{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,16]],"date-time":"2025-10-16T14:01:51Z","timestamp":1760623311200,"version":"3.40.3"},"publisher-location":"Cham","reference-count":35,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783031263682"},{"type":"electronic","value":"9783031263699"}],"license":[{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023]]},"DOI":"10.1007\/978-3-031-26369-9_5","type":"book-chapter","created":{"date-parts":[[2023,2,8]],"date-time":"2023-02-08T12:43:17Z","timestamp":1675860197000},"page":"87-106","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Using Deception in\u00a0Markov Game to\u00a0Understand Adversarial Behaviors Through a\u00a0Capture-The-Flag Environment"],"prefix":"10.1007","author":[{"given":"Siddhant","family":"Bhambri","sequence":"first","affiliation":[]},{"given":"Purv","family":"Chauhan","sequence":"additional","affiliation":[]},{"given":"Frederico","family":"Araujo","sequence":"additional","affiliation":[]},{"given":"Adam","family":"Doup\u00e9","sequence":"additional","affiliation":[]},{"given":"Subbarao","family":"Kambhampati","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2023,2,9]]},"reference":[{"key":"5_CR1","unstructured":"Abbasi, Y., et al.: Know your adversary: insights for a better adversarial behavioral model. In: CogSci (2016)"},{"key":"5_CR2","doi-asserted-by":"crossref","unstructured":"Conitzer, V., Sandholm, T.: Computing the optimal strategy to commit to. In: Proceedings of the 7th ACM Conference on Electronic Commerce, pp. 82\u201390 (2006)","DOI":"10.1145\/1134707.1134717"},{"key":"5_CR3","doi-asserted-by":"crossref","unstructured":"Heckman, K.E., Stech, F.J., Thomas, R.K., Schmoker, B., Tsow, A.W.: Cyber denial, deception and counter deception: a framework for supporting active cyber defense. Adv. Inf. Secur. 64 (2015)","DOI":"10.1007\/978-3-319-25133-2"},{"key":"5_CR4","doi-asserted-by":"crossref","unstructured":"Araujo, F., Hamlen, K.W., Biedermann, S., Katzenbeisser, S.: From patches to honey-patches: lightweight attacker misdirection, deception, and disinformation. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 942\u2013953 (2014)","DOI":"10.1145\/2660267.2660329"},{"key":"5_CR5","doi-asserted-by":"crossref","unstructured":"Araujo, F., Sengupta, S., Jang, J., Doup\u00e9, A., Hamlen, K.W., Kambhampati, S.: Software deception steering through version emulation. In: HICSS, pp. 1\u201310 (2021)","DOI":"10.24251\/HICSS.2021.243"},{"issue":"4","key":"5_CR6","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3214305","volume":"51","author":"X Han","year":"2018","unstructured":"Han, X., Kheir, N., Balzarotti, D.: Deception techniques in computer security: a research perspective. ACM Comput. Surv. 51(4), 1\u201336 (2018)","journal-title":"ACM Comput. Surv."},{"key":"5_CR7","doi-asserted-by":"crossref","unstructured":"Almeshekah, M.H., Spafford, E.H.: Planning and integrating deception into computer security defenses. In: Proceedings of the New Security Paradigms Workshop, pp. 127\u2013138 (2014)","DOI":"10.1145\/2683467.2683482"},{"key":"5_CR8","doi-asserted-by":"publisher","first-page":"203","DOI":"10.1007\/978-3-319-32699-3_9","volume-title":"Cyber Deception","author":"F Araujo","year":"2016","unstructured":"Araujo, F., Hamlen, K.W.: Embedded honeypotting. In: Jajodia, S., Subrahmanian, V.S.S., Swarup, V., Wang, C. (eds.) Cyber Deception, pp. 203\u2013233. Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-32699-3_9"},{"key":"5_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"492","DOI":"10.1007\/978-3-030-32430-8_29","volume-title":"Decision and Game Theory for Security","author":"S Sengupta","year":"2019","unstructured":"Sengupta, S., Chowdhary, A., Huang, D., Kambhampati, S.: General sum Markov games for strategic detection of advanced persistent threats using moving target defense in cloud networks. In: Alpcan, T., Vorobeychik, Y., Baras, J.S., D\u00e1n, G. (eds.) GameSec 2019. LNCS, vol. 11836, pp. 492\u2013512. