{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,5]],"date-time":"2026-03-05T15:30:17Z","timestamp":1772724617239,"version":"3.50.1"},"reference-count":45,"publisher":"Wiley","issue":"1","license":[{"start":{"date-parts":[[2023,9,7]],"date-time":"2023-09-07T00:00:00Z","timestamp":1694044800000},"content-version":"vor","delay-in-days":249,"URL":"http:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["62072467"],"award-info":[{"award-number":["62072467"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["62002384"],"award-info":[{"award-number":["62002384"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100012166","name":"National Key Research and Development Program of China","doi-asserted-by":"publisher","award":["2021YFB1006200"],"award-info":[{"award-number":["2021YFB1006200"]}],"id":[{"id":"10.13039\/501100012166","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100012166","name":"National Key Research and Development Program of China","doi-asserted-by":"publisher","award":["2021YFB1006201"],"award-info":[{"award-number":["2021YFB1006201"]}],"id":[{"id":"10.13039\/501100012166","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["onlinelibrary.wiley.com"],"crossmark-restriction":true},"short-container-title":["International Journal of Intelligent Systems"],"published-print":{"date-parts":[[2023,1]]},"abstract":"<jats:p>The existing cyber deception decision\u2010making model based on game theory primarily focuses on the selection of spatial strategies, which ignores the optimal defense timing and can affect the execution of a defense strategy. Consequently, this paper presents a method for selecting deception strategies based on a multi\u2010stage Flipit game. Firstly, based on the analysis of cyber deception attack and defense, we propose a concept of moving deception attack surface and analyze the characteristics of deception attack and defense interaction behaviors based on the Flipit game model. The Flipit game model is then utilized to create a single\u2010stage deception spatial\u2010temporal decision\u2010making model. Additionally, we introduce the discount factor and transition probability based on a single\u2010stage game model and construct a multi\u2010stage cyber deception model. We provide the utility function of the multi\u2010stage game model, and design a Proximal Policy Optimization algorithm based on deep reinforcement learning to compute the defender\u2019s optimal spatial\u2010temporal strategies. Finally, we utilize an application example to validate the effectiveness of the model and the advantages of the proposed algorithm in generating the multi\u2010stage cyber deception strategy.<\/jats:p>","DOI":"10.1155\/2023\/5560416","type":"journal-article","created":{"date-parts":[[2023,9,7]],"date-time":"2023-09-07T20:05:07Z","timestamp":1694117107000},"update-policy":"https:\/\/doi.org\/10.1002\/crossmark_policy","source":"Crossref","is-referenced-by-count":8,"title":["Flipit Game Deception Strategy Selection Method Based on Deep Reinforcement Learning"],"prefix":"10.1155","volume":"2023","author":[{"ORCID":"https:\/\/orcid.org\/0009-0002-8137-6423","authenticated-orcid":false,"given":"Weizhen","family":"He","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3231-6793","authenticated-orcid":false,"given":"Jinglei","family":"Tan","sequence":"additional","affiliation":[]},{"given":"Yunfei","family":"Guo","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0009-0000-9018-0815","authenticated-orcid":false,"given":"Ke","family":"Shang","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0009-0003-0040-4494","authenticated-orcid":false,"given":"Guanhua","family":"Kong","sequence":"additional","affiliation":[]}],"member":"311","published-online":{"date-parts":[[2023,9,7]]},"reference":[{"key":"e_1_2_11_1_2","doi-asserted-by":"publisher","DOI":"10.1109\/comst.2019.2891891"},{"key":"e_1_2_11_2_2","doi-asserted-by":"publisher","DOI":"10.1145\/3398036"},{"key":"e_1_2_11_3_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2020.102582"},{"key":"e_1_2_11_4_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102288"},{"key":"e_1_2_11_5_2","unstructured":"PawlickJ.andZhuQ. Deception by design: evidence-based signaling games for network defense 2015 https:\/\/arxiv.org\/abs\/1503.05458."