Deception and magic in collaborative interaction
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
iTrust'05 Proceedings of the Third international conference on Trust Management
Manipulation as a security mechanism in sensor networks
SBP'10 Proceedings of the Third international conference on Social Computing, Behavioral Modeling, and Prediction
Explicit authentication response considered harmful
Proceedings of the 2013 workshop on New security paradigms workshop
| Hi-index | 0.00 |
Since attackers trust computer systems to tell them the truth, it may be effective for those systems to lie or mislead. This could waste the attacker's resources while permitting time to organize a better defense, and would provide a second line of defense when access controls have been breached. We propose here a probabilistic model of attacker beliefs in each of a set of "generic excuses" (including deception) for their inability to accomplish their goals. We show how the model can be updated by evidence presented to the attacker and feedback from the attacker's own behavior. We show some preliminary results with human subjects supporting our theory. We show how this analysis permits choosing appropriate times and methods to deceive the attacker.