This book, structured as an edited volume, consists of 12 chapters organized into four key themes: Theoretical Foundations, Human Factors, Application Domains, and Future Challenges. It highlights the dynamic and interdisciplinary nature of cyber deception research, offering insights into diverse application areas such as industrial control systems and AI security.
Cyber deception has emerged as a critical strategy for defending digital assets across academia, industry, and government. By creating false information, deceptive environments, or misleading signals, it aims to confuse, delay, or misdirect adversaries while simultaneously gathering intelligence on their tactics. This proactive approach shifts the traditional information advantage from attackers to defenders, strengthening cybersecurity resilience.
Designed as a foundational resource, this book is particularly valuable for students and early-career researchers seeking to understand cyber deception and identify pressing research challenges. It emphasizes the need for context-aware and adaptive strategies to counter the ever-evolving tactics of cyber adversaries. Furthermore, this book advocates for leveraging emerging technologies and interdisciplinary approaches to advance deception techniques. By addressing both current and future challenges, this volume provides a comprehensive roadmap for enhancing cyber deception strategies and fostering the development of more robust and resilient cybersecurity defences.
Section 1: Modeling and Analysis.
Chapter 1: Overview and challenges of
modeling and analysis for cyber deception.
Chapter 2: Game-theoretic models
for cyber deception.
Chapter 3: Formal methods and their applications.-
Chapter 4: Data science and machine learning for cyber deception.- Section 2:
Human Factors.
Chapter 5: Overview and challenges of human factors for
cyber deception.
Chapter 6: Cognitive vulnerabilities.
Chapter 7: Human
bounded rationality biases.
Chapter 8: Human modeling and data science.-
Section 3: Design and Practice.
Chapter 9: Overview and challenges of design
and practice.
Chapter 10: MITRE framework for cyber deception.
Chapter 11:
Practical tools and experiments.
Chapter 12: Design considerations for cyber
deception solutions.- Section 4: Convergent Scientific Foundations.
Chapter
13: Overview and the need for a convergent science.
Chapter 14: Convergent
Foundation for defensive deception for industrial control systems.
Chapter
15: Convergent Foundation for automated deception of cyber malware.
Chapter
16: Convergent Foundation for defensive cognitive security.
Chapter 17:
Conclusions and Perspectives.
Quanyan Zhu is an Associate Professor in the Department of Electrical and Computer Engineering at New York University (NYU). He is also the director of the Laboratory for Agile and Resilient Complex Systems (LARX), which focuses on addressing security and resilience challenges in robotics, industrial control systems, manufacturing systems, Internet of Things (IoT), cyber-physical systems, and critical infrastructures. Dr. Zhu earned his Ph.D. in Electrical and Computer Engineering from the University of Illinois at Urbana-Champaign in 2013, a Masters degree from the University of Toronto, and a Bachelors degree in Electrical Engineering from McGill University.
He has held positions as a Postdoctoral Research Associate at Princeton University and Visiting Researcher roles at institutions such as INRIA, the University of Houston, and the University of Waterloo. His research interests span optimal control, game theory, reinforcement learning, network security/privacy, and resilient control systems. Dr. Zhu has received multiple best paper awards and a National Science Foundation (NSF) CAREER Award. He has published extensively and is actively involved in advancing cybersecurity and complex systems research.
Dr. Zhuo Lu is an Associate Professor in the Department of Electrical Engineering at the University of South Florida (USF) and leads the Communications, Security, and Analytics (CSA) Lab. He is also affiliated with CyberFlorida and holds a courtesy appointment with USFs Department of Computer Science and Engineering. Dr. Lu earned his Ph.D. from North Carolina State University in 2013. His research focuses on wireless mobile design/security, IoT, cyber-physical systems, and secure AI systems. His work has been supported by prominent organizations like NSF, ARO, ONR, DOE, and CyberFlorida. Dr. Lu has received several prestigious awards, including the NSF CISE CRII Award (2016), IEEE GlobalSIP Best Paper Award (2019), and NSF CAREER Award (2021). He is a Senior Member of IEEE and serves as an Associate Editor for IEEE Transactions on Dependable and Secure Computing. Additionally, he actively teaches courses related to computer networks, cryptography, and wireless security at USF.
Paul L. Yu received a Ph.D. degree in electrical engineering from the University of Maryland at College Park. He is the Program Manager for Information Assurance at the U.S. Army Combat Capabilities Development Command Army Research Laboratory (DEVCOM ARL) Army Research Office (ARO). This research program concentrates on funding cutting edge research in several domains, primarily conducted at U.S. universities, that enables complex systems to survive and recover from sophisticated adversarial disruption while accomplishing their missions. He has held technical leadership roles in several programs such as Cyber Security Collaborative Research Alliance and The Technical Cooperation Program. His work advances cyber security and signal processing for secure tactical networks, and he holds several patents in these areas.
Dr. Cliff Wang graduated from North Carolina State University with a PhD in computer engineering. He has been carrying out research in the area of computer vision, medical imaging analysis, high speed networks, and most recently cyber security. He has authored technical papers on these areas in refereed journal, conferences, and symposiums and gave several keynote speeches. Dr. Wang authored/edited more than 20 books in the area of cyber security and holds 4 US patents on network security system development. Since 2003, Dr. Wang has been managing extramural research portfolio and leading cyber security research at funding agencies. Dr. Wang holds appointment at both Department of Computer Science and Department of Electrical and Computer Engineering at North Carolina State University. Dr. Wang is a Fellow of IEEE and AAAS.