},{"key":"e_1_2_11_6_2","doi-asserted-by":"publisher","DOI":"10.1109\/tifs.2018.2886472"},{"key":"e_1_2_11_7_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-34266-0_12"},{"key":"e_1_2_11_8_2","doi-asserted-by":"crossref","unstructured":"HoferW. EdgarT. VrabieD. andNowakK. Model-driven Deception for Control System environments Proceedings of the 2019 IEEE International Symposium on Technologies for Homeland Security (HST) November 2019 Woburn MA USA IEEE 1\u20137.","DOI":"10.1109\/HST47167.2019.9032927"},{"key":"e_1_2_11_9_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-65048-3_13"},{"key":"e_1_2_11_10_2","doi-asserted-by":"crossref","unstructured":"BrzeczkoA. UluagacA. S. BeyahR. andCopelandJ. Active Deception Model for Securing Cloud infrastructure Proceedings of the 2014 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS) December 2014 Toronto Canada IEEE 535\u2013540.","DOI":"10.1109\/INFCOMW.2014.6849288"},{"key":"e_1_2_11_11_2","doi-asserted-by":"publisher","DOI":"10.1007\/s11432-021-3462-4"},{"key":"e_1_2_11_12_2","unstructured":"QasemM.andAlmohriH. M. J. An Efficient Deception Architecture for Cloud-Based Virtual networks 2020 https:\/\/arxiv.org\/abs\/2004.06933."},{"key":"e_1_2_11_13_2","doi-asserted-by":"publisher","DOI":"10.1049\/ise2.12050"},{"key":"e_1_2_11_14_2","doi-asserted-by":"publisher","DOI":"10.1109\/jiot.2021.3081751"},{"key":"e_1_2_11_15_2","doi-asserted-by":"crossref","unstructured":"PourM. S. KhouryJ. andBou-HarbE. HoneyComb: a darknet-centric proactive deception technique for curating IoT malware forensic artifacts Proceedings of the NOMS 2022-2022 ieee\/IFIP network operations and management symposium April 2022 Budapest Hungary IEEE 1\u20139.","DOI":"10.1109\/NOMS54207.2022.9789827"},{"key":"e_1_2_11_16_2","doi-asserted-by":"publisher","DOI":"10.1109\/tnsm.2017.2724239"},{"key":"e_1_2_11_17_2","doi-asserted-by":"crossref","unstructured":"ChiangC. Y. J. VenkatesanS. SugrimS. YouzwakJ. A. ChadhaR. ColbertE. I. CamH. andAlbaneseM. On Defensive Cyber Deception: A Case Study Using SDN Proceedings of the MILCOM 2018-2018 IEEE Military Communications Conference (MILCOM) October 2018 Los Angeles CA USA IEEE 110\u2013115.","DOI":"10.1109\/MILCOM.2018.8599755"},{"key":"e_1_2_11_18_2","doi-asserted-by":"publisher","DOI":"10.1109\/tifs.2021.3075845"},{"key":"e_1_2_11_19_2","doi-asserted-by":"publisher","DOI":"10.1016\/s0167-4048(03)00506-6"},{"key":"e_1_2_11_20_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-64793-3_8"},{"key":"e_1_2_11_21_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-99587-4_48"},{"key":"e_1_2_11_22_2","doi-asserted-by":"publisher","DOI":"10.1002\/sec.242"},{"key":"e_1_2_11_23_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-02110-8_5"},{"key":"e_1_2_11_24_2","unstructured":"AhmadiM. CubuktepeM. JansenN. JungesS. KatoenJ. P. andTopcuU. The Partially Observable Games We Play for Cyber deception 2018 https:\/\/arxiv.org\/abs\/1810.00092."},{"key":"e_1_2_11_25_2","doi-asserted-by":"publisher","DOI":"10.1109\/tifs.2020.3016842"},{"key":"e_1_2_11_26_2","article-title":"Deceiving Cyber Adversaries: A Game Theoretic approach","author":"Schlenker A.","year":"2018","journal-title":"International Conference on Autonomous Agents and Multiagent Systems"},{"key":"e_1_2_11_27_2","unstructured":"YinY. AnB. VorobeychikY. andZhuangJ. Optimal deceptive strategies in security games: a preliminary study 2013 https:\/\/arxiv.org\/pdf\/1905.04833.pdf."},{"key":"e_1_2_11_28_2","unstructured":"AnjumI. MiahM. S. ZhuM. SharminN. KiekintveldC. EnckW. andSinghM. P. Optimizing Vulnerability-Driven Honey Traffic Using Game Theory 2020 https:\/\/arxiv.org\/abs\/2002.09069."