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-32430-8_29"},{"key":"5_CR10","unstructured":"Trickel, E., et al.: Shell we play a game? CTF-as-a-service for security education. In: 2017 USENIX Workshop on Advances in Security Education (ASE 17), Vancouver, BC (2017)"},{"key":"5_CR11","unstructured":"Vigna, G., et al.: Ten years of iCTF: the good, the bad, and the ugly. In: 2014 USENIX Summit on Gaming, Games, and Gamification in Security Education, 3GSE 2014 (2014)"},{"key":"5_CR12","doi-asserted-by":"crossref","unstructured":"Araujo, F., Taylor, T.: Improving cybersecurity hygiene through JIT patching. In: Proceedings of the 28th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering, pp. 1421\u20131432 (2020)","DOI":"10.1145\/3368089.3417056"},{"key":"5_CR13","doi-asserted-by":"crossref","unstructured":"Taylor, T., Araujo, F., Shu, X.: Towards an open format for scalable system telemetry. In: 2020 IEEE International Conference on Big Data (Big Data), pp. 1031\u20131040 (2020)","DOI":"10.1109\/BigData50022.2020.9378294"},{"key":"5_CR14","unstructured":"SysFlow. Cloud-native system telemetry pipeline (2022). https:\/\/github.com\/sysflow-telemetry"},{"key":"5_CR15","unstructured":"Araujo, F., Taylor, T.: A pluggable edge-processing pipeline for SysFlow. In FloCon (2021)"},{"key":"5_CR16","unstructured":"Durkota, K., Lis\u1ef3, V., Bo\u0161ansk\u1ef3, B., Kiekintveld, C.: Optimal network security hardening using attack graph games. In: Twenty-Fourth International Joint Conference on Artificial Intelligence (2015)d"},{"key":"5_CR17","unstructured":"Letchford, J., Vorobeychik, Y.: Optimal interdiction of attack plans. In: AAMAS, pp. 199\u2013206. Citeseer (2013)"},{"key":"5_CR18","doi-asserted-by":"crossref","unstructured":"Lallie, H.S., Debattista, K., Bal, J.: A review of attack graph and attack tree visual syntax in cyber security. Comput. Sci. Rev. 35, 100219 (2020)","DOI":"10.1016\/j.cosrev.2019.100219"},{"key":"5_CR19","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"623","DOI":"10.1007\/978-3-030-01554-1_36","volume-title":"Decision and Game Theory for Security","author":"A Basak","year":"2018","unstructured":"Basak, A., et al.: An initial study of targeted personality models in the FlipIt game. In: Bushnell, L., Poovendran, R., Ba\u015far, T. (eds.) GameSec 2018. LNCS, vol. 11199, pp. 623\u2013636. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-030-01554-1_36"},{"key":"5_CR20","doi-asserted-by":"crossref","unstructured":"Littman, M.L.: Markov games as a framework for multi-agent reinforcement learning. In: Machine Learning Proceedings 1994, pp. 157\u2013163. Elsevier (1994)","DOI":"10.1016\/B978-1-55860-335-6.50027-1"},{"key":"5_CR21","doi-asserted-by":"crossref","unstructured":"Zhuang, R., Deloach, S., Ou, X.: Towards a theory of moving target defense. In: 2014 Proceedings of the ACM Conference on Computer and Communications Security, pp. 31\u201340 (2014)","DOI":"10.1145\/2663474.2663479"},{"key":"5_CR22","doi-asserted-by":"crossref","unstructured":"Taguinod, M., Doup\u00e9, A., Zhao, Z., Ahn, G.-J.: Toward a moving target defense for web applications. In: 2015 IEEE International Conference on Information Reuse and Integration, pp. 510\u2013517 (2015)","DOI":"10.1109\/IRI.2015.84"},{"key":"5_CR23","series-title":"EAI\/Springer Innovations in Communication and Computing","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1007\/978-3-030-19353-9_1","volume-title":"Advances in Cyber Security Analytics and Decision Systems","author":"ML Winterrose","year":"2020","unstructured":"Winterrose, M.L., Carter, K.M., Wagner, N., Streilein, W.W.: Adaptive attacker strategy development against moving target cyber defenses. In: Shandilya, S.K., Wagner, N., Nagar, A.K. (eds.) Advances in Cyber Security Analytics and Decision Systems. EICC, pp. 1\u201314. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-19353-9_1"},{"key":"5_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"354","DOI":"10.1007\/978-3-030-90370-1_19","volume-title":"Decision and Game Theory for Security","author":"E Galinkin","year":"2021","unstructured":"Galinkin, E., Carter, J., Mancoridis, S.: Evaluating attacker risk behavior in an internet of things ecosystem. In: Bo\u0161ansk\u00fd, B., Gonzalez, C., Rass, S., Sinha, A. (eds.) GameSec 2021. LNCS, vol. 13061, pp. 354\u2013364. Springer, Cham (2021). https:\/\/doi.org\/10.1007\/978-3-030-90370-1_19"},{"key":"5_CR25","unstructured":"Zychowski, A., Mandziuk, J.: Learning attacker\u2019s bounded rationality model in security games. CoRR, abs\/2109.13036 (2021)"},{"issue":"2","key":"5_CR26","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1145\/3057268","volume":"50","author":"CT Do","year":"2017","unstructured":"Do, C.T., et al.: Game theory for cyber security and privacy. ACM Comput. Surv. 50(2), 1\u201337 (2017)","journal-title":"ACM Comput. Surv."