Markov Decision Process for Modeling Social Engineering Attacks and Finding Optimal Attack Strategies

Faranak Abri, Jianjun Zheng, Akbar Siami Namin, Keith S. Jones

Research output: Contribution to journalArticlepeer-review

Abstract

This paper emphasizes the importance of understanding an attacker's behavior and capabilities to enhance security measures. Attackers often engage in reconnaissance, gathering sensitive information before launching attacks. Social engineering, drawing from deception theory, is a potent approach for collecting such data. The paper employs a Markov Decision Process (MDP) to model attacker states and their decisions regarding deception attacks. The study explores cooperation and deception costs in attacker decision-making. The findings reveal that the optimal strategy for truthfulness or deceit depends on the cost of deception and the attacker's risk tolerance. When cooperation costs are low, attackers tend to cooperate more to gain trust. Conversely, when cooperation costs are high, attackers opt for deception earlier to minimize interaction costs and maximize attack impact. The paper presents case studies and simulations illustrating the trade-off between cooperative and deceptive actions based on attacker costs.
Original languageEnglish
Pages (from-to)109949-109968
Number of pages20
JournalIEEE Access
Volume10
DOIs
StatePublished - 2022

ASJC Scopus Subject Areas

  • General Computer Science
  • General Materials Science
  • General Engineering

Keywords

  • Attack strategy
  • MDP
  • Markov decision process
  • cooperative
  • deceptive
  • optimal solution
  • social engineering attacks

Cite this