},{"key":"e_1_2_11_29_2","unstructured":"NgoH. Q. GuoM. andNguyenH. Near optimal strategies for honeypots placement in dynamic and large active directory networks Proceedings of the 2023 International Conference on Autonomous Agents and Multiagent Systems August 2023 New York NY USA 2517\u20132519."},{"key":"e_1_2_11_30_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cosrev.2023.100544"},{"key":"e_1_2_11_31_2","article-title":"Evolutionary Decision Method for Moving Target Defense Based on Wright-Fisher Process","volume":"15","author":"Tan J.","year":"2022","journal-title":"IEEE Transactions on Dependable and Secure Computing"},{"key":"e_1_2_11_32_2","first-page":"341","article-title":"Using Reinforcement Learning to Conceal Honeypot functionality","author":"Dowling S.","year":"2018","journal-title":"Joint European Conference on Machine Learning and Knowledge Discovery in Databases"},{"key":"e_1_2_11_33_2","doi-asserted-by":"publisher","DOI":"10.1109\/access.2020.2974786"},{"key":"e_1_2_11_34_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-02110-8_1"},{"key":"e_1_2_11_35_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-1-4614-5416-8_1"},{"key":"e_1_2_11_36_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-1-4614-0977-9_8"},{"key":"e_1_2_11_37_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-32699-3_8"},{"key":"e_1_2_11_38_2","doi-asserted-by":"crossref","unstructured":"MaD. TangZ. SunX. GuoL. WangL. andChenK. Game theory approaches for evaluating the deception-based moving target defense Proceedings of the 9th ACM workshop on moving target defense December 2022 New York NY USA 67\u201377.","DOI":"10.1145\/3560828.3563995"},{"key":"e_1_2_11_39_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.comcom.2017.12.001"},{"key":"e_1_2_11_40_2","doi-asserted-by":"publisher","DOI":"10.1007\/s00145-012-9134-5"},{"key":"e_1_2_11_41_2","doi-asserted-by":"publisher","DOI":"10.3724\/sp.j.1001.2011.03751"},{"key":"e_1_2_11_42_2","unstructured":"SchulmanJ. WolskiF. DhariwalP. RadfordA. andKlimovO. Proximal Policy Optimization algorithms 2017 https:\/\/arxiv.org\/abs\/1707.06347."},{"key":"e_1_2_11_43_2","first-page":"369","article-title":"A theory of regular Markov perfect equilibria in dynamic stochastic games genericity, stability and purification","volume":"5","author":"Doraszelski U.","year":"2015","journal-title":"Theoretical Economics"},{"key":"e_1_2_11_44_2","doi-asserted-by":"publisher","DOI":"10.1287\/opre.1050.0216"},{"key":"e_1_2_11_45_2","unstructured":"China National Vulnerability Database of Information Security China National Vulnerability Database of Information Security 2020 https:\/\/blog.csdn.net\/weixin_41686586\/article\/details\/113996298."}],"container-title":["International Journal of Intelligent Systems"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/downloads.hindawi.com\/journals\/ijis\/2023\/5560416.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/downloads.hindawi.com\/journals\/ijis\/2023\/5560416.xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/onlinelibrary.wiley.com\/doi\/pdf\/10.1155\/2023\/5560416","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,12,31]],"date-time":"2024-12-31T05:27:55Z","timestamp":1735622875000},"score":1,"resource":{"primary":{"URL":"https:\/\/onlinelibrary.wiley.com\/doi\/10.1155\/2023\/5560416"}},"subtitle":[],"editor":[{"given":"Paolo","family":"Gastaldo","sequence":"additional","affiliation":[]}],"short-title":[],"issued":{"date-parts":[[2023,1]]},"references-count":45,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2023,1]]}},"alternative-id":["10.1155\/2023\/5560416"],"URL":"https:\/\/doi.org\/10.1155\/2023\/5560416","archive":["Portico"],"relation":{},"ISSN":["0884-8173","1098-111X"],"issn-type":[{"value":"0884-8173","type":"print"},{"value":"1098-111X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,1]]},"assertion":[{"value":"2023-03-17","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2023-07-22","order":2,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2023-09-07","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}],"article-number":"5560416"}}