},{"key":"5_CR27","unstructured":"Stransky, C., et al.: Lessons learned from using an online platform to conduct $$\\{$$Large-Scale$$\\}$$, online controlled security experiments with software developers. In: 10th USENIX Workshop on Cyber Security Experimentation and Test (CSET 2017) (2017)"},{"key":"5_CR28","doi-asserted-by":"crossref","unstructured":"Schwab, S., Kline, E.: Cybersecurity experimentation at program scale: guidelines and principles for future testbeds. In: 2019 IEEE European Symposium on Security and Privacy Workshops (EuroS &PW), pp. 94\u2013102. IEEE (2019)","DOI":"10.1109\/EuroSPW.2019.00017"},{"key":"5_CR29","unstructured":"Salem, M.B., Stolfo, S.J.: On the design and execution of $$\\{$$Cyber-Security$$\\}$$ user studies: methodology, challenges, and lessons learned. In: 4th Workshop on Cyber Security Experimentation and Test (CSET 2011) (2011)"},{"issue":"4","key":"5_CR30","doi-asserted-by":"publisher","first-page":"383","DOI":"10.1109\/TLT.2015.2424692","volume":"8","author":"K Salah","year":"2015","unstructured":"Salah, K., Hammoud, M., Zeadally, S.: Teaching cybersecurity using the cloud. IEEE Trans. Learn. Technol. 8(4), 383\u2013392 (2015)","journal-title":"IEEE Trans. Learn. Technol."},{"issue":"1","key":"5_CR31","doi-asserted-by":"publisher","first-page":"73","DOI":"10.1109\/MSP.2012.23","volume":"10","author":"J Mirkovic","year":"2012","unstructured":"Mirkovic, J., Benzel, T.: Teaching cybersecurity with DeterLab. IEEE Secur. Priv. 10(1), 73\u201376 (2012)","journal-title":"IEEE Secur. Priv."},{"key":"5_CR32","doi-asserted-by":"crossref","unstructured":"M\u00e4ses, S., Kikerpill, K., J\u00fcristo, K., Maennel, O.: Mixed methods research approach and experimental procedure for measuring human factors in cybersecurity using phishing simulations. In: 18th European Conference on Research Methodology for Business and Management Studies, p. 218 (2019)","DOI":"10.34190\/RM.19.097"},{"key":"5_CR33","unstructured":"Kavak, H., Padilla, J.J., Vernon-Bido, D., Gore, R., Diallo, S.: A characterization of cybersecurity simulation scenarios. In: SpringSim (CNS) (2016)"},{"key":"5_CR34","doi-asserted-by":"crossref","unstructured":"Aljohani, A., Jones, J.: Conducting malicious cybersecurity experiments on crowdsourcing platforms. In: The 2021 3rd International Conference on Big Data Engineering, pp. 150\u2013161 (2021)","DOI":"10.1145\/3468920.3468942"},{"key":"5_CR35","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"47","DOI":"10.1007\/978-3-642-34210-3_4","volume-title":"Secure IT Systems","author":"T Sommestad","year":"2012","unstructured":"Sommestad, T., Hallberg, J.: Cyber security exercises and competitions as a platform for cyber security experiments. In: J\u00f8sang, A., Carlsson, B. (eds.) NordSec 2012. LNCS, vol. 7617, pp. 47\u201360. Springer, Heidelberg (2012). https:\/\/doi.org\/10.1007\/978-3-642-34210-3_4"}],"container-title":["Lecture Notes in Computer Science","Decision and Game Theory for Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-26369-9_5","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,2,8]],"date-time":"2023-02-08T13:05:14Z","timestamp":1675861514000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-26369-9_5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023]]},"ISBN":["9783031263682","9783031263699"],"references-count":35,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-26369-9_5","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2023]]},"assertion":[{"value":"9 February 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"GameSec","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Decision and Game Theory for Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"PIttsburgh, PA","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2022","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"26 October 2022","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"28 October 2022","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"13","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"gamesec2022","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/www.gamesec-conf.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Easychair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"39","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"15","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"38% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}