpassing state-of-the-art methods.
  arXiv  Detail & Related papers  (2024-10-23T14:28:32Z)
• Optimizing Cyber Defense in Dynamic Active Directories through Reinforcement Learning [10.601458163651582]
  This paper addresses the absence of effective edge-blocking ACO strategies in dynamic, real-world networks. It specifically targets the cybersecurity vulnerabilities of organizational Active Directory (AD) systems. Unlike the existing literature on edge-blocking defenses which considers AD systems as static entities, our study counters this by recognizing their dynamic nature.
  arXiv  Detail & Related papers  (2024-06-28T01:37:46Z)
• The Adaptive Arms Race: Redefining Robustness in AI Security [21.759075171536388]
  We introduce a framework for adaptively optimizing black-box attacks and defenses under the competitive game they form.<n>We find that active defenses, those that dynamically control system responses, are an essential complement to model hardening against decision-based attacks.<n>Our findings, supported by an extensive theoretical and empirical investigation, confirm that adaptive adversaries pose a serious threat to black-box AI-based systems.
  arXiv  Detail & Related papers  (2023-12-20T21:24:52Z)
• BadCLIP: Dual-Embedding Guided Backdoor Attack on Multimodal Contrastive Learning [85.2564206440109]
  This paper reveals the threats in this practical scenario that backdoor attacks can remain effective even after defenses. We introduce the emphtoolns attack, which is resistant to backdoor detection and model fine-tuning defenses.
  arXiv  Detail & Related papers  (2023-11-20T02:21:49Z)
• Untargeted White-box Adversarial Attack with Heuristic Defence Methods in Real-time Deep Learning based Network Intrusion Detection System [0.0]
  In Adversarial Machine Learning (AML), malicious actors aim to fool the Machine Learning (ML) and Deep Learning (DL) models to produce incorrect predictions. AML is an emerging research domain, and it has become a necessity for the in-depth study of adversarial attacks. We implement four powerful adversarial attack techniques, namely, Fast Gradient Sign Method (FGSM), Jacobian Saliency Map Attack (JSMA), Projected Gradient Descent (PGD) and Carlini & Wagner (C&W) in NIDS.
  arXiv  Detail & Related papers  (2023-10-05T06:32:56Z)
• Fixed Points in Cyber Space: Rethinking Optimal Evasion Attacks in the Age of AI-NIDS [70.60975663021952]
  We study blackbox adversarial attacks on network classifiers. We argue that attacker-defender fixed points are themselves general-sum games with complex phase transitions. We show that a continual learning approach is required to study attacker-defender dynamics.
  arXiv  Detail & Related papers  (2021-11-23T23:42:16Z)
• A Self-supervised Approach for Adversarial Robustness [105.88250594033053]
  Adversarial examples can cause catastrophic mistakes in Deep Neural Network (DNNs) based vision systems. This paper proposes a self-supervised adversarial training mechanism in the input space. It provides significant robustness against the textbfunseen adversarial attacks.
  arXiv  Detail & Related papers  (2020-06-08T20:42:39Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.